CVSS: 7.8EPSS: 0%CPEs: 20EXPL: 0CVE-2020-1052 – Windows Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2020-1052
<p>An elevation of privilege vulnerability exists in the way that the ssdpsrv.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.</p> <p>To exploit the vulnerability, a locally authenticated attacker could run a specially crafted application.</p> <p>The security update addresses the vulnerability by ensuring the ssdpsrv.dll properly handles objects in memory.</p> Se presenta una vulnerabilidad de escalada de privilegios en la manera en que la biblioteca ssdpsrv.dll maneja objetos en memoria, también se conoce como "Windows Elevation of Privilege Vulnerability". • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1052 •
CVSS: 5.5EPSS: 0%CPEs: 20EXPL: 0CVE-2020-1038 – Windows Routing Utilities Denial of Service
https://notcve.org/view.php?id=CVE-2020-1038
<p>A denial of service vulnerability exists when Windows Routing Utilities improperly handles objects in memory. An attacker who successfully exploited the vulnerability could cause a target system to stop responding.</p> <p>To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application. The vulnerability would not allow an attacker to execute code or to elevate user rights directly, but it could be used to cause a target system to stop responding.</p> <p>The update addresses the vulnerability by correcting how Windows handles objects in memory. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1038 •
CVSS: 7.8EPSS: 0%CPEs: 17EXPL: 2CVE-2020-1034 – Windows Kernel Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2020-1034
<p>An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.</p> <p>To exploit the vulnerability, a locally authenticated attacker could run a specially crafted application.</p> <p>The security update addresses the vulnerability by ensuring the Windows Kernel properly handles objects in memory.</p> Se presenta una vulnerabilidad de escalada de privilegios en la manera en que el Kernel de Windows maneja objetos en memoria, también se conoce como "Windows Kernel Elevation of Privilege Vulnerability" • https://github.com/yardenshafir/CVE-2020-1034 https://github.com/GeorgiiFirsov/CVE-2020-1034 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1034 •
CVSS: 7.5EPSS: 2%CPEs: 20EXPL: 0CVE-2020-1031 – Windows DHCP Server Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2020-1031
<p>An information disclosure vulnerability exists in the way that the Windows Server DHCP service improperly discloses the contents of its memory.</p> <p>To exploit the vulnerability, an unauthenticated attacker could send a specially crafted packet to an affected DHCP server. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.</p> <p>The security update addresses the vulnerability by correcting how DHCP servers initializes memory.</p> Se presenta una vulnerabilidad de divulgación de información en la manera en que el servicio Windows Server DHCP revela inapropiadamente el contenido de su memoria. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1031 •
CVSS: 5.5EPSS: 0%CPEs: 13EXPL: 0CVE-2020-1033 – Windows Kernel Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2020-1033
<p>An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.</p> <p>An authenticated attacker could exploit this vulnerability by running a specially crafted application.</p> <p>The update addresses the vulnerability by correcting how the Windows kernel handles objects in memory.</p> Se presenta una vulnerabilidad de divulgación de información cuando el kernel de Windows maneja inapropiadamente objetos en memoria, también se conoce como "Windows Kernel Information Disclosure Vulnerability". • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1033 •