VYPR

Vendor CVEs

Microsoft

All CVEs

14,318 total · sorted by risk
  • CVE-2020-17006MedNov 11, 2020
    risk 0.35cvss 5.4epss 0.01

    Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

  • CVE-2020-17005MedNov 11, 2020
    risk 0.35cvss 5.4epss 0.01

    Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

  • CVE-2020-16993MedNov 11, 2020
    risk 0.35cvss 5.4epss 0.01

    Azure Sphere Elevation of Privilege Vulnerability

  • CVE-2020-16989MedNov 11, 2020
    risk 0.35cvss 5.4epss 0.01

    Azure Sphere Elevation of Privilege Vulnerability

  • CVE-2020-16979MedNov 11, 2020
    risk 0.35cvss 5.3epss 0.03

    Microsoft SharePoint Information Disclosure Vulnerability

  • CVE-2020-16978MedOct 16, 2020
    risk 0.35cvss 5.4epss 0.01

    A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to…

  • CVE-2020-16956MedOct 16, 2020
    risk 0.35cvss 5.4epss 0.01

    A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to…

  • CVE-2020-16922MedOct 16, 2020
    risk 0.35cvss 5.3epss 0.01

    A spoofing vulnerability exists when Windows incorrectly validates file signatures. An attacker who successfully exploited this vulnerability could bypass security features and load improperly signed files. In an attack scenario, an attacker could bypass security…

  • CVE-2020-16904MedOct 16, 2020
    risk 0.35cvss 5.3epss 0.03

    An elevation of privilege vulnerability exists in the way Azure Functions validate access keys. An unauthenticated attacker who successfully exploited this vulnerability could invoke an HTTP Function without proper authorization. This security update addresses…

  • CVE-2020-16886MedOct 16, 2020
    risk 0.35cvss 5.3epss 0.01

    A security feature bypass vulnerability exists in the PowerShellGet V2 module. An attacker who successfully exploited this vulnerability could bypass WDAC (Windows Defender Application Control) policy and execute arbitrary code on a policy locked-down machine. An…

  • CVE-2020-1596MedSep 11, 2020
    risk 0.35cvss 5.4epss 0.01

    A information disclosure vulnerability exists when TLS components use weak hash algorithms. An attacker who successfully exploited this vulnerability could obtain information to further compromise a users's encrypted transmission channel. To exploit the vulnerability,…

  • CVE-2020-1575MedSep 11, 2020
    risk 0.35cvss 5.4epss 0.02

    A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to…

  • CVE-2020-1514MedSep 11, 2020
    risk 0.35cvss 5.4epss 0.02

    A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to…

  • CVE-2020-1227MedSep 11, 2020
    risk 0.35cvss 5.4epss 0.02

    A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to…

  • CVE-2020-16878MedSep 11, 2020
    risk 0.35cvss 5.4epss 0.02

    A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to…

  • CVE-2020-16871MedSep 11, 2020
    risk 0.35cvss 5.4epss 0.02

    A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to…

  • CVE-2020-16864MedSep 11, 2020
    risk 0.35cvss 5.4epss 0.02

    A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to…

  • CVE-2020-16861MedSep 11, 2020
    risk 0.35cvss 5.4epss 0.02

    A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to…

  • CVE-2020-16859MedSep 11, 2020
    risk 0.35cvss 5.4epss 0.02

    A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to…

  • CVE-2020-16858MedSep 11, 2020
    risk 0.35cvss 5.4epss 0.02

    A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to…

  • CVE-2020-0805MedSep 11, 2020
    risk 0.35cvss 5.3epss 0.01

    A security feature bypass vulnerability exists when a Windows Projected Filesystem improperly handles file redirections. An attacker who successfully exploited this vulnerability could delete a targeted file they would not have permissions to. To exploit this…

  • CVE-2020-1591MedAug 17, 2020
    risk 0.35cvss 5.4epss 0.02

    A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an…

  • CVE-2020-1580MedAug 17, 2020
    risk 0.35cvss 5.4epss 0.02

    A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an…

  • CVE-2020-1501MedAug 17, 2020
    risk 0.35cvss 5.4epss 0.02

    A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected…

  • CVE-2020-1500MedAug 17, 2020
    risk 0.35cvss 5.4epss 0.02

    A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected…

  • CVE-2020-1499MedAug 17, 2020
    risk 0.35cvss 5.4epss 0.02

    A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected…

  • CVE-2020-1455MedAug 17, 2020
    risk 0.35cvss 5.3epss 0.01

    A denial of service vulnerability exists when Microsoft SQL Server Management Studio (SSMS) improperly handles files. An attacker could exploit the vulnerability to trigger a denial of service. To exploit the vulnerability, an attacker would first require execution on the victim…

