VYPR

Vendor CVEs

Microsoft

All CVEs

14,319 total · sorted by risk
  • CVE-2020-1597HigAug 17, 2020
    risk 0.49cvss 7.5epss 0.07

    A denial of service vulnerability exists when ASP.NET Core improperly handles web requests. An attacker who successfully exploited this vulnerability could cause a denial of service against an ASP.NET Core web application. The vulnerability can be exploited remotely, without…

  • CVE-2020-1570HigAug 17, 2020
    risk 0.49cvss 7.5epss 0.09

    A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker…

  • CVE-2020-1568HigAug 17, 2020
    risk 0.49cvss 7.5epss 0.03

    A remote code execution vulnerability exists when Microsoft Edge PDF Reader improperly handles objects in memory. The vulnerability could corrupt memory in such a way that enables an attacker to execute arbitrary code in the context of the current user. An attacker who…

  • CVE-2020-1565HigAug 17, 2020
    risk 0.49cvss 7.5epss 0.03

    An elevation of privilege vulnerability exists when the "Public Account Pictures" folder improperly handles junctions. To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted…

  • CVE-2020-1459HigAug 17, 2020
    risk 0.49cvss 7.5epss 0.04

    An information disclosure vulnerability exists on ARM implementations that use speculative execution in control flow via a side-channel analysis, aka "straight-line speculation." To exploit this vulnerability, an attacker with local privileges would need to run a…

  • CVE-2020-1378HigAug 17, 2020
    risk 0.49cvss 7.5epss 0.04

    An elevation of privilege vulnerability exists when the Windows Kernel API improperly handles registry objects in memory. An attacker who successfully exploited the vulnerability could gain elevated privileges on a targeted system. A locally authenticated attacker could exploit…

  • CVE-2020-1374HigJul 14, 2020
    risk 0.49cvss 7.5epss 0.08

    A remote code execution vulnerability exists in the Windows Remote Desktop Client when a user connects to a malicious server, aka 'Remote Desktop Client Remote Code Execution Vulnerability'.

  • CVE-2020-1260HigJun 9, 2020
    risk 0.49cvss 7.5epss 0.07

    A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'VBScript Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1213, CVE-2020-1214, CVE-2020-1215, CVE-2020-1216, CVE-2020-1230.

  • CVE-2020-1230HigJun 9, 2020
    risk 0.49cvss 7.5epss 0.07

    A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'VBScript Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1213, CVE-2020-1214, CVE-2020-1215, CVE-2020-1216, CVE-2020-1260.

  • CVE-2020-1216HigJun 9, 2020
    risk 0.49cvss 7.5epss 0.07

    A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'VBScript Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1213, CVE-2020-1214, CVE-2020-1215, CVE-2020-1230, CVE-2020-1260.

  • CVE-2020-1215HigJun 9, 2020
    risk 0.49cvss 7.5epss 0.08

    A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'VBScript Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1213, CVE-2020-1214, CVE-2020-1216, CVE-2020-1230, CVE-2020-1260.

  • CVE-2020-1214HigJun 9, 2020
    risk 0.49cvss 7.5epss 0.08

    A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'VBScript Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1213, CVE-2020-1215, CVE-2020-1216, CVE-2020-1230, CVE-2020-1260.

  • CVE-2020-1213HigJun 9, 2020
    risk 0.49cvss 7.5epss 0.07

    A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'VBScript Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1214, CVE-2020-1215, CVE-2020-1216, CVE-2020-1230, CVE-2020-1260.

  • CVE-2020-1161HigMay 21, 2020
    risk 0.49cvss 7.5epss 0.06

    A denial of service vulnerability exists when ASP.NET Core improperly handles web requests, aka 'ASP.NET Core Denial of Service Vulnerability'.

  • CVE-2020-1113HigMay 21, 2020
    risk 0.49cvss 7.5epss 0.07

    A security feature bypass vulnerability exists in Microsoft Windows when the Task Scheduler service fails to properly verify client connections over RPC, aka 'Windows Task Scheduler Security Feature Bypass Vulnerability'.

  • CVE-2020-1096HigMay 21, 2020
    risk 0.49cvss 7.5epss 0.07

    A remote code execution vulnerability exists when Microsoft Edge PDF Reader improperly handles objects in memory, aka 'Microsoft Edge PDF Remote Code Execution Vulnerability'.

