Vendor CVEs
Microsoft
All CVEs
14,318 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-1637 | Med | 0.36 | 5.5 | 0.01 | Jan 12, 2021 | Windows DNS Query Information Disclosure Vulnerability | ||
| CVE-2020-35609 | Med | 0.36 | 5.5 | 0.01 | Dec 22, 2020 | A denial-of-service vulnerability exists in the asynchronous ioctl functionality of Microsoft Azure Sphere 20.05. A sequence of specially crafted ioctl calls can cause a denial of service. An attacker can write shellcode to trigger this vulnerability. | ||
| CVE-2020-17138 | Med | 0.36 | 5.5 | 0.01 | Dec 10, 2020 | Windows Error Reporting Information Disclosure Vulnerability | ||
| CVE-2020-17126 | Med | 0.36 | 5.5 | 0.01 | Dec 10, 2020 | Microsoft Excel Information Disclosure Vulnerability | ||
| CVE-2020-17098 | Med | 0.36 | 5.5 | 0.01 | Dec 10, 2020 | Windows GDI+ Information Disclosure Vulnerability | ||
| CVE-2020-17094 | Med | 0.36 | 5.5 | 0.01 | Dec 10, 2020 | Windows Error Reporting Information Disclosure Vulnerability | ||
| CVE-2020-17113 | Med | 0.36 | 5.5 | 0.01 | Nov 11, 2020 | Windows Camera Codec Information Disclosure Vulnerability | ||
| CVE-2020-17102 | Med | 0.36 | 5.5 | 0.01 | Nov 11, 2020 | WebP Image Extensions Information Disclosure Vulnerability | ||
| CVE-2020-17100 | Med | 0.36 | 5.5 | 0.01 | Nov 11, 2020 | Visual Studio Tampering Vulnerability | ||
| CVE-2020-17081 | Med | 0.36 | 5.5 | 0.03 | Nov 11, 2020 | Microsoft Raw Image Extension Information Disclosure Vulnerability | ||
| CVE-2020-17071 | Med | 0.36 | 5.5 | 0.01 | Nov 11, 2020 | Windows Delivery Optimization Information Disclosure Vulnerability | ||
| CVE-2020-17069 | Med | 0.36 | 5.5 | 0.01 | Nov 11, 2020 | Windows NDIS Information Disclosure Vulnerability | ||
| CVE-2020-17056 | Med | 0.36 | 5.5 | 0.01 | Nov 11, 2020 | Windows Network File System Information Disclosure Vulnerability | ||
| CVE-2020-17046 | Med | 0.36 | 5.5 | 0.01 | Nov 11, 2020 | Windows Error Reporting Denial of Service Vulnerability | ||
| CVE-2020-17045 | Med | 0.36 | 5.5 | 0.01 | Nov 11, 2020 | Windows KernelStream Information Disclosure Vulnerability | ||
| CVE-2020-17036 | Med | 0.36 | 5.5 | 0.01 | Nov 11, 2020 | Windows Function Discovery SSDP Provider Information Disclosure Vulnerability | ||
| CVE-2020-17030 | Med | 0.36 | 5.5 | 0.01 | Nov 11, 2020 | Windows MSCTF Server Information Disclosure Vulnerability | ||
| CVE-2020-17029 | Med | 0.36 | 5.5 | 0.01 | Nov 11, 2020 | Windows Canonical Display Driver Information Disclosure Vulnerability | ||
| CVE-2020-17013 | Med | 0.36 | 5.5 | 0.01 | Nov 11, 2020 | Win32k Information Disclosure Vulnerability | ||
| CVE-2020-17004 | Med | 0.36 | 5.5 | 0.01 | Nov 11, 2020 | Windows Graphics Component Information Disclosure Vulnerability | ||
| CVE-2020-17000 | Med | 0.36 | 5.5 | 0.01 | Nov 11, 2020 | Remote Desktop Protocol Client Information Disclosure Vulnerability | ||
| CVE-2020-16999 | Med | 0.36 | 5.5 | 0.01 | Nov 11, 2020 | Windows WalletService Information Disclosure Vulnerability | ||
| CVE-2020-16938 | Med | 0.36 | 5.5 | 0.02 | Oct 16, 2020 | An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. To exploit this vulnerability, an… | ||
| CVE-2020-16921 | Med | 0.36 | 5.5 | 0.01 | Oct 16, 2020 | An information disclosure vulnerability exists in Text Services Framework when it fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could potentially read data that was not intended to be disclosed. Note that this… | ||
| CVE-2020-16919 | Med | 0.36 | 5.5 | 0.01 | Oct 16, 2020 | An information disclosure vulnerability exists when the Windows Enterprise App Management Service improperly handles certain file operations. An attacker who successfully exploited this vulnerability could read arbitrary files. An attacker with unprivileged access to a… | ||
| CVE-2020-16914 | Med | 0.36 | 5.5 | 0.01 | Oct 16, 2020 | An information disclosure vulnerability exists in the way that the Windows Graphics Device Interface Plus (GDI+) handles objects in memory, allowing an attacker to retrieve information from a targeted system. By itself, the information disclosure does not allow arbitrary code… | ||
| CVE-2020-16897 | Med | 0.36 | 5.5 | 0.01 | Oct 16, 2020 | An information disclosure vulnerability exists when NetBIOS over TCP (NBT) Extensions (NetBT) improperly handle objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. To exploit… | ||