  • CVE-2020-1456MedJul 14, 2020
    risk 0.35cvss 5.4epss 0.02

    A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-1450,…

  • CVE-2020-1454MedJul 14, 2020
    risk 0.35cvss 5.4epss 0.02

    This vulnerability is caused when SharePoint Server does not properly sanitize a specially crafted request to an affected SharePoint server.An authenticated attacker could exploit this vulnerability by sending a specially crafted request to an affected SharePoint server, aka…

  • CVE-2020-1451MedJul 14, 2020
    risk 0.35cvss 5.4epss 0.02

    A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-1450,…

  • CVE-2020-1450MedJul 14, 2020
    risk 0.35cvss 5.4epss 0.02

    A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-1451,…

  • CVE-2020-1443MedJul 14, 2020
    risk 0.35cvss 5.4epss 0.02

    A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft SharePoint Spoofing Vulnerability'.

  • CVE-2020-1434MedJul 14, 2020
    risk 0.35cvss 5.3epss 0.01

    An elevation of privilege vulnerability exists in the way that the Windows Sync Host Service handles objects in memory, aka 'Windows Sync Host Service Elevation of Privilege Vulnerability'.

  • CVE-2020-1326MedJul 14, 2020
    risk 0.35cvss 5.4epss 0.02

    A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server does not properly sanitize user provided input, aka 'Azure DevOps Server Cross-site Scripting Vulnerability'.

  • CVE-2020-1340MedJun 9, 2020
    risk 0.35cvss 5.4epss 0.02

    A spoofing vulnerability exists when the NuGetGallery does not properly sanitize input on package metadata values, aka 'NuGetGallery Spoofing Vulnerability'.

  • CVE-2020-1331MedJun 9, 2020
    risk 0.35cvss 5.4epss 0.01

    A spoofing vulnerability exists when System Center Operations Manager (SCOM) does not properly sanitize a specially crafted web request to an affected SCOM instance, aka 'System Center Operations Manager Spoofing Vulnerability'.

  • CVE-2020-1320MedJun 9, 2020
    risk 0.35cvss 5.4epss 0.02

    A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-1177,…

  • CVE-2020-1318MedJun 9, 2020
    risk 0.35cvss 5.4epss 0.01

    A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-1177,…

  • CVE-2020-1315MedJun 9, 2020
    risk 0.35cvss 5.3epss 0.04

    An information disclosure vulnerability exists when Internet Explorer improperly handles objects in memory, aka 'Internet Explorer Information Disclosure Vulnerability'.

  • CVE-2020-1298MedJun 9, 2020
    risk 0.35cvss 5.4epss 0.02

    A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-1177,…

  • CVE-2020-1297MedJun 9, 2020
    risk 0.35cvss 5.4epss 0.01

    A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-1177,…

  • CVE-2020-1289MedJun 9, 2020
    risk 0.35cvss 5.4epss 0.01

    A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft SharePoint Spoofing Vulnerability'. This CVE ID is unique from CVE-2020-1148.

  • CVE-2020-1242MedJun 9, 2020
    risk 0.35cvss 5.3epss 0.04

    An information disclosure vulnerability exists in the way that Microsoft Edge handles cross-origin requests, aka 'Microsoft Edge Information Disclosure Vulnerability'.

  • CVE-2020-1183MedJun 9, 2020
    risk 0.35cvss 5.4epss 0.01

    A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-1177,…

  • CVE-2020-1177MedJun 9, 2020
    risk 0.35cvss 5.4epss 0.01

    A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-1183,…

  • CVE-2020-1148MedJun 9, 2020
    risk 0.35cvss 5.4epss 0.01

    A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft SharePoint Spoofing Vulnerability'. This CVE ID is unique from CVE-2020-1289.

  • CVE-2020-1107MedMay 21, 2020
    risk 0.35cvss 5.4epss 0.01

    A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft SharePoint Spoofing Vulnerability'. This CVE ID is unique from CVE-2020-1104, CVE-2020-1105.

  • CVE-2020-1105MedMay 21, 2020
    risk 0.35cvss 5.4epss 0.02

    A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft SharePoint Spoofing Vulnerability'. This CVE ID is unique from CVE-2020-1104, CVE-2020-1107.

  • CVE-2020-1104MedMay 21, 2020
    risk 0.35cvss 5.4epss 0.02

    A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft SharePoint Spoofing Vulnerability'. This CVE ID is unique from CVE-2020-1105, CVE-2020-1107.

  • CVE-2020-1101MedMay 21, 2020
    risk 0.35cvss 5.4epss 0.02

    A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-1099,…

Page 182 of 287