Vulnerabilities > Microsoft > Windows 10 > Medium

DATE CVE VULNERABILITY TITLE RISK
2020-05-21 CVE-2020-1055 Cross-site Scripting vulnerability in Microsoft products
A cross-site-scripting (XSS) vulnerability exists when Active Directory Federation Services (ADFS) does not properly sanitize user inputs, aka 'Microsoft Active Directory Federation Services Cross-Site Scripting Vulnerability'.
network
low complexity
microsoft CWE-79
6.1
2020-05-21 CVE-2020-0963 Unspecified vulnerability in Microsoft products
An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'.
network
low complexity
microsoft
6.5
2020-04-15 CVE-2020-1016 Unspecified vulnerability in Microsoft products
An information disclosure vulnerability exists when the Windows Push Notification Service improperly handles objects in memory, aka 'Windows Push Notification Service Information Disclosure Vulnerability'.
local
low complexity
microsoft
5.5
2020-04-15 CVE-2020-1007 Unspecified vulnerability in Microsoft products
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'.
local
low complexity
microsoft
5.5
2020-04-15 CVE-2020-1005 Unspecified vulnerability in Microsoft products
An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory, aka 'Microsoft Graphics Component Information Disclosure Vulnerability'.
local
low complexity
microsoft
5.5
2020-04-15 CVE-2020-0993 Unspecified vulnerability in Microsoft products
A denial of service vulnerability exists in Windows DNS when it fails to properly handle queries, aka 'Windows DNS Denial of Service Vulnerability'.
network
low complexity
microsoft
6.5
2020-04-15 CVE-2020-0987 Out-of-bounds Read vulnerability in Microsoft products
An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory, aka 'Microsoft Graphics Component Information Disclosure Vulnerability'.
local
low complexity
microsoft CWE-125
5.5
2020-04-15 CVE-2020-0982 Unspecified vulnerability in Microsoft products
An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory, aka 'Microsoft Graphics Component Information Disclosure Vulnerability'.
local
low complexity
microsoft
5.5
2020-04-15 CVE-2020-0962 Unspecified vulnerability in Microsoft products
An information disclosure vulnerability exists when the win32k component improperly provides kernel information, aka 'Win32k Information Disclosure Vulnerability'.
local
low complexity
microsoft
5.5
2020-04-15 CVE-2020-0955 Unspecified vulnerability in Microsoft products
An information disclosure vulnerability exists when certain central processing units (CPU) speculatively access memory, aka 'Windows Kernel Information Disclosure in CPU Memory Access'.
local
low complexity
microsoft
5.5