| CVE-2020-16889 | Med | 0.36 | 5.5 | 0.01 | Oct 16, 2020 | An information disclosure vulnerability exists when the Windows KernelStream improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. To exploit this… | ||
| CVE-2020-1303 | Med | 0.36 | 5.5 | 0.04 | Sep 11, 2020 | An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in an elevated context. An attacker could exploit this vulnerability by… | ||
| CVE-2020-1256 | Med | 0.36 | 5.5 | 0.05 | Sep 11, 2020 | An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. There are… | ||
| CVE-2020-1250 | Med | 0.36 | 5.5 | 0.01 | Sep 11, 2020 | An information disclosure vulnerability exists when the win32k component improperly provides kernel information. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. To exploit this vulnerability,… | ||
| CVE-2020-1224 | Med | 0.36 | 5.5 | 0.04 | Sep 11, 2020 | An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory. An attacker who exploited the vulnerability could use the information to compromise the user’s computer or data. To exploit the vulnerability, an… | ||
| CVE-2020-1133 | Med | 0.36 | 5.5 | 0.01 | Sep 11, 2020 | An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector improperly handles file operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could exploit this… | ||
| CVE-2020-1122 | Med | 0.36 | 5.5 | 0.01 | Sep 11, 2020 | An elevation of privilege vulnerability exists when the Windows Language Pack Installer improperly handles file operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could exploit this… | ||
| CVE-2020-1119 | Med | 0.36 | 5.5 | 0.01 | Sep 11, 2020 | An information disclosure vulnerability exists when StartTileData.dll improperly handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. To exploit this vulnerability, an… | ||
| CVE-2020-1083 | Med | 0.36 | 5.5 | 0.01 | Sep 11, 2020 | An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. To exploit… | ||
| CVE-2020-1038 | Med | 0.36 | 5.5 | 0.01 | Sep 11, 2020 | A denial of service vulnerability exists when Windows Routing Utilities improperly handles objects in memory. An attacker who successfully exploited the vulnerability could cause a target system to stop responding. To exploit this vulnerability, an attacker would have… | ||
| CVE-2020-16879 | Med | 0.36 | 5.5 | 0.01 | Sep 11, 2020 | An information disclosure vulnerability exists when a Windows Projected Filesystem improperly handles file redirections. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user's system To exploit this… | ||
| CVE-2020-16855 | Med | 0.36 | 5.5 | 0.04 | Sep 11, 2020 | An information disclosure vulnerability exists when Microsoft Office software reads out of bound memory due to an uninitialized variable, which could disclose the contents of memory. An attacker who successfully exploited the vulnerability could view out of bound memory.… | ||
| CVE-2020-16854 | Med | 0.36 | 5.5 | 0.01 | Sep 11, 2020 | An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. To exploit this vulnerability, an… | ||
| CVE-2020-0989 | Med | 0.36 | 5.5 | 0.01 | Sep 11, 2020 | An information disclosure vulnerability exists when Windows Mobile Device Management (MDM) Diagnostics improperly handles junctions. An attacker who successfully exploited this vulnerability could bypass access restrictions to read files. To exploit this vulnerability,… | ||
| CVE-2020-0941 | Med | 0.36 | 5.5 | 0.01 | Sep 11, 2020 | An information disclosure vulnerability exists when the win32k component improperly provides kernel information. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. To exploit the vulnerability,… | ||
| CVE-2020-0928 | Med | 0.36 | 5.5 | 0.01 | Sep 11, 2020 | An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. To exploit this vulnerability, an… | ||
| CVE-2020-0921 | Med | 0.36 | 5.5 | 0.01 | Sep 11, 2020 | Microsoft Graphics Component Denial of Service Vulnerability | ||
| CVE-2020-0914 | Med | 0.36 | 5.5 | 0.01 | Sep 11, 2020 | An information disclosure vulnerability exists when the Windows State Repository Service improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. An attacker… | ||
| CVE-2020-0875 | Med | 0.36 | 5.5 | 0.04 | Sep 11, 2020 | An information disclosure vulnerability exists in how splwow64.exe handles certain calls. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system (low-integrity to medium-integrity). This… | ||
