Vulnerabilities > Microsoft > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-04-15 | CVE-2020-0992 | Unspecified vulnerability in Microsoft products A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. | 7.8 |
| 2020-04-15 | CVE-2020-0991 | Unspecified vulnerability in Microsoft Office and Office 365 Proplus A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory, aka 'Microsoft Office Remote Code Execution Vulnerability'. | 7.8 |
| 2020-04-15 | CVE-2020-0988 | Unspecified vulnerability in Microsoft products A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. | 7.8 |
| 2020-04-15 | CVE-2020-0985 | Unspecified vulnerability in Microsoft products An elevation of privilege vulnerability exists when the Windows Update Stack fails to properly handle objects in memory, aka 'Windows Update Stack Elevation of Privilege Vulnerability'. | 7.8 |
| 2020-04-15 | CVE-2020-0984 | Improper Input Validation vulnerability in Microsoft Autoupdate An elevation of privilege vulnerability exists when the Microsoft AutoUpdate (MAU) application for Mac improperly validates updates before executing them, aka 'Microsoft (MAU) Office Elevation of Privilege Vulnerability'. | 7.8 |
| 2020-04-15 | CVE-2020-0983 | Unspecified vulnerability in Microsoft products An elevation of privilege vulnerability exists when the Windows Delivery Optimization service improperly handles objects in memory, aka 'Windows Elevation of Privilege Vulnerability'. | 7.8 |
| 2020-04-15 | CVE-2020-0981 | Incorrect Authorization vulnerability in Microsoft Windows 10 and Windows Server 2016 A security feature bypass vulnerability exists when Windows fails to properly handle token relationships.An attacker who successfully exploited the vulnerability could allow an application with a certain integrity level to execute code at a different integrity level, leading to a sandbox escape.The update addresses the vulnerability by correcting how Windows handles token relationships, aka 'Windows Token Security Feature Bypass Vulnerability'. | 8.8 |
| 2020-04-15 | CVE-2020-0980 | Unspecified vulnerability in Microsoft products A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote Code Execution Vulnerability'. | 7.8 |
| 2020-04-15 | CVE-2020-0979 | Unspecified vulnerability in Microsoft Office 365 Proplus A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'. | 8.8 |
| 2020-04-15 | CVE-2020-0974 | Unrestricted Upload of File with Dangerous Type vulnerability in Microsoft Sharepoint Enterprise Server and Sharepoint Server A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. | 8.8 |