VYPR

Vendor CVEs

Microsoft

All CVEs

14,318 total · sorted by risk
  • CVE-2020-1503MedAug 17, 2020
    risk 0.36cvss 5.5epss 0.05

    An information disclosure vulnerability exists when Microsoft Word improperly discloses the contents of its memory. An attacker who exploited the vulnerability could use the information to compromise the user’s computer or data. To exploit the vulnerability, an attacker could…

  • CVE-2020-1502MedAug 17, 2020
    risk 0.36cvss 5.5epss 0.05

    An information disclosure vulnerability exists when Microsoft Word improperly discloses the contents of its memory. An attacker who exploited the vulnerability could use the information to compromise the user’s computer or data. To exploit the vulnerability, an attacker could…

  • CVE-2020-1497MedAug 17, 2020
    risk 0.36cvss 5.5epss 0.05

    An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory. An attacker who exploited the vulnerability could use the information to compromise the user’s computer or data. To exploit the vulnerability, an attacker could…

  • CVE-2020-1493MedAug 17, 2020
    risk 0.36cvss 5.5epss 0.07

    An information disclosure vulnerability exists when attaching files to Outlook messages. This vulnerability could potentially allow users to share attached files such that they are accessible by anonymous users where they should be restricted to specific users. To exploit this…

  • CVE-2020-1485MedAug 17, 2020
    risk 0.36cvss 5.5epss 0.01

    An information disclosure vulnerability exists when the Windows Image Acquisition (WIA) Service improperly discloses contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. To exploit…

  • CVE-2020-1476MedAug 17, 2020
    risk 0.36cvss 5.5epss 0.01

    An elevation of privilege vulnerability exists when ASP.NET or .NET web applications running on IIS improperly allow access to cached files. An attacker who successfully exploited this vulnerability could gain access to restricted files. To exploit this vulnerability, an…

  • CVE-2020-1417MedAug 17, 2020
    risk 0.36cvss 5.5epss 0.01

    An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete…

  • CVE-2020-1383MedAug 17, 2020
    risk 0.36cvss 5.5epss 0.01

    An information disclosure vulnerability exists in RPC if the server has Routing and Remote Access enabled. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system To exploit this vulnerability, an attacker…

  • CVE-2020-1379MedAug 17, 2020
    risk 0.36cvss 5.5epss 0.03

    A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory. An attacker who successfully exploited the vulnerability could install programs; view, change, or delete data; or create new accounts with full user rights. There are…

  • CVE-2020-1445MedJul 14, 2020
    risk 0.36cvss 5.5epss 0.06

    An information disclosure vulnerability exists when Microsoft Office improperly discloses the contents of its memory, aka 'Microsoft Office Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-1342.

  • CVE-2020-1426MedJul 14, 2020
    risk 0.36cvss 5.5epss 0.01

    An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-1367, CVE-2020-1389, CVE-2020-1419.

  • CVE-2020-1420MedJul 14, 2020
    risk 0.36cvss 5.5epss 0.01

    An information disclosure vulnerability exists when Windows Error Reporting improperly handles file operations.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows Error Reporting Information Disclosure Vulnerability'.

  • CVE-2020-1419MedJul 14, 2020
    risk 0.36cvss 5.5epss 0.01

    An information disclosure vulnerability exists when the Windows kernel fails to properly initialize a memory address, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-1367, CVE-2020-1389, CVE-2020-1426.

  • CVE-2020-1391MedJul 14, 2020
    risk 0.36cvss 5.5epss 0.01

    An information disclosure vulnerability exists when the Windows Agent Activation Runtime (AarSvc) fails to properly handle objects in memory, aka 'Windows Agent Activation Runtime Information Disclosure Vulnerability'.

  • CVE-2020-1389MedJul 14, 2020
    risk 0.36cvss 5.5epss 0.01

    An information disclosure vulnerability exists when the Windows kernel fails to properly initialize a memory address, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-1367, CVE-2020-1419, CVE-2020-1426.

  • CVE-2020-1386MedJul 14, 2020
    risk 0.36cvss 5.5epss 0.01

    An information vulnerability exists when Windows Connected User Experiences and Telemetry Service improperly discloses file information, aka 'Connected User Experiences and Telemetry Service Information Disclosure Vulnerability'.

