Vendor CVEs
Microsoft
All CVEs
14,318 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2020-17006 | Med | 0.35 | 5.4 | 0.01 | Nov 11, 2020 | Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability | ||
| CVE-2020-17005 | Med | 0.35 | 5.4 | 0.01 | Nov 11, 2020 | Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability | ||
| CVE-2020-16993 | Med | 0.35 | 5.4 | 0.01 | Nov 11, 2020 | Azure Sphere Elevation of Privilege Vulnerability | ||
| CVE-2020-16989 | Med | 0.35 | 5.4 | 0.01 | Nov 11, 2020 | Azure Sphere Elevation of Privilege Vulnerability | ||
| CVE-2020-16979 | Med | 0.35 | 5.3 | 0.03 | Nov 11, 2020 | Microsoft SharePoint Information Disclosure Vulnerability | ||
| CVE-2020-16978 | Med | 0.35 | 5.4 | 0.01 | Oct 16, 2020 | A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to… | ||
| CVE-2020-16956 | Med | 0.35 | 5.4 | 0.01 | Oct 16, 2020 | A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to… | ||
| CVE-2020-16922 | Med | 0.35 | 5.3 | 0.01 | Oct 16, 2020 | A spoofing vulnerability exists when Windows incorrectly validates file signatures. An attacker who successfully exploited this vulnerability could bypass security features and load improperly signed files. In an attack scenario, an attacker could bypass security… | ||
| CVE-2020-16904 | Med | 0.35 | 5.3 | 0.03 | Oct 16, 2020 | An elevation of privilege vulnerability exists in the way Azure Functions validate access keys. An unauthenticated attacker who successfully exploited this vulnerability could invoke an HTTP Function without proper authorization. This security update addresses… | ||
| CVE-2020-16886 | Med | 0.35 | 5.3 | 0.01 | Oct 16, 2020 | A security feature bypass vulnerability exists in the PowerShellGet V2 module. An attacker who successfully exploited this vulnerability could bypass WDAC (Windows Defender Application Control) policy and execute arbitrary code on a policy locked-down machine. An… | ||
| CVE-2020-1596 | Med | 0.35 | 5.4 | 0.01 | Sep 11, 2020 | A information disclosure vulnerability exists when TLS components use weak hash algorithms. An attacker who successfully exploited this vulnerability could obtain information to further compromise a users's encrypted transmission channel. To exploit the vulnerability,… | ||
| CVE-2020-1575 | Med | 0.35 | 5.4 | 0.02 | Sep 11, 2020 | A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to… | ||
| CVE-2020-1514 | Med | 0.35 | 5.4 | 0.02 | Sep 11, 2020 | A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to… | ||
| CVE-2020-1227 | Med | 0.35 | 5.4 | 0.02 | Sep 11, 2020 | A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to… | ||
| CVE-2020-16878 | Med | 0.35 | 5.4 | 0.02 | Sep 11, 2020 | A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to… | ||
| CVE-2020-16871 | Med | 0.35 | 5.4 | 0.02 | Sep 11, 2020 | A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to… | ||
| CVE-2020-16864 | Med | 0.35 | 5.4 | 0.02 | Sep 11, 2020 | A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to… | ||
| CVE-2020-16861 | Med | 0.35 | 5.4 | 0.02 | Sep 11, 2020 | A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to… | ||
| CVE-2020-16859 | Med | 0.35 | 5.4 | 0.02 | Sep 11, 2020 | A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to… | ||
| CVE-2020-16858 | Med | 0.35 | 5.4 | 0.02 | Sep 11, 2020 | A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to… | ||
| CVE-2020-0805 | Med | 0.35 | 5.3 | 0.01 | Sep 11, 2020 | A security feature bypass vulnerability exists when a Windows Projected Filesystem improperly handles file redirections. An attacker who successfully exploited this vulnerability could delete a targeted file they would not have permissions to. To exploit this… | ||
| CVE-2020-1591 | Med | 0.35 | 5.4 | 0.02 | Aug 17, 2020 | A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an… | ||
| CVE-2020-1580 | Med | 0.35 | 5.4 | 0.02 | Aug 17, 2020 | A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an… | ||
