Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-06-09 | CVE-2020-8322 | Unspecified vulnerability in Lenovo products A potential vulnerability in the SMI callback function used in the Legacy USB driver in some Lenovo Notebook and ThinkStation models may allow arbitrary code execution. | 4.6 |
| 2020-06-09 | CVE-2020-8321 | Unspecified vulnerability in Lenovo products A potential vulnerability in the SMI callback function used in the System Lock Preinstallation driver in some Lenovo Notebook and ThinkStation models may allow arbitrary code execution. | 4.6 |
| 2020-06-09 | CVE-2020-8320 | Improper Privilege Management vulnerability in Lenovo products An internal shell was included in BIOS image in some ThinkPad models that could allow escalation of privilege. | 4.6 |
| 2020-06-09 | CVE-2020-1348 | Information Exposure vulnerability in Microsoft products An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. | 4.3 |
| 2020-06-09 | CVE-2020-1343 | Information Exposure vulnerability in Microsoft Visual Studio Live Share An information disclosure vulnerability exists in Visual Studio Code Live Share Extension when it exposes tokens in plain text, aka 'Visual Studio Code Live Share Information Disclosure Vulnerability'. | 5.0 |
| 2020-06-09 | CVE-2020-1340 | Cross-site Scripting vulnerability in Microsoft Nugetgallery A spoofing vulnerability exists when the NuGetGallery does not properly sanitize input on package metadata values, aka 'NuGetGallery Spoofing Vulnerability'. | 3.5 |
| 2020-06-09 | CVE-2020-1334 | Improper Privilege Management vulnerability in Microsoft products An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka 'Windows Runtime Elevation of Privilege Vulnerability'. | 4.6 |
| 2020-06-09 | CVE-2020-1331 | Authentication Bypass by Spoofing vulnerability in Microsoft System Center Operations Manager A spoofing vulnerability exists when System Center Operations Manager (SCOM) does not properly sanitize a specially crafted web request to an affected SCOM instance, aka 'System Center Operations Manager Spoofing Vulnerability'. | 3.5 |
| 2020-06-09 | CVE-2020-1329 | Authentication Bypass by Spoofing vulnerability in Microsoft Bing A spoofing vulnerability exists when Microsoft Bing Search for Android improperly handles specific HTML content, aka 'Microsoft Bing Search Spoofing Vulnerability'. | 4.3 |
| 2020-06-09 | CVE-2020-1327 | Injection vulnerability in Microsoft Azure Devops Server 2019/2019.0.1 A spoofing vulnerability exists in Microsoft Azure DevOps Server when it fails to properly handle web requests, aka 'Azure DevOps Server HTML Injection Vulnerability'. | 4.3 |