Vulnerabilities > Microsoft > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-04-13 | CVE-2021-28312 | Unspecified vulnerability in Microsoft products Windows NTFS Denial of Service Vulnerability | 3.3 |
| 2021-01-11 | CVE-2020-24003 | Unspecified vulnerability in Microsoft Skype 8.59.0.77 Microsoft Skype through 8.59.0.77 on macOS has the disable-library-validation entitlement, which allows a local process (with the user's privileges) to obtain unprompted microphone and camera access by loading a crafted library and thereby inheriting Skype Client's microphone and camera access. | 2.1 |
| 2020-12-22 | CVE-2020-35609 | Injection vulnerability in Microsoft Azure Sphere 20.05 A denial-of-service vulnerability exists in the asynchronous ioctl functionality of Microsoft Azure Sphere 20.05. | 2.1 |
| 2020-12-10 | CVE-2020-17097 | Unspecified vulnerability in Microsoft products Windows Digital Media Receiver Elevation of Privilege Vulnerability | 3.3 |
| 2020-12-09 | CVE-2020-10146 | Cross-site Scripting vulnerability in Microsoft Teams The Microsoft Teams online service contains a stored cross-site scripting vulnerability in the displayName parameter that can be exploited on Teams clients to obtain sensitive information such as authentication tokens and to possibly execute arbitrary commands. | 3.5 |
| 2020-12-08 | CVE-2020-26233 | Use of Incorrectly-Resolved Name or Reference vulnerability in Microsoft GIT Credential Manager Core Git Credential Manager Core (GCM Core) is a secure Git credential helper built on .NET Core that runs on Windows and macOS. | 3.6 |
| 2020-11-11 | CVE-2020-17020 | Unspecified vulnerability in Microsoft 365 Apps, Office and Word Microsoft Word Security Feature Bypass Vulnerability | 3.3 |
| 2020-07-14 | CVE-2020-1326 | Cross-site Scripting vulnerability in Microsoft Azure Devops Server 2019/2019.0.1 A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server does not properly sanitize user provided input, aka 'Azure DevOps Server Cross-site Scripting Vulnerability'. | 3.5 |
| 2020-07-14 | CVE-2020-1330 | Information Exposure vulnerability in Microsoft products An information disclosure vulnerability exists when Windows Mobile Device Management (MDM) Diagnostics improperly handles junctions, aka 'Windows Mobile Device Management Diagnostics Information Disclosure Vulnerability'. | 2.1 |
| 2020-07-14 | CVE-2020-1333 | Improper Privilege Management vulnerability in Microsoft products An elevation of privilege vulnerability exists when Group Policy Services Policy Processing improperly handle reparse points, aka 'Group Policy Services Policy Processing Elevation of Privilege Vulnerability'. | 3.7 |