| CVE-2020-1501 | Med | 0.35 | 5.4 | 0.02 | Aug 17, 2020 | A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected… | ||
| CVE-2020-1500 | Med | 0.35 | 5.4 | 0.02 | Aug 17, 2020 | A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected… | ||
| CVE-2020-1499 | Med | 0.35 | 5.4 | 0.02 | Aug 17, 2020 | A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected… | ||
| CVE-2020-1455 | Med | 0.35 | 5.3 | 0.01 | Aug 17, 2020 | A denial of service vulnerability exists when Microsoft SQL Server Management Studio (SSMS) improperly handles files. An attacker could exploit the vulnerability to trigger a denial of service. To exploit the vulnerability, an attacker would first require execution on the victim… | ||
| CVE-2020-1456 | Med | 0.35 | 5.4 | 0.02 | Jul 14, 2020 | A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-1450,… | ||
| CVE-2020-1454 | Med | 0.35 | 5.4 | 0.02 | Jul 14, 2020 | This vulnerability is caused when SharePoint Server does not properly sanitize a specially crafted request to an affected SharePoint server.An authenticated attacker could exploit this vulnerability by sending a specially crafted request to an affected SharePoint server, aka… | ||
| CVE-2020-1451 | Med | 0.35 | 5.4 | 0.02 | Jul 14, 2020 | A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-1450,… | ||
| CVE-2020-1450 | Med | 0.35 | 5.4 | 0.02 | Jul 14, 2020 | A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-1451,… | ||
| CVE-2020-1443 | Med | 0.35 | 5.4 | 0.02 | Jul 14, 2020 | A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft SharePoint Spoofing Vulnerability'. | ||
| CVE-2020-1434 | Med | 0.35 | 5.3 | 0.01 | Jul 14, 2020 | An elevation of privilege vulnerability exists in the way that the Windows Sync Host Service handles objects in memory, aka 'Windows Sync Host Service Elevation of Privilege Vulnerability'. | ||
| CVE-2020-1326 | Med | 0.35 | 5.4 | 0.02 | Jul 14, 2020 | A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server does not properly sanitize user provided input, aka 'Azure DevOps Server Cross-site Scripting Vulnerability'. | ||
| CVE-2020-1340 | Med | 0.35 | 5.4 | 0.02 | Jun 9, 2020 | A spoofing vulnerability exists when the NuGetGallery does not properly sanitize input on package metadata values, aka 'NuGetGallery Spoofing Vulnerability'. | ||
| CVE-2020-1331 | Med | 0.35 | 5.4 | 0.01 | Jun 9, 2020 | A spoofing vulnerability exists when System Center Operations Manager (SCOM) does not properly sanitize a specially crafted web request to an affected SCOM instance, aka 'System Center Operations Manager Spoofing Vulnerability'. | ||
| CVE-2020-1320 | Med | 0.35 | 5.4 | 0.02 | Jun 9, 2020 | A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-1177,… | ||
| CVE-2020-1318 | Med | 0.35 | 5.4 | 0.01 | Jun 9, 2020 | A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-1177,… | ||
| CVE-2020-1315 | Med | 0.35 | 5.3 | 0.04 | Jun 9, 2020 | An information disclosure vulnerability exists when Internet Explorer improperly handles objects in memory, aka 'Internet Explorer Information Disclosure Vulnerability'. | ||
| CVE-2020-1298 | Med | 0.35 | 5.4 | 0.02 | Jun 9, 2020 | A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-1177,… | ||
| CVE-2020-1297 | Med | 0.35 | 5.4 | 0.01 | Jun 9, 2020 | A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-1177,… | ||
| CVE-2020-1289 | Med | 0.35 | 5.4 | 0.01 | Jun 9, 2020 | A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft SharePoint Spoofing Vulnerability'. This CVE ID is unique from CVE-2020-1148. | ||
| CVE-2020-1242 | Med | 0.35 | 5.3 | 0.04 | Jun 9, 2020 | An information disclosure vulnerability exists in the way that Microsoft Edge handles cross-origin requests, aka 'Microsoft Edge Information Disclosure Vulnerability'. | ||
| CVE-2020-1183 | Med | 0.35 | 5.4 | 0.01 | Jun 9, 2020 | A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-1177,… | ||
| CVE-2020-1177 | Med | 0.35 | 5.4 | 0.01 | Jun 9, 2020 | A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-1183,… | ||