  • CVE-2020-1367MedJul 14, 2020
    risk 0.36cvss 5.5epss 0.01

    An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-1389, CVE-2020-1419, CVE-2020-1426.

  • CVE-2020-1361MedJul 14, 2020
    risk 0.36cvss 5.5epss 0.01

    An information disclosure vulnerability exists in the way that the WalletService handles memory.To exploit the vulnerability, an attacker would first need code execution on a victim system, aka 'Windows WalletService Information Disclosure Vulnerability'.

  • CVE-2020-1358MedJul 14, 2020
    risk 0.36cvss 5.5epss 0.01

    An information disclosure vulnerability exists when the Windows Resource Policy component improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows Resource Policy Information Disclosure…

  • CVE-2020-1351MedJul 14, 2020
    risk 0.36cvss 5.5epss 0.01

    An information disclosure vulnerability exists when the Windows Graphics component improperly handles objects in memory, aka 'Microsoft Graphics Component Information Disclosure Vulnerability'.

  • CVE-2020-1342MedJul 14, 2020
    risk 0.36cvss 5.5epss 0.06

    An information disclosure vulnerability exists when Microsoft Office software reads out of bound memory due to an uninitialized variable, which could disclose the contents of memory, aka 'Microsoft Office Information Disclosure Vulnerability'. This CVE ID is unique from…

  • CVE-2020-1330MedJul 14, 2020
    risk 0.36cvss 5.5epss 0.01

    An information disclosure vulnerability exists when Windows Mobile Device Management (MDM) Diagnostics improperly handles junctions, aka 'Windows Mobile Device Management Diagnostics Information Disclosure Vulnerability'.

  • CVE-2020-1296MedJun 9, 2020
    risk 0.36cvss 5.5epss 0.01

    A vulnerability exists in the way the Windows Diagnostics & feedback settings app handles objects in memory, aka 'Windows Diagnostics & feedback Information Disclosure Vulnerability'.

  • CVE-2020-1290MedJun 9, 2020
    risk 0.36cvss 5.5epss 0.01

    An information disclosure vulnerability exists when the win32k component improperly provides kernel information, aka 'Win32k Information Disclosure Vulnerability'.

  • CVE-2020-1268MedJun 9, 2020
    risk 0.36cvss 5.5epss 0.01

    An information disclosure vulnerability exists when a Windows service improperly handles objects in memory, aka 'Windows Service Information Disclosure Vulnerability'.

  • CVE-2020-1263MedJun 9, 2020
    risk 0.36cvss 5.5epss 0.01

    An information disclosure vulnerability exists in the way Windows Error Reporting (WER) handles objects in memory, aka 'Windows Error Reporting Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-1261.

  • CVE-2020-1261MedJun 9, 2020
    risk 0.36cvss 5.5epss 0.01

    An information disclosure vulnerability exists in the way Windows Error Reporting (WER) handles objects in memory, aka 'Windows Error Reporting Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-1263.

  • CVE-2020-1194MedJun 9, 2020
    risk 0.36cvss 5.5epss 0.01

    A denial of service vulnerability exists when Windows Registry improperly handles filesystem operations, aka 'Windows Registry Denial of Service Vulnerability'.

  • CVE-2020-1160MedJun 9, 2020
    risk 0.36cvss 5.5epss 0.02

    An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory, aka 'Microsoft Graphics Component Information Disclosure Vulnerability'.

  • CVE-2020-1120MedJun 9, 2020
    risk 0.36cvss 5.5epss 0.01

    A denial of service vulnerability exists when Connected User Experiences and Telemetry Service improperly handles file operations, aka 'Connected User Experiences and Telemetry Service Denial of Service Vulnerability'. This CVE ID is unique from CVE-2020-1244.

  • CVE-2020-1145MedMay 21, 2020
    risk 0.36cvss 5.5epss 0.02

    An information disclosure vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory, allowing an attacker to retrieve information from a targeted system, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is…

  • CVE-2020-1141MedMay 21, 2020
    risk 0.36cvss 5.5epss 0.02

    An information disclosure vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory, allowing an attacker to retrieve information from a targeted system, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is…

  • CVE-2020-1123MedMay 21, 2020
    risk 0.36cvss 5.5epss 0.01

    A denial of service vulnerability exists when Connected User Experiences and Telemetry Service improperly handles file operations, aka 'Connected User Experiences and Telemetry Service Denial of Service Vulnerability'. This CVE ID is unique from CVE-2020-1084.