| CVE-2020-1574 | Med | 0.36 | 5.5 | 0.03 | Aug 17, 2020 | A remote code execution vulnerability exists in the way that Microsoft Windows Codecs Library handles objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code. Exploitation of the vulnerability requires that a program process a… | ||
| CVE-2020-1573 | Med | 0.36 | 5.5 | 0.02 | Aug 17, 2020 | A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an… | ||
| CVE-2020-1510 | Med | 0.36 | 5.5 | 0.05 | Aug 17, 2020 | An information disclosure vulnerability exists when the win32k component improperly provides kernel information. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. To exploit this vulnerability, an… | ||
| CVE-2020-1505 | Med | 0.36 | 5.5 | 0.01 | Aug 17, 2020 | An information disclosure vulnerability exists when Microsoft SharePoint Server fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. To exploit the vulnerability,… |
- risk 0.36cvss 5.5epss 0.01
Windows DNS Query Information Disclosure Vulnerability
- risk 0.36cvss 5.5epss 0.01
A denial-of-service vulnerability exists in the asynchronous ioctl functionality of Microsoft Azure Sphere 20.05. A sequence of specially crafted ioctl calls can cause a denial of service. An attacker can write shellcode to trigger this vulnerability.
- risk 0.36cvss 5.5epss 0.01
Windows Error Reporting Information Disclosure Vulnerability
- risk 0.36cvss 5.5epss 0.01
Microsoft Excel Information Disclosure Vulnerability
- risk 0.36cvss 5.5epss 0.01
Windows GDI+ Information Disclosure Vulnerability
- risk 0.36cvss 5.5epss 0.01
Windows Error Reporting Information Disclosure Vulnerability
- risk 0.36cvss 5.5epss 0.01
Windows Camera Codec Information Disclosure Vulnerability
- risk 0.36cvss 5.5epss 0.01
WebP Image Extensions Information Disclosure Vulnerability
- risk 0.36cvss 5.5epss 0.01
Visual Studio Tampering Vulnerability
- risk 0.36cvss 5.5epss 0.03
Microsoft Raw Image Extension Information Disclosure Vulnerability
- risk 0.36cvss 5.5epss 0.01
Windows Delivery Optimization Information Disclosure Vulnerability
- risk 0.36cvss 5.5epss 0.01
Windows NDIS Information Disclosure Vulnerability
- risk 0.36cvss 5.5epss 0.01
Windows Network File System Information Disclosure Vulnerability
- risk 0.36cvss 5.5epss 0.01
Windows Error Reporting Denial of Service Vulnerability
- risk 0.36cvss 5.5epss 0.01
Windows KernelStream Information Disclosure Vulnerability
- risk 0.36cvss 5.5epss 0.01
Windows Function Discovery SSDP Provider Information Disclosure Vulnerability
- risk 0.36cvss 5.5epss 0.01
Windows MSCTF Server Information Disclosure Vulnerability
- risk 0.36cvss 5.5epss 0.01
Windows Canonical Display Driver Information Disclosure Vulnerability
- risk 0.36cvss 5.5epss 0.01
Win32k Information Disclosure Vulnerability
- risk 0.36cvss 5.5epss 0.01
Windows Graphics Component Information Disclosure Vulnerability
- risk 0.36cvss 5.5epss 0.01
Remote Desktop Protocol Client Information Disclosure Vulnerability
- risk 0.36cvss 5.5epss 0.01
Windows WalletService Information Disclosure Vulnerability
- risk 0.36cvss 5.5epss 0.02
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. To exploit this vulnerability, an…
- risk 0.36cvss 5.5epss 0.01
An information disclosure vulnerability exists in Text Services Framework when it fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could potentially read data that was not intended to be disclosed. Note that this…
- risk 0.36cvss 5.5epss 0.01
An information disclosure vulnerability exists when the Windows Enterprise App Management Service improperly handles certain file operations. An attacker who successfully exploited this vulnerability could read arbitrary files. An attacker with unprivileged access to a…
- risk 0.36cvss 5.5epss 0.01
An information disclosure vulnerability exists in the way that the Windows Graphics Device Interface Plus (GDI+) handles objects in memory, allowing an attacker to retrieve information from a targeted system. By itself, the information disclosure does not allow arbitrary code…
- risk 0.36cvss 5.5epss 0.01
An information disclosure vulnerability exists when NetBIOS over TCP (NBT) Extensions (NetBT) improperly handle objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. To exploit…
- risk 0.36cvss 5.5epss 0.01
An information disclosure vulnerability exists when the Windows KernelStream improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. To exploit this…