| CVE-2020-1148 | Med | 0.35 | 5.4 | 0.01 | Jun 9, 2020 | A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft SharePoint Spoofing Vulnerability'. This CVE ID is unique from CVE-2020-1289. | ||
| CVE-2020-1107 | Med | 0.35 | 5.4 | 0.01 | May 21, 2020 | A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft SharePoint Spoofing Vulnerability'. This CVE ID is unique from CVE-2020-1104, CVE-2020-1105. | ||
| CVE-2020-1105 | Med | 0.35 | 5.4 | 0.02 | May 21, 2020 | A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft SharePoint Spoofing Vulnerability'. This CVE ID is unique from CVE-2020-1104, CVE-2020-1107. | ||
| CVE-2020-1104 | Med | 0.35 | 5.4 | 0.02 | May 21, 2020 | A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft SharePoint Spoofing Vulnerability'. This CVE ID is unique from CVE-2020-1105, CVE-2020-1107. | ||
| CVE-2020-1101 | Med | 0.35 | 5.4 | 0.02 | May 21, 2020 | A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-1099,… |
- risk 0.35cvss 5.4epss 0.01
Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
- risk 0.35cvss 5.4epss 0.01
Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
- risk 0.35cvss 5.4epss 0.01
Azure Sphere Elevation of Privilege Vulnerability
- risk 0.35cvss 5.4epss 0.01
Azure Sphere Elevation of Privilege Vulnerability
- risk 0.35cvss 5.3epss 0.03
Microsoft SharePoint Information Disclosure Vulnerability
- risk 0.35cvss 5.4epss 0.01
A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to…
- risk 0.35cvss 5.4epss 0.01
A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to…
- risk 0.35cvss 5.3epss 0.01
A spoofing vulnerability exists when Windows incorrectly validates file signatures. An attacker who successfully exploited this vulnerability could bypass security features and load improperly signed files. In an attack scenario, an attacker could bypass security…
- risk 0.35cvss 5.3epss 0.03
An elevation of privilege vulnerability exists in the way Azure Functions validate access keys. An unauthenticated attacker who successfully exploited this vulnerability could invoke an HTTP Function without proper authorization. This security update addresses…
- risk 0.35cvss 5.3epss 0.01
A security feature bypass vulnerability exists in the PowerShellGet V2 module. An attacker who successfully exploited this vulnerability could bypass WDAC (Windows Defender Application Control) policy and execute arbitrary code on a policy locked-down machine. An…
- risk 0.35cvss 5.4epss 0.01
A information disclosure vulnerability exists when TLS components use weak hash algorithms. An attacker who successfully exploited this vulnerability could obtain information to further compromise a users's encrypted transmission channel. To exploit the vulnerability,…
- risk 0.35cvss 5.4epss 0.02
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to…
- risk 0.35cvss 5.4epss 0.02
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to…
- risk 0.35cvss 5.4epss 0.02
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to…
- risk 0.35cvss 5.4epss 0.02
A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to…
- risk 0.35cvss 5.4epss 0.02
A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to…
- risk 0.35cvss 5.4epss 0.02
A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to…
- risk 0.35cvss 5.4epss 0.02
A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to…
- risk 0.35cvss 5.4epss 0.02
A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to…
- risk 0.35cvss 5.4epss 0.02
A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to…
- risk 0.35cvss 5.3epss 0.01
A security feature bypass vulnerability exists when a Windows Projected Filesystem improperly handles file redirections. An attacker who successfully exploited this vulnerability could delete a targeted file they would not have permissions to. To exploit this…
- risk 0.35cvss 5.4epss 0.02
A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an…
- risk 0.35cvss 5.4epss 0.02
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an…
- risk 0.35cvss 5.4epss 0.02
