Vulnerabilities > Microsoft > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-05-21 | CVE-2020-1055 | Cross-site Scripting vulnerability in Microsoft products A cross-site-scripting (XSS) vulnerability exists when Active Directory Federation Services (ADFS) does not properly sanitize user inputs, aka 'Microsoft Active Directory Federation Services Cross-Site Scripting Vulnerability'. | 6.1 |
| 2020-05-21 | CVE-2020-0963 | Unspecified vulnerability in Microsoft products An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. | 6.5 |
| 2020-04-15 | CVE-2020-1050 | Cross-site Scripting vulnerability in Microsoft Dynamics 365 Server 9.0 A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server, aka 'Microsoft Dynamics 365 (On-Premise) Cross Site Scripting Vulnerability'. | 6.1 |
| 2020-04-15 | CVE-2020-1049 | Cross-site Scripting vulnerability in Microsoft Dynamics 365 Server 9.0 A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server, aka 'Microsoft Dynamics 365 (On-Premise) Cross Site Scripting Vulnerability'. | 5.4 |
| 2020-04-15 | CVE-2020-1016 | Unspecified vulnerability in Microsoft products An information disclosure vulnerability exists when the Windows Push Notification Service improperly handles objects in memory, aka 'Windows Push Notification Service Information Disclosure Vulnerability'. | 5.5 |
| 2020-04-15 | CVE-2020-1007 | Unspecified vulnerability in Microsoft products An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. | 5.5 |
| 2020-04-15 | CVE-2020-1005 | Unspecified vulnerability in Microsoft products An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory, aka 'Microsoft Graphics Component Information Disclosure Vulnerability'. | 5.5 |
| 2020-04-15 | CVE-2020-0993 | Unspecified vulnerability in Microsoft products A denial of service vulnerability exists in Windows DNS when it fails to properly handle queries, aka 'Windows DNS Denial of Service Vulnerability'. | 6.5 |
| 2020-04-15 | CVE-2020-0987 | Out-of-bounds Read vulnerability in Microsoft products An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory, aka 'Microsoft Graphics Component Information Disclosure Vulnerability'. | 5.5 |
| 2020-04-15 | CVE-2020-0982 | Unspecified vulnerability in Microsoft products An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory, aka 'Microsoft Graphics Component Information Disclosure Vulnerability'. | 5.5 |