Vulnerabilities > Microsoft > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-07-14 | CVE-2020-1042 | Improper Input Validation vulnerability in Microsoft products A remote code execution vulnerability exists when Hyper-V RemoteFX vGPU on a host server fails to properly validate input from an authenticated user on a guest operating system, aka 'Hyper-V RemoteFX vGPU Remote Code Execution Vulnerability'. | 9.0 |
| 2020-07-14 | CVE-2020-1041 | Improper Input Validation vulnerability in Microsoft products A remote code execution vulnerability exists when Hyper-V RemoteFX vGPU on a host server fails to properly validate input from an authenticated user on a guest operating system, aka 'Hyper-V RemoteFX vGPU Remote Code Execution Vulnerability'. | 9.0 |
| 2020-07-14 | CVE-2020-1040 | Improper Input Validation vulnerability in Microsoft products A remote code execution vulnerability exists when Hyper-V RemoteFX vGPU on a host server fails to properly validate input from an authenticated user on a guest operating system, aka 'Hyper-V RemoteFX vGPU Remote Code Execution Vulnerability'. | 9.0 |
| 2020-07-14 | CVE-2020-1036 | Improper Input Validation vulnerability in Microsoft products A remote code execution vulnerability exists when Hyper-V RemoteFX vGPU on a host server fails to properly validate input from an authenticated user on a guest operating system, aka 'Hyper-V RemoteFX vGPU Remote Code Execution Vulnerability'. | 9.0 |
| 2020-07-14 | CVE-2020-1032 | Improper Input Validation vulnerability in Microsoft products A remote code execution vulnerability exists when Hyper-V RemoteFX vGPU on a host server fails to properly validate input from an authenticated user on a guest operating system, aka 'Hyper-V RemoteFX vGPU Remote Code Execution Vulnerability'. | 9.0 |
| 2020-07-14 | CVE-2020-1025 | Improper Input Validation vulnerability in Microsoft products An elevation of privilege vulnerability exists when Microsoft SharePoint Server and Skype for Business Server improperly handle OAuth token validation. | 9.8 |
| 2020-05-21 | CVE-2020-1112 | Unrestricted Upload of File with Dangerous Type vulnerability in Microsoft products An elevation of privilege vulnerability exists when the Windows Background Intelligent Transfer Service (BITS) IIS module improperly handles uploaded content, aka 'Windows Background Intelligent Transfer Service Elevation of Privilege Vulnerability'. | 9.9 |
| 2020-05-21 | CVE-2020-0901 | Unspecified vulnerability in Microsoft 365 Apps and Office A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'. | 9.8 |
| 2020-04-15 | CVE-2020-1026 | Improper Verification of Cryptographic Signature vulnerability in Microsoft Research Javascript Cryptography Library 1.4 A Security Feature Bypass vulnerability exists in the MSR JavaScript Cryptography Library that is caused by multiple bugs in the library’s Elliptic Curve Cryptography (ECC) implementation.An attacker could potentially abuse these bugs to learn information about a server’s private ECC key (a key leakage attack) or craft an invalid ECDSA signature that nevertheless passes as valid.The security update addresses the vulnerability by fixing the bugs disclosed in the ECC implementation, aka 'MSR JavaScript Cryptography Library Security Feature Bypass Vulnerability'. | 9.8 |
| 2020-03-12 | CVE-2020-0902 | Unspecified vulnerability in Microsoft Service Fabric An elevation of privilege vulnerability exists in Service Fabric File Store Service under certain conditions, aka 'Service Fabric Elevation of Privilege'. | 9.8 |