ReportizFlow
Filtered by vendor Microsoft
Subscriptions
Filtered by product Windows 8.1
Subscriptions
Total
2881 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-17032 | 1 Microsoft | 17 Windows 10, Windows 10 1507, Windows 10 1607 and 14 more | 2024-11-21 | 7.8 High |
| Windows Remote Access Elevation of Privilege Vulnerability | ||||
| CVE-2020-17031 | 1 Microsoft | 17 Windows 10, Windows 10 1507, Windows 10 1607 and 14 more | 2024-11-21 | 7.8 High |
| Windows Remote Access Elevation of Privilege Vulnerability | ||||
| CVE-2020-17029 | 1 Microsoft | 20 Windows 10, Windows 10 1507, Windows 10 1607 and 17 more | 2024-11-21 | 5.5 Medium |
| Windows Canonical Display Driver Information Disclosure Vulnerability | ||||
| CVE-2020-17028 | 1 Microsoft | 17 Windows 10, Windows 10 1507, Windows 10 1607 and 14 more | 2024-11-21 | 7.8 High |
| Windows Remote Access Elevation of Privilege Vulnerability | ||||
| CVE-2020-17027 | 1 Microsoft | 17 Windows 10, Windows 10 1507, Windows 10 1607 and 14 more | 2024-11-21 | 7.8 High |
| Windows Remote Access Elevation of Privilege Vulnerability | ||||
| CVE-2020-17026 | 1 Microsoft | 17 Windows 10, Windows 10 1507, Windows 10 1607 and 14 more | 2024-11-21 | 7.8 High |
| Windows Remote Access Elevation of Privilege Vulnerability | ||||
| CVE-2020-17025 | 1 Microsoft | 17 Windows 10, Windows 10 1507, Windows 10 1607 and 14 more | 2024-11-21 | 7.8 High |
| Windows Remote Access Elevation of Privilege Vulnerability | ||||
| CVE-2020-17024 | 1 Microsoft | 17 Windows 10, Windows 10 1507, Windows 10 1607 and 14 more | 2024-11-21 | 7.8 High |
| Windows Client Side Rendering Print Provider Elevation of Privilege Vulnerability | ||||
| CVE-2020-17014 | 1 Microsoft | 21 Windows 10, Windows 10 1507, Windows 10 1607 and 18 more | 2024-11-21 | 7.8 High |
| Windows Print Spooler Elevation of Privilege Vulnerability | ||||
| CVE-2020-17011 | 1 Microsoft | 21 Windows 10, Windows 10 1507, Windows 10 1607 and 18 more | 2024-11-21 | 7.8 High |
| Windows Port Class Library Elevation of Privilege Vulnerability | ||||
| CVE-2020-17004 | 1 Microsoft | 21 Windows 10, Windows 10 1507, Windows 10 1607 and 18 more | 2024-11-21 | 5.5 Medium |
| Windows Graphics Component Information Disclosure Vulnerability | ||||
| CVE-2020-17001 | 1 Microsoft | 21 Windows 10, Windows 10 1507, Windows 10 1607 and 18 more | 2024-11-21 | 7.8 High |
| Windows Print Spooler Elevation of Privilege Vulnerability | ||||
| CVE-2020-17000 | 1 Microsoft | 16 Windows 10, Windows 10 1507, Windows 10 1607 and 13 more | 2024-11-21 | 5.5 Medium |
| Remote Desktop Protocol Client Information Disclosure Vulnerability | ||||
| CVE-2020-16997 | 1 Microsoft | 20 Windows 10, Windows 10 1507, Windows 10 1607 and 17 more | 2024-11-21 | 7.7 High |
| Remote Desktop Protocol Server Information Disclosure Vulnerability | ||||
| CVE-2020-16949 | 1 Microsoft | 11 365 Apps, Office, Outlook and 8 more | 2024-11-21 | 4.7 Medium |
| <p>A denial of service vulnerability exists in Microsoft Outlook software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could cause a remote denial of service against a system.</p> <p>Exploitation of the vulnerability requires that a specially crafted email be sent to a vulnerable Outlook server.</p> <p>The security update addresses the vulnerability by correcting how Microsoft Outlook handles objects in memory.</p> | ||||
| CVE-2020-16940 | 1 Microsoft | 19 Windows 10, Windows 10 1507, Windows 10 1607 and 16 more | 2024-11-21 | 7.8 High |
| <p>An elevation of privilege vulnerability exists when the Windows User Profile Service (ProfSvc) improperly handles junction points. An attacker who successfully exploited this vulnerability could delete files and folders in an elevated context.</p> <p>To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and delete files or folders of their choosing.</p> <p>The security update addresses the vulnerability by correcting how the Windows User Profile Service handles junction points.</p> | ||||
| CVE-2020-16939 | 1 Microsoft | 19 Windows 10, Windows 10 1507, Windows 10 1607 and 16 more | 2024-11-21 | 7.8 High |
| <p>An elevation of privilege vulnerability exists when Group Policy improperly checks access. An attacker who successfully exploited this vulnerability could run processes in an elevated context.</p> <p>To exploit the vulnerability, an attacker would first have to log on to the system, and then run a specially crafted application to take control over the affected system.</p> <p>The security update addresses the vulnerability by correcting how Group Policy checks access.</p> | ||||
| CVE-2020-16937 | 1 Microsoft | 10 .net, .net Framework, Windows 10 and 7 more | 2024-11-21 | 4.7 Medium |
| <p>An information disclosure vulnerability exists when the .NET Framework improperly handles objects in memory. An attacker who successfully exploited the vulnerability could disclose contents of an affected system's memory.</p> <p>To exploit the vulnerability, an authenticated attacker would need to run a specially crafted application.</p> <p>The update addresses the vulnerability by correcting how the .NET Framework handles objects in memory.</p> | ||||
| CVE-2020-16935 | 1 Microsoft | 19 Windows 10, Windows 10 1507, Windows 10 1607 and 16 more | 2024-11-21 | 7.8 High |
| <p>An elevation of privilege vulnerability exists when Windows improperly handles COM object creation. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges.</p> <p>To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system.</p> <p>The update addresses the vulnerability by correcting how the Windows COM Server creates COM objects.</p> | ||||
| CVE-2020-16933 | 1 Microsoft | 11 365 Apps, Office, Windows 10 and 8 more | 2024-11-21 | 7 High |
| <p>A security feature bypass vulnerability exists in Microsoft Word software when it fails to properly handle .LNK files. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the file could then take actions on behalf of the logged-on user with the same permissions as the current user.</p> <p>To exploit the vulnerability, a user must open a specially crafted file with an affected version of Microsoft Word software. In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted file to the user and convincing the user to open the file. In a web-based attack scenario, an attacker could host a website (or leverage a compromised website that accepts or hosts user-provided content) that contains a specially crafted file that is designed to exploit the vulnerability. However, an attacker would have no way to force the user to visit the website. Instead, an attacker would have to convince the user to click a link, typically by way of an enticement in an email or Instant Messenger message, and then convince the user to open the specially crafted file.</p> <p>The security update addresses the vulnerability by correcting how Microsoft Word handles these files.</p> | ||||