Vulnerabilities > Microsoft > Medium

DATE CVE VULNERABILITY TITLE RISK
2020-04-15 CVE-2020-0947 Unspecified vulnerability in Microsoft Windows 10 and Windows Server 2016
An information disclosure vulnerability exists when Media Foundation improperly handles objects in memory, aka 'Media Foundation Information Disclosure Vulnerability'.
local
low complexity
microsoft
5.5
5.5
2020-04-15 CVE-2020-0946 Unspecified vulnerability in Microsoft products
An information disclosure vulnerability exists when Media Foundation improperly handles objects in memory, aka 'Media Foundation Information Disclosure Vulnerability'.
local
low complexity
microsoft
5.5
5.5
2020-04-15 CVE-2020-0945 Unspecified vulnerability in Microsoft products
An information disclosure vulnerability exists when Media Foundation improperly handles objects in memory, aka 'Media Foundation Information Disclosure Vulnerability'.
local
low complexity
microsoft
5.5
5.5
2020-04-15 CVE-2020-0943 Unspecified vulnerability in Microsoft Your Phone Companion
An authentication bypass vulnerability exists in Microsoft YourPhoneCompanion application for Android, in the way the application processes notifications generated by work profiles.This could allow an unauthenticated attacker to view notifications, aka 'Microsoft YourPhone Application for Android Authentication Bypass Vulnerability'.
low complexity
microsoft
4.6
4.6
2020-04-15 CVE-2020-0939 Unspecified vulnerability in Microsoft Windows 10 and Windows Server 2016
An information disclosure vulnerability exists when Media Foundation improperly handles objects in memory, aka 'Media Foundation Information Disclosure Vulnerability'.
local
low complexity
microsoft
5.5
5.5
2020-04-15 CVE-2020-0937 Unspecified vulnerability in Microsoft products
An information disclosure vulnerability exists when Media Foundation improperly handles objects in memory, aka 'Media Foundation Information Disclosure Vulnerability'.
local
low complexity
microsoft
5.5
5.5
2020-04-15 CVE-2020-0935 Improper Privilege Management vulnerability in Microsoft Onedrive
An elevation of privilege vulnerability exists when the OneDrive for Windows Desktop application improperly handles symbolic links, aka 'OneDrive for Windows Elevation of Privilege Vulnerability'.
local
low complexity
microsoft CWE-269
5.5
5.5
2020-04-15 CVE-2020-0933 Cross-site Scripting vulnerability in Microsoft products
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'.
network
low complexity
microsoft CWE-79
5.4
5.4
2020-04-15 CVE-2020-0930 Cross-site Scripting vulnerability in Microsoft Sharepoint Enterprise Server and Sharepoint Server
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'.
network
low complexity
microsoft CWE-79
5.4
5.4
2020-04-15 CVE-2020-0927 Cross-site Scripting vulnerability in Microsoft Sharepoint Enterprise Server and Sharepoint Server
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'.
network
low complexity
microsoft CWE-79
5.4
5.4