Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2020-02-11	CVE-2020-0658	Unspecified vulnerability in Microsoft products An information disclosure vulnerability exists in the Windows Common Log File System (CLFS) driver when it fails to properly handle objects in memory, aka 'Windows Common Log File System Driver Information Disclosure Vulnerability'. local low complexity microsoft	5.5
2020-01-24	CVE-2019-1460	Unspecified vulnerability in Microsoft Outlook A spoofing vulnerability exists in the way Microsoft Outlook for Android software parses specifically crafted email messages, aka 'Outlook for Android Spoofing Vulnerability'. network low complexity microsoft	4.6
2020-01-24	CVE-2019-1454	Improper Privilege Management vulnerability in Microsoft products An elevation of privilege vulnerability exists when the Windows User Profile Service (ProfSvc) improperly handles symlinks, aka 'Windows User Profile Service Elevation of Privilege Vulnerability'. local low complexity microsoft CWE-269	5.5
2020-01-24	CVE-2018-8654	Improper Privilege Management vulnerability in Microsoft Dynamics 365 8.0 An elevation of privilege vulnerability exists in Microsoft Dynamics 365 Server, aka 'Microsoft Dynamics 365 Elevation of Privilege Vulnerability'. network low complexity microsoft CWE-269	6.5
2020-01-14	CVE-2020-0656	Cross-site Scripting vulnerability in Microsoft Dynamics 365 7.0 A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server, aka 'Microsoft Dynamics 365 (On-Premise) Cross Site Scripting Vulnerability'. network low complexity microsoft CWE-79	5.4
2020-01-14	CVE-2020-0647	Origin Validation Error vulnerability in Microsoft Office Online Server A spoofing vulnerability exists when Office Online does not validate origin in cross-origin communications correctly, aka 'Microsoft Office Online Spoofing Vulnerability'. network low complexity microsoft CWE-346	5.4
2020-01-14	CVE-2020-0643	Unspecified vulnerability in Microsoft products An information disclosure vulnerability exists in the way that the Windows Graphics Device Interface Plus (GDI+) handles objects in memory, allowing an attacker to retrieve information from a targeted system, aka 'Windows GDI+ Information Disclosure Vulnerability'. local low complexity microsoft	5.5
2020-01-14	CVE-2020-0639	Unspecified vulnerability in Microsoft products An information disclosure vulnerability exists in the Windows Common Log File System (CLFS) driver when it fails to properly handle objects in memory, aka 'Windows Common Log File System Driver Information Disclosure Vulnerability'. local low complexity microsoft	5.5
2020-01-14	CVE-2020-0637	Unspecified vulnerability in Microsoft products An information disclosure vulnerability exists when Remote Desktop Web Access improperly handles credential information, aka 'Remote Desktop Web Access Information Disclosure Vulnerability'. network low complexity microsoft	6.5
2020-01-14	CVE-2020-0622	Unspecified vulnerability in Microsoft Windows 10 and Windows Server 2016 An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory, aka 'Microsoft Graphics Component Information Disclosure Vulnerability'. local low complexity microsoft	5.5