Vulnerabilities > Microsoft > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-07-14 | CVE-2020-1333 | Unspecified vulnerability in Microsoft products An elevation of privilege vulnerability exists when Group Policy Services Policy Processing improperly handle reparse points, aka 'Group Policy Services Policy Processing Elevation of Privilege Vulnerability'. | 6.7 |
| 2020-07-14 | CVE-2020-1330 | Unspecified vulnerability in Microsoft products An information disclosure vulnerability exists when Windows Mobile Device Management (MDM) Diagnostics improperly handles junctions, aka 'Windows Mobile Device Management Diagnostics Information Disclosure Vulnerability'. | 5.5 |
| 2020-07-14 | CVE-2020-1326 | Cross-site Scripting vulnerability in Microsoft Azure Devops Server 2019/2019.0.1 A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server does not properly sanitize user provided input, aka 'Azure DevOps Server Cross-site Scripting Vulnerability'. | 5.4 |
| 2020-07-14 | CVE-2020-1267 | Unspecified vulnerability in Microsoft products This security update corrects a denial of service in the Local Security Authority Subsystem Service (LSASS) caused when an authenticated attacker sends a specially crafted authentication request, aka 'Local Security Authority Subsystem Service Denial of Service Vulnerability'. | 4.9 |
| 2020-06-09 | CVE-2020-1348 | Unspecified vulnerability in Microsoft products An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. | 6.5 |
| 2020-06-09 | CVE-2020-1343 | Cleartext Transmission of Sensitive Information vulnerability in Microsoft Visual Studio Live Share An information disclosure vulnerability exists in Visual Studio Code Live Share Extension when it exposes tokens in plain text, aka 'Visual Studio Code Live Share Information Disclosure Vulnerability'. | 5.9 |
| 2020-06-09 | CVE-2020-1340 | Cross-site Scripting vulnerability in Microsoft Nugetgallery A spoofing vulnerability exists when the NuGetGallery does not properly sanitize input on package metadata values, aka 'NuGetGallery Spoofing Vulnerability'. | 5.4 |
| 2020-06-09 | CVE-2020-1331 | Authentication Bypass by Spoofing vulnerability in Microsoft System Center Operations Manager A spoofing vulnerability exists when System Center Operations Manager (SCOM) does not properly sanitize a specially crafted web request to an affected SCOM instance, aka 'System Center Operations Manager Spoofing Vulnerability'. | 5.4 |
| 2020-06-09 | CVE-2020-1329 | Authentication Bypass by Spoofing vulnerability in Microsoft Bing A spoofing vulnerability exists when Microsoft Bing Search for Android improperly handles specific HTML content, aka 'Microsoft Bing Search Spoofing Vulnerability'. | 6.5 |
| 2020-06-09 | CVE-2020-1327 | Cross-site Scripting vulnerability in Microsoft Azure Devops Server 2019/2019.0.1 A spoofing vulnerability exists in Microsoft Azure DevOps Server when it fails to properly handle web requests, aka 'Azure DevOps Server HTML Injection Vulnerability'. | 6.1 |