- risk 0.36cvss 5.5epss 0.04
An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in an elevated context. An attacker could exploit this vulnerability by…
- risk 0.36cvss 5.5epss 0.05
An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. There are…
- risk 0.36cvss 5.5epss 0.01
An information disclosure vulnerability exists when the win32k component improperly provides kernel information. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. To exploit this vulnerability,…
- risk 0.36cvss 5.5epss 0.04
An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory. An attacker who exploited the vulnerability could use the information to compromise the user’s computer or data. To exploit the vulnerability, an…
- risk 0.36cvss 5.5epss 0.01
An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector improperly handles file operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could exploit this…
- risk 0.36cvss 5.5epss 0.01
An elevation of privilege vulnerability exists when the Windows Language Pack Installer improperly handles file operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could exploit this…
- risk 0.36cvss 5.5epss 0.01
An information disclosure vulnerability exists when StartTileData.dll improperly handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. To exploit this vulnerability, an…
- risk 0.36cvss 5.5epss 0.01
An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. To exploit…
- risk 0.36cvss 5.5epss 0.01
A denial of service vulnerability exists when Windows Routing Utilities improperly handles objects in memory. An attacker who successfully exploited the vulnerability could cause a target system to stop responding. To exploit this vulnerability, an attacker would have…
- risk 0.36cvss 5.5epss 0.01
An information disclosure vulnerability exists when a Windows Projected Filesystem improperly handles file redirections. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user's system To exploit this…
- risk 0.36cvss 5.5epss 0.04
An information disclosure vulnerability exists when Microsoft Office software reads out of bound memory due to an uninitialized variable, which could disclose the contents of memory. An attacker who successfully exploited the vulnerability could view out of bound memory.…
- risk 0.36cvss 5.5epss 0.01
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. To exploit this vulnerability, an…
- risk 0.36cvss 5.5epss 0.01
An information disclosure vulnerability exists when Windows Mobile Device Management (MDM) Diagnostics improperly handles junctions. An attacker who successfully exploited this vulnerability could bypass access restrictions to read files. To exploit this vulnerability,…
- risk 0.36cvss 5.5epss 0.01
An information disclosure vulnerability exists when the win32k component improperly provides kernel information. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. To exploit the vulnerability,…
- risk 0.36cvss 5.5epss 0.01
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. To exploit this vulnerability, an…
- risk 0.36cvss 5.5epss 0.01
Microsoft Graphics Component Denial of Service Vulnerability
- risk 0.36cvss 5.5epss 0.01
An information disclosure vulnerability exists when the Windows State Repository Service improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. An attacker…
- risk 0.36cvss 5.5epss 0.04
An information disclosure vulnerability exists in how splwow64.exe handles certain calls. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system (low-integrity to medium-integrity). This…
- risk 0.36cvss 5.5epss 0.03
A remote code execution vulnerability exists in the way that Microsoft Windows Codecs Library handles objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code. Exploitation of the vulnerability requires that a program process a…
- risk 0.36cvss 5.5epss 0.02
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an…
- risk 0.36cvss 5.5epss 0.05
An information disclosure vulnerability exists when the win32k component improperly provides kernel information. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. To exploit this vulnerability, an…
- risk 0.36cvss 5.5epss 0.01
An information disclosure vulnerability exists when Microsoft SharePoint Server fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. To exploit the vulnerability,…
Page 173 of 287