Vulnerabilities
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-06-09 | CVE-2020-1160 | Information Exposure vulnerability in Microsoft products An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory, aka 'Microsoft Graphics Component Information Disclosure Vulnerability'. | 2.1 |
2020-06-09 | CVE-2020-1148 | Cross-site Scripting vulnerability in Microsoft Sharepoint Enterprise Server and Sharepoint Server A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft SharePoint Spoofing Vulnerability'. | 3.5 |
2020-06-09 | CVE-2020-1120 | Improper Input Validation vulnerability in Microsoft Windows 10 2004 A denial of service vulnerability exists when Connected User Experiences and Telemetry Service improperly handles file operations, aka 'Connected User Experiences and Telemetry Service Denial of Service Vulnerability'. | 4.9 |
2020-06-09 | CVE-2020-1073 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Chakracore and Edge A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'. | 9.3 |
2020-06-09 | CVE-2020-0986 | Out-of-bounds Write vulnerability in Microsoft products An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. | 7.2 |
2020-06-09 | CVE-2020-0916 | Improper Privilege Management vulnerability in Microsoft products An elevation of privilege vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory, aka 'Windows GDI Elevation of Privilege Vulnerability'. | 7.2 |
2020-06-09 | CVE-2020-0915 | Improper Privilege Management vulnerability in Microsoft products An elevation of privilege vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory, aka 'Windows GDI Elevation of Privilege Vulnerability'. | 7.2 |
2020-06-09 | CVE-2019-6196 | Untrusted Search Path vulnerability in Lenovo Installation Package A symbolic link vulnerability in some Lenovo installation packages, prior to version 1.2.9.3, could allow privileged file operations during file extraction and installation. | 6.9 |
2020-06-09 | CVE-2019-6173 | Untrusted Search Path vulnerability in Lenovo Installation Package A DLL search path vulnerability could allow privilege escalation in some Lenovo installation packages, prior to version 1.2.9.3, during installation if an attacker already has administrative privileges. | 6.9 |
2020-06-09 | CVE-2020-7456 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products In FreeBSD 12.1-STABLE before r361918, 12.1-RELEASE before p6, 11.4-STABLE before r361919, 11.3-RELEASE before p10, and 11.4-RC2 before p1, an invalid memory location may be used for HID items if the push/pop level is not restored within the processing of that HID item allowing an attacker with physical access to a USB port to be able to use a specially crafted USB device to gain kernel or user-space code execution. | 7.2 |