Vulnerabilities > Microsoft > Windows 10 > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-09-11 | CVE-2020-0904 | Improper Input Validation vulnerability in Microsoft products <p>A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate specific malicious data from a user on a guest operating system.</p> <p>To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system, running as a virtual machine, could run a specially crafted application.</p> <p>The security update addresses the vulnerability by resolving the conditions where Hyper-V would fail to handle these requests.</p> | 6.5 |
| 2020-09-11 | CVE-2020-0890 | Unspecified vulnerability in Microsoft products <p>A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate specific malicious data from a user on a guest operating system.</p> <p>To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system, running as a virtual machine, could run a specially crafted application.</p> <p>The security update addresses the vulnerability by resolving the conditions where Hyper-V would fail to handle these requests.</p> | 6.5 |
| 2020-09-11 | CVE-2020-0875 | Unspecified vulnerability in Microsoft products <p>An information disclosure vulnerability exists in how splwow64.exe handles certain calls. | 5.5 |
| 2020-09-11 | CVE-2020-0837 | Unspecified vulnerability in Microsoft products <p>An elevation of privilege vulnerability exists when Active Directory Federation Services (ADFS) improperly handles multi-factor authentication requests. | 5.0 |
| 2020-09-11 | CVE-2020-0805 | Unspecified vulnerability in Microsoft Windows 10 and Windows Server 2016 <p>A security feature bypass vulnerability exists when a Windows Projected Filesystem improperly handles file redirections. | 5.3 |
| 2020-08-17 | CVE-2020-1578 | Unspecified vulnerability in Microsoft products An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (ASLR) bypass. | 4.7 |
| 2020-08-17 | CVE-2020-1574 | Unspecified vulnerability in Microsoft Windows 10 1909/2004 A remote code execution vulnerability exists in the way that Microsoft Windows Codecs Library handles objects in memory. | 5.5 |
| 2020-08-17 | CVE-2020-1566 | Unspecified vulnerability in Microsoft products An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. | 4.2 |
| 2020-08-17 | CVE-2020-1510 | Information Exposure vulnerability in Microsoft Windows 10 An information disclosure vulnerability exists when the win32k component improperly provides kernel information. | 5.5 |
| 2020-08-17 | CVE-2020-1485 | Unspecified vulnerability in Microsoft products An information disclosure vulnerability exists when the Windows Image Acquisition (WIA) Service improperly discloses contents of its memory. | 5.5 |