  • CVE-2020-1093HigMay 21, 2020
    risk 0.49cvss 7.5epss 0.07

    A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'VBScript Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1035, CVE-2020-1058, CVE-2020-1060.

  • CVE-2020-1092HigMay 21, 2020
    risk 0.49cvss 7.5epss 0.07

    A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory, aka 'Internet Explorer Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-1062.

  • CVE-2020-1064HigMay 21, 2020
    risk 0.49cvss 7.5epss 0.07

    A remote code execution vulnerability exists in the way that the MSHTML engine improperly validates input.An attacker could execute arbitrary code in the context of the current user, aka 'MSHTML Engine Remote Code Execution Vulnerability'.

  • CVE-2020-1060HigMay 21, 2020
    risk 0.49cvss 7.5epss 0.07

    A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'VBScript Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1035, CVE-2020-1058, CVE-2020-1093.

  • CVE-2020-1058HigMay 21, 2020
    risk 0.49cvss 7.5epss 0.07

    A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'VBScript Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1035, CVE-2020-1060, CVE-2020-1093.

  • CVE-2020-1035HigMay 21, 2020
    risk 0.49cvss 7.5epss 0.07

    A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'VBScript Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1058, CVE-2020-1060, CVE-2020-1093.

  • CVE-2020-0909HigMay 21, 2020
    risk 0.49cvss 7.5epss 0.04

    A denial of service vulnerability exists when Hyper-V on a Windows Server fails to properly handle specially crafted network packets.To exploit the vulnerability, an attacker would send specially crafted network packets to the Hyper-V Server.The security update addresses the…

  • CVE-2020-1018HigApr 15, 2020
    risk 0.49cvss 7.5epss 0.06

    An information disclosure vulnerability exists when Microsoft Dynamics Business Central/NAV on-premise does not properly hide the value of a masked field when showing the records as a chart page.The attacker who successfully exploited the vulnerability could see the information…

  • CVE-2020-0895HigApr 15, 2020
    risk 0.49cvss 7.5epss 0.08

    A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'Windows VBScript Engine Remote Code Execution Vulnerability'.

  • CVE-2020-0876HigMar 12, 2020
    risk 0.49cvss 7.5epss 0.06

    An information disclosure vulnerability exists when the win32k component improperly provides kernel information, aka 'Win32k Information Disclosure Vulnerability'.

  • CVE-2020-0848HigMar 12, 2020
    risk 0.49cvss 7.5epss 0.09

    A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0768, CVE-2020-0823, CVE-2020-0825, CVE-2020-0826, CVE-2020-0827,…

  • CVE-2020-0847HigMar 12, 2020
    risk 0.49cvss 7.5epss 0.08

    A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'VBScript Remote Code Execution Vulnerability'.

  • CVE-2020-0833HigMar 12, 2020
    risk 0.49cvss 7.5epss 0.08

    A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0768, CVE-2020-0823, CVE-2020-0825, CVE-2020-0826,…

  • CVE-2020-0832HigMar 12, 2020
    risk 0.49cvss 7.5epss 0.08

    A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0768, CVE-2020-0823, CVE-2020-0825, CVE-2020-0826,…

  • CVE-2020-0831HigMar 12, 2020
    risk 0.49cvss 7.5epss 0.09

    A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0768, CVE-2020-0823, CVE-2020-0825, CVE-2020-0826, CVE-2020-0827,…

  • CVE-2020-0830HigMar 12, 2020
    risk 0.49cvss 7.5epss 0.09

    A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0768, CVE-2020-0823, CVE-2020-0825, CVE-2020-0826,…

  • CVE-2020-0829HigMar 12, 2020
    risk 0.49cvss 7.5epss 0.09

    A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0768, CVE-2020-0823, CVE-2020-0825, CVE-2020-0826, CVE-2020-0827,…

  • CVE-2020-0828HigMar 12, 2020
    risk 0.49cvss 7.5epss 0.09

    A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0768, CVE-2020-0823, CVE-2020-0825, CVE-2020-0826, CVE-2020-0827,…

  • CVE-2020-0826HigMar 12, 2020
    risk 0.49cvss 7.5epss 0.09

    A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0768, CVE-2020-0823, CVE-2020-0825, CVE-2020-0827, CVE-2020-0828,…

  • CVE-2020-0824HigMar 12, 2020
    risk 0.49cvss 7.5epss 0.07

    A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory, aka 'Internet Explorer Memory Corruption Vulnerability'.

