CVSS: 7.8EPSS: 0%CPEs: 20EXPL: 0CVE-2020-1520 – Windows Font Driver Host Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2020-1520
A remote code execution vulnerability exists when the Windows Font Driver Host improperly handles memory. An attacker who successfully exploited the vulnerability would gain execution on a victim system. The security update addresses the vulnerability by correcting how the Windows Font Driver Host handles memory. Se presenta una vulnerabilidad de ejecución de código remota cuando el Windows Font Driver Host maneja inapropiadamente la memoria. Un atacante que explotara con éxito la vulnerabilidad podría conseguir una ejecución en el sistema víctima. La actualización de seguridad aborda la vulnerabilidad al corregir cómo el Windows Font Driver Host maneja la memoria, también se conoce como "Windows Font Driver Host Remote Code Execution Vulnerability". This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1520 •
CVSS: 7.8EPSS: 0%CPEs: 15EXPL: 0CVE-2020-1556 – Windows WalletService Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2020-1556
An elevation of privilege vulnerability exists in the way that the Windows WalletService handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. To exploit the vulnerability, a locally authenticated attacker could run a specially crafted application. The security update addresses the vulnerability by ensuring the Windows WalletService properly handles objects in memory. Se presenta una vulnerabilidad de elevación de privilegios en la manera en que Windows WalletService maneja objetos en memoria, también se conoce como "Windows WalletService Elevation of Privilege Vulnerability". Este ID de CVE es diferente de CVE-2020-1533. This vulnerability allows local attackers to disclose sensitive information on affected installations of Microsoft Windows. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1556 •
CVSS: 7.8EPSS: 0%CPEs: 21EXPL: 0CVE-2020-1577 – DirectWrite Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2020-1577
An information disclosure vulnerability exists when DirectWrite improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage. The security update addresses the vulnerability by correcting how DirectWrite handles objects in memory. Se presenta una vulnerabilidad de divulgación de información cuando DirectWrite revela inapropiadamente el contenido de su memoria, también se conoce como "DirectWrite Information Disclosure Vulnerability". This vulnerability allows remote attackers to disclose sensitive information on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of TTF files by GDI routines. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1577 •
CVSS: 7.8EPSS: 0%CPEs: 20EXPL: 5CVE-2020-1337 – Windows Print Spooler Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2020-1337
An elevation of privilege vulnerability exists when the Windows Print Spooler service improperly allows arbitrary writing to the file system. An attacker who successfully exploited this vulnerability could run arbitrary code with elevated system privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted script or application. The update addresses the vulnerability by correcting how the Windows Print Spooler Component writes to the file system. Se presenta una vulnerabilidad de elevación de privilegios cuando el servicio de Windows Print Spooler permite inapropiadamente la escritura arbitraria en el sistema de archivos, también se conoce como "Windows Print Spooler Elevation of Privilege Vulnerability". This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. • https://github.com/math1as/CVE-2020-1337-exploit https://github.com/neofito/CVE-2020-1337 https://github.com/VoidSec/CVE-2020-1337 http://packetstormsecurity.com/files/160028/Microsoft-Windows-Local-Spooler-Bypass.html http://packetstormsecurity.com/files/160993/Microsoft-Spooler-Local-Privilege-Elevation.html https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1337 https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2020-1337 https://github.com/sailay1996/cve-2 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 6.4EPSS: 0%CPEs: 32EXPL: 0CVE-2020-15705 – GRUB2: avoid loading unsigned kernels when GRUB is booted directly under secureboot without shim
https://notcve.org/view.php?id=CVE-2020-15705
GRUB2 fails to validate kernel signature when booted directly without shim, allowing secure boot to be bypassed. This only affects systems where the kernel signing certificate has been imported directly into the secure boot database and the GRUB image is booted directly without the use of shim. This issue affects GRUB2 version 2.04 and prior versions. GRUB2 presenta un fallo al comprobar la firma del kernel cuando se inicia directamente sin cuña, permitiendo que el arranque seguro sea omitido. Esto solo afecta a los sistemas en los que el certificado de firma del kernel ha sido importado directamente a la base de datos de arranque seguro y la imagen de GRUB es iniciada directamente sin el uso de cuña. • http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00067.html http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00069.html http://ubuntu.com/security/notices/USN-4432-1 http://www.openwall.com/lists/oss-security/2020/07/29/3 http://www.openwall.com/lists/oss-security/2021/03/02/3 http://www.openwall.com/lists/oss-security/2021/09/17/2 http://www.openwall.com/lists/oss-security/2021/09/17/4 http://www.openwall.com/lists/oss-security&#x • CWE-347: Improper Verification of Cryptographic Signature CWE-440: Expected Behavior Violation •