Vulnerabilities > Microsoft > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-01-14 | CVE-2020-0651 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Excel and Office 365 Proplus A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'. | 9.3 |
| 2020-01-14 | CVE-2020-0650 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Excel and Office 365 Proplus A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'. | 9.3 |
| 2020-01-14 | CVE-2020-0646 | XML Injection (aka Blind XPath Injection) vulnerability in Microsoft .Net Framework A remote code execution vulnerability exists when the Microsoft .NET Framework fails to validate input properly, aka '.NET Framework Remote Code Execution Injection Vulnerability'. | 10.0 |
| 2020-01-14 | CVE-2020-0610 | Improper Input Validation vulnerability in Microsoft products A remote code execution vulnerability exists in Windows Remote Desktop Gateway (RD Gateway) when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Windows Remote Desktop Gateway (RD Gateway) Remote Code Execution Vulnerability'. | 10.0 |
| 2020-01-14 | CVE-2020-0609 | Improper Input Validation vulnerability in Microsoft products A remote code execution vulnerability exists in Windows Remote Desktop Gateway (RD Gateway) when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Windows Remote Desktop Gateway (RD Gateway) Remote Code Execution Vulnerability'. | 10.0 |
| 2020-01-14 | CVE-2020-0606 | Improper Input Validation vulnerability in Microsoft .Net Core and .Net Framework A remote code execution vulnerability exists in .NET software when the software fails to check the source markup of a file.An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user, aka '.NET Framework Remote Code Execution Vulnerability'. | 9.3 |
| 2020-01-14 | CVE-2020-0605 | Improper Input Validation vulnerability in Microsoft .Net Core and .Net Framework A remote code execution vulnerability exists in .NET software when the software fails to check the source markup of a file.An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user, aka '.NET Framework Remote Code Execution Vulnerability'. | 9.3 |
| 2020-01-14 | CVE-2020-0603 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A remote code execution vulnerability exists in ASP.NET Core software when the software fails to handle objects in memory.An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user, aka 'ASP.NET Core Remote Code Execution Vulnerability'. | 9.3 |
| 2020-01-10 | CVE-2012-4603 | Improper Input Validation vulnerability in Citrix Receiver and Xenapp Online Citrix XenApp Online Plug-in for Windows 12.1 and earlier, and Citrix Receiver for Windows 3.2 and earlier could allow remote attackers to execute arbitrary code by convincing a target to open a specially crafted file from an SMB or WebDAV fileserver. | 9.3 |
| 2020-01-09 | CVE-2012-2950 | Unrestricted Upload of File with Dangerous Type vulnerability in Gatewaygeomatics Mapserver Gateway Geomatics MapServer for Windows before 3.0.6 contains a Local File Include Vulnerability which allows remote attackers to execute local PHP code and obtain sensitive information. | 9.3 |