Vulnerabilities > Microsoft > Windows Server 2016 > Low

DATE CVE VULNERABILITY TITLE RISK
2020-06-09 CVE-2020-1204 Improper Privilege Management vulnerability in Microsoft products
An elevation of privilege vulnerability exists when Windows Mobile Device Management (MDM) Diagnostics improperly handles junctions, aka 'Windows Mobile Device Management Diagnostics Elevation of Privilege Vulnerability'.
local
low complexity
microsoft CWE-269
3.6
2020-06-09 CVE-2020-1261 Information Exposure vulnerability in Microsoft products
An information disclosure vulnerability exists in the way Windows Error Reporting (WER) handles objects in memory, aka 'Windows Error Reporting Information Disclosure Vulnerability'.
local
low complexity
microsoft CWE-200
2.1
2020-06-09 CVE-2020-1263 Information Exposure vulnerability in Microsoft products
An information disclosure vulnerability exists in the way Windows Error Reporting (WER) handles objects in memory, aka 'Windows Error Reporting Information Disclosure Vulnerability'.
local
low complexity
microsoft CWE-200
2.1
2020-06-09 CVE-2020-1268 Information Exposure vulnerability in Microsoft Windows 10 and Windows Server 2016
An information disclosure vulnerability exists when a Windows service improperly handles objects in memory, aka 'Windows Service Information Disclosure Vulnerability'.
local
low complexity
microsoft CWE-200
2.1
2020-06-09 CVE-2020-1290 Information Exposure vulnerability in Microsoft products
An information disclosure vulnerability exists when the win32k component improperly provides kernel information, aka 'Win32k Information Disclosure Vulnerability'.
local
low complexity
microsoft CWE-200
2.1
2020-06-09 CVE-2020-1296 Information Exposure vulnerability in Microsoft products
A vulnerability exists in the way the Windows Diagnostics & feedback settings app handles objects in memory, aka 'Windows Diagnostics & feedback Information Disclosure Vulnerability'.
local
low complexity
microsoft CWE-200
2.1
2020-05-21 CVE-2020-1072 Information Exposure vulnerability in Microsoft products
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'.
local
low complexity
microsoft CWE-200
2.1
2020-05-21 CVE-2020-1075 Information Exposure vulnerability in Microsoft products
An information disclosure vulnerability exists when Windows Subsystem for Linux improperly handles objects in memory, aka 'Windows Subsystem for Linux Information Disclosure Vulnerability'.
local
low complexity
microsoft CWE-200
2.1
2020-05-21 CVE-2020-1076 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft products
A denial of service vulnerability exists when Windows improperly handles objects in memory, aka 'Windows Denial of Service Vulnerability'.
local
low complexity
microsoft CWE-119
2.1
2020-05-21 CVE-2020-1084 Incorrect Permission Assignment for Critical Resource vulnerability in Microsoft products
A Denial Of Service vulnerability exists when Connected User Experiences and Telemetry Service fails to validate certain function values.An attacker who successfully exploited this vulnerability could deny dependent security feature functionality.To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application.The security update addresses the vulnerability by correcting how the Connected User Experiences and Telemetry Service validates certain function values., aka 'Connected User Experiences and Telemetry Service Denial of Service Vulnerability'.
local
low complexity
microsoft CWE-732
2.1