  • CVE-2020-1116MedMay 21, 2020
    risk 0.36cvss 5.5epss 0.01

    An information disclosure vulnerability exists when the Windows Client Server Run-Time Subsystem (CSRSS) fails to properly handle objects in memory, aka 'Windows CSRSS Information Disclosure Vulnerability'.

  • CVE-2020-1084MedMay 21, 2020
    risk 0.36cvss 5.5epss 0.01

    A Denial Of Service vulnerability exists when Connected User Experiences and Telemetry Service fails to validate certain function values.An attacker who successfully exploited this vulnerability could deny dependent security feature functionality.To exploit this vulnerability,…

  • CVE-2020-1076MedMay 21, 2020
    risk 0.36cvss 5.5epss 0.01

    A denial of service vulnerability exists when Windows improperly handles objects in memory, aka 'Windows Denial of Service Vulnerability'.

  • CVE-2020-1075MedMay 21, 2020
    risk 0.36cvss 5.5epss 0.01

    An information disclosure vulnerability exists when Windows Subsystem for Linux improperly handles objects in memory, aka 'Windows Subsystem for Linux Information Disclosure Vulnerability'.

  • CVE-2020-1072MedMay 21, 2020
    risk 0.36cvss 5.5epss 0.01

    An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'.

  • CVE-2020-1016MedApr 15, 2020
    risk 0.36cvss 5.5epss 0.01

    An information disclosure vulnerability exists when the Windows Push Notification Service improperly handles objects in memory, aka 'Windows Push Notification Service Information Disclosure Vulnerability'.

  • CVE-2020-1007MedApr 15, 2020
    risk 0.36cvss 5.5epss 0.01

    An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-0821.

  • CVE-2020-1005MedApr 15, 2020
    risk 0.36cvss 5.5epss 0.01

    An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory, aka 'Microsoft Graphics Component Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-0982, CVE-2020-0987.

  • CVE-2020-0987MedApr 15, 2020
    risk 0.36cvss 5.5epss 0.02

    An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory, aka 'Microsoft Graphics Component Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-0982, CVE-2020-1005.

  • CVE-2020-0982MedApr 15, 2020
    risk 0.36cvss 5.5epss 0.01

    An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory, aka 'Microsoft Graphics Component Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-0987, CVE-2020-1005.

  • CVE-2020-0962MedApr 15, 2020
    risk 0.36cvss 5.5epss 0.01

    An information disclosure vulnerability exists when the win32k component improperly provides kernel information, aka 'Win32k Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-0699.

  • CVE-2020-0955MedApr 15, 2020
    risk 0.36cvss 5.5epss 0.01

    An information disclosure vulnerability exists when certain central processing units (CPU) speculatively access memory, aka 'Windows Kernel Information Disclosure in CPU Memory Access'.

  • CVE-2020-0947MedApr 15, 2020
    risk 0.36cvss 5.5epss 0.06

    An information disclosure vulnerability exists when Media Foundation improperly handles objects in memory, aka 'Media Foundation Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-0937, CVE-2020-0939, CVE-2020-0945, CVE-2020-0946.

  • CVE-2020-0946MedApr 15, 2020
    risk 0.36cvss 5.5epss 0.06

    An information disclosure vulnerability exists when Media Foundation improperly handles objects in memory, aka 'Media Foundation Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-0937, CVE-2020-0939, CVE-2020-0945, CVE-2020-0947.

  • CVE-2020-0945MedApr 15, 2020
    risk 0.36cvss 5.5epss 0.06

    An information disclosure vulnerability exists when Media Foundation improperly handles objects in memory, aka 'Media Foundation Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-0937, CVE-2020-0939, CVE-2020-0946, CVE-2020-0947.

  • CVE-2020-0939MedApr 15, 2020
    risk 0.36cvss 5.5epss 0.08

    An information disclosure vulnerability exists when Media Foundation improperly handles objects in memory, aka 'Media Foundation Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-0937, CVE-2020-0945, CVE-2020-0946, CVE-2020-0947.

  • CVE-2020-0937MedApr 15, 2020
    risk 0.36cvss 5.5epss 0.06

    An information disclosure vulnerability exists when Media Foundation improperly handles objects in memory, aka 'Media Foundation Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-0939, CVE-2020-0945, CVE-2020-0946, CVE-2020-0947.

Page 174 of 287