A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected…
- risk 0.35cvss 5.4epss 0.02
A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected…
- risk 0.35cvss 5.4epss 0.02
A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected…
- risk 0.35cvss 5.3epss 0.01
A denial of service vulnerability exists when Microsoft SQL Server Management Studio (SSMS) improperly handles files. An attacker could exploit the vulnerability to trigger a denial of service. To exploit the vulnerability, an attacker would first require execution on the victim…
- risk 0.35cvss 5.4epss 0.02
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-1450,…
- risk 0.35cvss 5.4epss 0.02
This vulnerability is caused when SharePoint Server does not properly sanitize a specially crafted request to an affected SharePoint server.An authenticated attacker could exploit this vulnerability by sending a specially crafted request to an affected SharePoint server, aka…
- risk 0.35cvss 5.4epss 0.02
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-1450,…
- risk 0.35cvss 5.4epss 0.02
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-1451,…
- risk 0.35cvss 5.4epss 0.02
A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft SharePoint Spoofing Vulnerability'.
- risk 0.35cvss 5.3epss 0.01
An elevation of privilege vulnerability exists in the way that the Windows Sync Host Service handles objects in memory, aka 'Windows Sync Host Service Elevation of Privilege Vulnerability'.
- risk 0.35cvss 5.4epss 0.02
A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server does not properly sanitize user provided input, aka 'Azure DevOps Server Cross-site Scripting Vulnerability'.
- risk 0.35cvss 5.4epss 0.02
A spoofing vulnerability exists when the NuGetGallery does not properly sanitize input on package metadata values, aka 'NuGetGallery Spoofing Vulnerability'.
- risk 0.35cvss 5.4epss 0.01
A spoofing vulnerability exists when System Center Operations Manager (SCOM) does not properly sanitize a specially crafted web request to an affected SCOM instance, aka 'System Center Operations Manager Spoofing Vulnerability'.
- risk 0.35cvss 5.4epss 0.02
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-1177,…
- risk 0.35cvss 5.4epss 0.01
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-1177,…
- risk 0.35cvss 5.3epss 0.04
An information disclosure vulnerability exists when Internet Explorer improperly handles objects in memory, aka 'Internet Explorer Information Disclosure Vulnerability'.
- risk 0.35cvss 5.4epss 0.02
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-1177,…
- risk 0.35cvss 5.4epss 0.01
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-1177,…
- risk 0.35cvss 5.4epss 0.01
A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft SharePoint Spoofing Vulnerability'. This CVE ID is unique from CVE-2020-1148.
- risk 0.35cvss 5.3epss 0.04
An information disclosure vulnerability exists in the way that Microsoft Edge handles cross-origin requests, aka 'Microsoft Edge Information Disclosure Vulnerability'.
- risk 0.35cvss 5.4epss 0.01
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-1177,…
- risk 0.35cvss 5.4epss 0.01
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-1183,…
- risk 0.35cvss 5.4epss 0.01
A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft SharePoint Spoofing Vulnerability'. This CVE ID is unique from CVE-2020-1289.
- risk 0.35cvss 5.4epss 0.01
A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft SharePoint Spoofing Vulnerability'. This CVE ID is unique from CVE-2020-1104, CVE-2020-1105.
- risk 0.35cvss 5.4epss 0.02
A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft SharePoint Spoofing Vulnerability'. This CVE ID is unique from CVE-2020-1104, CVE-2020-1107.
- risk 0.35cvss 5.4epss 0.02
A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft SharePoint Spoofing Vulnerability'. This CVE ID is unique from CVE-2020-1105, CVE-2020-1107.
- risk 0.35cvss 5.4epss 0.02
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-1099,…
Page 182 of 287