Page 69 of 1825 results (0.011 seconds)

CVSS: 4.3EPSS: 0%CPEs: 10EXPL: 0

An information disclosure vulnerability exists when Skype for Business is accessed via Microsoft Edge (EdgeHTML-based), aka 'Skype for Business via Microsoft Edge (EdgeHTML-based) Information Disclosure Vulnerability'. Se presenta una vulnerabilidad de divulgación de información cuando se accede a Skype for Business por medio de Microsoft Edge (EdgeHTML-based), también se conoce como "Skype for Business via Microsoft Edge (EdgeHTML-based) Information Disclosure Vulnerability" • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1462 •

CVSS: 7.8EPSS: 0%CPEs: 21EXPL: 0

An elevation of privilege vulnerability exists in the way that the Windows Network Connections Service handles objects in memory, aka 'Windows Network Connections Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1373, CVE-2020-1390, CVE-2020-1427, CVE-2020-1428. Se presenta una vulnerabilidad de elevación de privilegios en la manera en que el Windows Network Connections Service maneja objetos en memoria, también se conoce como "Windows Network Connections Service Elevation of Privilege Vulnerability". Este ID de CVE es diferente de CVE-2020-1373, CVE-2020-1390, CVE-2020-1427, CVE-2020-1428 • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1438 •

CVSS: 7.8EPSS: 0%CPEs: 20EXPL: 0

An elevation of privilege vulnerability exists in the way that the Windows Network Location Awareness Service handles objects in memory, aka 'Windows Network Location Awareness Service Elevation of Privilege Vulnerability'. Se presenta una vulnerabilidad de elevación de privilegios en la manera en que el Windows Network Location Awareness Service maneja objetos en memoria, también se conoce como "Windows Network Location Awareness Service Elevation of Privilege Vulnerability" • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1437 •

CVSS: 8.8EPSS: 10%CPEs: 20EXPL: 0

A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted fonts.For all systems except Windows 10, an attacker who successfully exploited the vulnerability could execute code remotely, aka 'Windows Font Library Remote Code Execution Vulnerability'. Se presenta una vulnerabilidad de ejecución de código remota cuando Windows Font Library maneja inapropiadamente fuentes especialmente diseñadas. Para todos los sistemas, excepto Windows 10, un atacante que haya explotado con éxito la vulnerabilidad podría ejecutar código remotamente, también se conoce como "Windows Font Library Remote Code Execution Vulnerability" This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the parsing of fonts. Crafted data in a font can trigger a write past the end of a heap-based buffer. • http://www.openwall.com/lists/oss-security/2020/08/25/3 http://www.openwall.com/lists/oss-security/2020/08/25/5 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1436 https://www.zerodayinitiative.com/advisories/ZDI-20-877 • CWE-787: Out-of-bounds Write •

CVSS: 9.3EPSS: 4%CPEs: 20EXPL: 0

A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory, aka 'GDI+ Remote Code Execution Vulnerability'. Se presenta una vulnerabilidad de ejecución de código remota en la manera en que la Windows Graphics Device Interface (GDI) maneja objetos en memoria, también se conoce como "GDI+ Remote Code Execution Vulnerability" • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1435 •