CVSS: 6.5EPSS: 2%CPEs: 20EXPL: 0CVE-2020-1091 – Windows Graphics Component Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2020-1091
<p>An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise a user’s system.</p> <p>There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document or by convincing a user to visit an untrusted webpage.</p> <p>The update addresses the vulnerability by correcting how the Windows GDI component handles objects in memory.</p> Se presenta una vulnerabilidad de divulgación de información cuando el componente Windows GDI revela inapropiadamente el contenido de su memoria, también se conoce como "Windows Graphics Component Information Disclosure Vulnerability". • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1091 •
CVSS: 7.8EPSS: 0%CPEs: 20EXPL: 0CVE-2020-1052 – Windows Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2020-1052
<p>An elevation of privilege vulnerability exists in the way that the ssdpsrv.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.</p> <p>To exploit the vulnerability, a locally authenticated attacker could run a specially crafted application.</p> <p>The security update addresses the vulnerability by ensuring the ssdpsrv.dll properly handles objects in memory.</p> Se presenta una vulnerabilidad de escalada de privilegios en la manera en que la biblioteca ssdpsrv.dll maneja objetos en memoria, también se conoce como "Windows Elevation of Privilege Vulnerability". • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1052 •
CVSS: 5.5EPSS: 0%CPEs: 20EXPL: 0CVE-2020-1038 – Windows Routing Utilities Denial of Service
https://notcve.org/view.php?id=CVE-2020-1038
<p>A denial of service vulnerability exists when Windows Routing Utilities improperly handles objects in memory. An attacker who successfully exploited the vulnerability could cause a target system to stop responding.</p> <p>To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application. The vulnerability would not allow an attacker to execute code or to elevate user rights directly, but it could be used to cause a target system to stop responding.</p> <p>The update addresses the vulnerability by correcting how Windows handles objects in memory. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1038 •
CVSS: 7.8EPSS: 0%CPEs: 17EXPL: 2CVE-2020-1034 – Windows Kernel Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2020-1034
<p>An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.</p> <p>To exploit the vulnerability, a locally authenticated attacker could run a specially crafted application.</p> <p>The security update addresses the vulnerability by ensuring the Windows Kernel properly handles objects in memory.</p> Se presenta una vulnerabilidad de escalada de privilegios en la manera en que el Kernel de Windows maneja objetos en memoria, también se conoce como "Windows Kernel Elevation of Privilege Vulnerability" • https://github.com/yardenshafir/CVE-2020-1034 https://github.com/GeorgiiFirsov/CVE-2020-1034 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1034 •
CVSS: 5.5EPSS: 0%CPEs: 13EXPL: 0CVE-2020-1033 – Windows Kernel Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2020-1033
<p>An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.</p> <p>An authenticated attacker could exploit this vulnerability by running a specially crafted application.</p> <p>The update addresses the vulnerability by correcting how the Windows kernel handles objects in memory.</p> Se presenta una vulnerabilidad de divulgación de información cuando el kernel de Windows maneja inapropiadamente objetos en memoria, también se conoce como "Windows Kernel Information Disclosure Vulnerability". • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1033 •