High

DATE	CVE	VULNERABILITY TITLE	RISK
2020-06-09	CVE-2020-0986	Out-of-bounds Write vulnerability in Microsoft products An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. local low complexity microsoft CWE-787	7.2
2020-06-09	CVE-2020-0916	Improper Privilege Management vulnerability in Microsoft products An elevation of privilege vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory, aka 'Windows GDI Elevation of Privilege Vulnerability'. local low complexity microsoft CWE-269	7.2
2020-06-09	CVE-2020-0915	Improper Privilege Management vulnerability in Microsoft products An elevation of privilege vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory, aka 'Windows GDI Elevation of Privilege Vulnerability'. local low complexity microsoft CWE-269	7.2
2020-06-08	CVE-2020-12695	Incorrect Default Permissions vulnerability in multiple products The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on a different network segment than the fully qualified event-subscription URL, aka the CallStranger issue. network high complexity ui w1-fi asus broadcom canon cisco dlink dell epson hp huawei nec netgear ruckussecurity tp-link zte zyxel microsoft fedoraproject debian canonical CWE-276	7.5
2020-05-21	CVE-2020-1166	Improper Privilege Management vulnerability in Microsoft Windows 10 and Windows Server 2016 An elevation of privilege vulnerability exists when Windows improperly handles calls to Clipboard Service, aka 'Windows Clipboard Service Elevation of Privilege Vulnerability'. local low complexity microsoft CWE-269	7.2
2020-05-21	CVE-2020-1165	Improper Privilege Management vulnerability in Microsoft Windows 10 and Windows Server 2016 An elevation of privilege vulnerability exists when Windows improperly handles calls to Clipboard Service, aka 'Windows Clipboard Service Elevation of Privilege Vulnerability'. local low complexity microsoft CWE-269	7.2
2020-05-21	CVE-2020-1154	Improper Privilege Management vulnerability in Microsoft products An elevation of privilege vulnerability exists when the Windows Common Log File System (CLFS) driver improperly handles objects in memory, aka 'Windows Common Log File System Driver Elevation of Privilege Vulnerability'. local low complexity microsoft CWE-269	7.2
2020-05-21	CVE-2020-1143	Improper Privilege Management vulnerability in Microsoft products An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. local low complexity microsoft CWE-269	7.2
2020-05-21	CVE-2020-1142	Improper Privilege Management vulnerability in Microsoft products An elevation of privilege vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory, aka 'Windows GDI Elevation of Privilege Vulnerability'. local low complexity microsoft CWE-269	7.2
2020-05-21	CVE-2020-1140	Improper Privilege Management vulnerability in Microsoft products An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory, aka 'DirectX Elevation of Privilege Vulnerability'. local low complexity microsoft CWE-269	7.2