Vulnerabilities > Microsoft > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-04-15 | CVE-2020-0984 | Improper Input Validation vulnerability in Microsoft Autoupdate An elevation of privilege vulnerability exists when the Microsoft AutoUpdate (MAU) application for Mac improperly validates updates before executing them, aka 'Microsoft (MAU) Office Elevation of Privilege Vulnerability'. | 7.8 |
| 2020-04-15 | CVE-2020-0983 | Unspecified vulnerability in Microsoft products An elevation of privilege vulnerability exists when the Windows Delivery Optimization service improperly handles objects in memory, aka 'Windows Elevation of Privilege Vulnerability'. | 7.8 |
| 2020-04-15 | CVE-2020-0981 | Incorrect Authorization vulnerability in Microsoft Windows 10 and Windows Server 2016 A security feature bypass vulnerability exists when Windows fails to properly handle token relationships.An attacker who successfully exploited the vulnerability could allow an application with a certain integrity level to execute code at a different integrity level, leading to a sandbox escape.The update addresses the vulnerability by correcting how Windows handles token relationships, aka 'Windows Token Security Feature Bypass Vulnerability'. | 8.8 |
| 2020-04-15 | CVE-2020-0980 | Unspecified vulnerability in Microsoft products A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote Code Execution Vulnerability'. | 7.8 |
| 2020-04-15 | CVE-2020-0979 | Unspecified vulnerability in Microsoft Office 365 Proplus A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'. | 8.8 |
| 2020-04-15 | CVE-2020-0974 | Unrestricted Upload of File with Dangerous Type vulnerability in Microsoft Sharepoint Enterprise Server and Sharepoint Server A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. | 8.8 |
| 2020-04-15 | CVE-2020-0971 | Unrestricted Upload of File with Dangerous Type vulnerability in Microsoft products A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. | 8.8 |
| 2020-04-15 | CVE-2020-0970 | Out-of-bounds Write vulnerability in Microsoft Chakracore A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'. | 7.5 |
| 2020-04-15 | CVE-2020-0969 | Out-of-bounds Write vulnerability in Microsoft Chakracore and Edge A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based), aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. | 7.5 |
| 2020-04-15 | CVE-2020-0968 | Out-of-bounds Write vulnerability in Microsoft Internet Explorer 11/9 A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory Corruption Vulnerability'. | 7.5 |