CVSS: 7.8EPSS: 0%CPEs: 11EXPL: 0CVE-2020-1243 – Windows Hyper-V Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2020-1243
16 Oct 2020 —
A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate specific malicious data from a user on a guest operating system.
To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system, running as a virtual machine, could run a specially crafted application.
The security update addresses the vulnerability by resolving the conditions where Hyper-V would fail to handle these requests.
Se present... • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1243 •CVSS: 9.3EPSS: 13%CPEs: 10EXPL: 0CVE-2020-1167 – Microsoft Graphics Components Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2020-1167
16 Oct 2020 —
A remote code execution vulnerability exists in the way that Microsoft Graphics Components handle objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code on a target system.
To exploit the vulnerability, a user would have to open a specially crafted file.
The security update addresses the vulnerability by correcting how Microsoft Graphics Components handle objects in memory.
Se presenta una vulnerabilidad de ejecución de código remota en ... • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1167 • CWE-20: Improper Input Validation CWE-787: Out-of-bounds Write •CVSS: 7.8EPSS: 0%CPEs: 15EXPL: 0CVE-2020-16976 – Windows Backup Service Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2020-16976
16 Oct 2020 —
An elevation of privilege vulnerability exists when the Windows Backup Service improperly handles file operations.
To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.
The security update addresses the vulnerability by correcting how the Windows Backup Service handles file operations.
Se presenta una vulnerabilidad de escalada de privilegios cuando el Windows ... • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16976 •CVSS: 7.8EPSS: 0%CPEs: 15EXPL: 0CVE-2020-16975 – Windows Backup Service Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2020-16975
16 Oct 2020 —
An elevation of privilege vulnerability exists when the Windows Backup Service improperly handles file operations.
To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.
The security update addresses the vulnerability by correcting how the Windows Backup Service handles file operations.
Se presenta una vulnerabilidad de escalada de privilegios cuando el Windows ... • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16975 •CVSS: 7.8EPSS: 0%CPEs: 15EXPL: 0CVE-2020-16974 – Windows Backup Service Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2020-16974
16 Oct 2020 —
An elevation of privilege vulnerability exists when the Windows Backup Service improperly handles file operations.
To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.
The security update addresses the vulnerability by correcting how the Windows Backup Service handles file operations.
Se presenta una vulnerabilidad de escalada de privilegios cuando el Windows ... • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16974 •CVSS: 7.8EPSS: 0%CPEs: 15EXPL: 0CVE-2020-16973 – Windows Backup Service Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2020-16973
16 Oct 2020 —
An elevation of privilege vulnerability exists when the Windows Backup Service improperly handles file operations.
To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.
The security update addresses the vulnerability by correcting how the Windows Backup Service handles file operations.
Se presenta una vulnerabilidad de escalada de privilegios cuando el Windows ... • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16973 •CVSS: 7.8EPSS: 0%CPEs: 15EXPL: 0CVE-2020-16972 – Windows Backup Service Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2020-16972
16 Oct 2020 —
An elevation of privilege vulnerability exists when the Windows Backup Service improperly handles file operations.
To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.
The security update addresses the vulnerability by correcting how the Windows Backup Service handles file operations.
Se presenta una vulnerabilidad de escalada de privilegios cuando el Windows ... • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16972 •CVSS: 9.3EPSS: 12%CPEs: 8EXPL: 0CVE-2020-16968 – Windows Camera Codec Pack Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2020-16968
16 Oct 2020 —
A remote code execution vulnerability exists when the Windows Camera Codec Pack improperly handles objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured... • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16968 • CWE-20: Improper Input Validation CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 0%CPEs: 26EXPL: 0CVE-2020-16949 – Microsoft Outlook Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2020-16949
16 Oct 2020 —
A denial of service vulnerability exists in Microsoft Outlook software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could cause a remote denial of service against a system.
Exploitation of the vulnerability requires that a specially crafted email be sent to a vulnerable Outlook server.
The security update addresses the vulnerability by correcting how Microsoft Outlook handles objects in memory.
Se presenta una vul... • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16949 • CWE-401: Missing Release of Memory after Effective Lifetime •CVSS: 7.8EPSS: 0%CPEs: 20EXPL: 0CVE-2020-16940 – Windows - User Profile Service Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2020-16940
16 Oct 2020 —
An elevation of privilege vulnerability exists when the Windows User Profile Service (ProfSvc) improperly handles junction points. An attacker who successfully exploited this vulnerability could delete files and folders in an elevated context.
To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and delete files or folders of their choosing.
The security update add... • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16940 • CWE-269: Improper Privilege Management •