  • CVE-2020-0823HigMar 12, 2020
    risk 0.49cvss 7.5epss 0.09

    A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0768, CVE-2020-0825, CVE-2020-0826, CVE-2020-0827, CVE-2020-0828,…

  • CVE-2020-0815HigMar 12, 2020
    risk 0.49cvss 7.5epss 0.02

    An elevation of privilege vulnerability exists when Azure DevOps Server and Team Foundation Services improperly handle pipeline job tokens, aka 'Azure DevOps Server and Team Foundation Services Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0758.

  • CVE-2020-0768HigMar 12, 2020
    risk 0.49cvss 7.5epss 0.09

    A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0823, CVE-2020-0825, CVE-2020-0826, CVE-2020-0827,…

  • CVE-2020-0758HigMar 12, 2020
    risk 0.49cvss 7.5epss 0.02

    An elevation of privilege vulnerability exists when Azure DevOps Server and Team Foundation Services improperly handle pipeline job tokens, aka 'Azure DevOps Server and Team Foundation Services Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0815.

  • CVE-2020-0645HigMar 12, 2020
    risk 0.49cvss 7.5epss 0.04

    A tampering vulnerability exists when Microsoft IIS Server improperly handles malformed request headers, aka 'Microsoft IIS Server Tampering Vulnerability'.

  • CVE-2020-0660HigFeb 11, 2020
    risk 0.49cvss 7.5epss 0.05

    A denial of service vulnerability exists in Remote Desktop Protocol (RDP) when an attacker connects to the target system using RDP and sends specially crafted requests, aka 'Windows Remote Desktop Protocol (RDP) Denial of Service Vulnerability'.

  • CVE-2019-1351HigJan 24, 2020
    risk 0.49cvss 7.5epss 0.09

    A tampering vulnerability exists when Git for Visual Studio improperly handles virtual drive paths, aka 'Git for Visual Studio Tampering Vulnerability'.

  • CVE-2020-0640HigJan 14, 2020
    risk 0.49cvss 7.5epss 0.08

    A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory, aka 'Internet Explorer Memory Corruption Vulnerability'.

  • CVE-2020-0612HigJan 14, 2020
    risk 0.49cvss 7.5epss 0.05

    A denial of service vulnerability exists in Windows Remote Desktop Gateway (RD Gateway) when an attacker connects to the target system using RDP and sends specially crafted requests, aka 'Windows Remote Desktop Gateway (RD Gateway) Denial of Service Vulnerability'.

  • CVE-2020-0611HigJan 14, 2020
    risk 0.49cvss 7.5epss 0.08

    A remote code execution vulnerability exists in the Windows Remote Desktop Client when a user connects to a malicious server, aka 'Remote Desktop Client Remote Code Execution Vulnerability'.

  • CVE-2020-0602HigJan 14, 2020
    risk 0.49cvss 7.5epss 0.08

    A denial of service vulnerability exists when ASP.NET Core improperly handles web requests, aka 'ASP.NET Core Denial of Service Vulnerability'.

  • CVE-2019-1489HigDec 10, 2019
    risk 0.49cvss 7.5epss 0.08

    An information disclosure vulnerability exists when the Windows Remote Desktop Protocol (RDP) fails to properly handle objects in memory, aka 'Remote Desktop Protocol Information Disclosure Vulnerability'.

  • CVE-2019-1485HigDec 10, 2019
    risk 0.49cvss 7.5epss 0.08

    A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'VBScript Remote Code Execution Vulnerability'.

  • CVE-2019-1453HigDec 10, 2019
    risk 0.49cvss 7.5epss 0.09

    A denial of service vulnerability exists in Remote Desktop Protocol (RDP) when an attacker connects to the target system using RDP and sends specially crafted requests, aka 'Windows Remote Desktop Protocol (RDP) Denial of Service Vulnerability'.

Page 118 of 287