Filtered by vendor Microsoft Subscriptions
Filtered by product Windows 8.1 Subscriptions
Total 2881 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2020-17032 1 Microsoft 17 Windows 10, Windows 10 1507, Windows 10 1607 and 14 more 2024-11-21 7.8 High
Windows Remote Access Elevation of Privilege Vulnerability
CVE-2020-17031 1 Microsoft 17 Windows 10, Windows 10 1507, Windows 10 1607 and 14 more 2024-11-21 7.8 High
Windows Remote Access Elevation of Privilege Vulnerability
CVE-2020-17029 1 Microsoft 20 Windows 10, Windows 10 1507, Windows 10 1607 and 17 more 2024-11-21 5.5 Medium
Windows Canonical Display Driver Information Disclosure Vulnerability
CVE-2020-17028 1 Microsoft 17 Windows 10, Windows 10 1507, Windows 10 1607 and 14 more 2024-11-21 7.8 High
Windows Remote Access Elevation of Privilege Vulnerability
CVE-2020-17027 1 Microsoft 17 Windows 10, Windows 10 1507, Windows 10 1607 and 14 more 2024-11-21 7.8 High
Windows Remote Access Elevation of Privilege Vulnerability
CVE-2020-17026 1 Microsoft 17 Windows 10, Windows 10 1507, Windows 10 1607 and 14 more 2024-11-21 7.8 High
Windows Remote Access Elevation of Privilege Vulnerability
CVE-2020-17025 1 Microsoft 17 Windows 10, Windows 10 1507, Windows 10 1607 and 14 more 2024-11-21 7.8 High
Windows Remote Access Elevation of Privilege Vulnerability
CVE-2020-17024 1 Microsoft 17 Windows 10, Windows 10 1507, Windows 10 1607 and 14 more 2024-11-21 7.8 High
Windows Client Side Rendering Print Provider Elevation of Privilege Vulnerability
CVE-2020-17014 1 Microsoft 21 Windows 10, Windows 10 1507, Windows 10 1607 and 18 more 2024-11-21 7.8 High
Windows Print Spooler Elevation of Privilege Vulnerability
CVE-2020-17011 1 Microsoft 21 Windows 10, Windows 10 1507, Windows 10 1607 and 18 more 2024-11-21 7.8 High
Windows Port Class Library Elevation of Privilege Vulnerability
CVE-2020-17004 1 Microsoft 21 Windows 10, Windows 10 1507, Windows 10 1607 and 18 more 2024-11-21 5.5 Medium
Windows Graphics Component Information Disclosure Vulnerability
CVE-2020-17001 1 Microsoft 21 Windows 10, Windows 10 1507, Windows 10 1607 and 18 more 2024-11-21 7.8 High
Windows Print Spooler Elevation of Privilege Vulnerability
CVE-2020-17000 1 Microsoft 16 Windows 10, Windows 10 1507, Windows 10 1607 and 13 more 2024-11-21 5.5 Medium
Remote Desktop Protocol Client Information Disclosure Vulnerability
CVE-2020-16997 1 Microsoft 20 Windows 10, Windows 10 1507, Windows 10 1607 and 17 more 2024-11-21 7.7 High
Remote Desktop Protocol Server Information Disclosure Vulnerability
CVE-2020-16949 1 Microsoft 11 365 Apps, Office, Outlook and 8 more 2024-11-21 4.7 Medium
<p>A denial of service vulnerability exists in Microsoft Outlook software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could cause a remote denial of service against a system.</p> <p>Exploitation of the vulnerability requires that a specially crafted email be sent to a vulnerable Outlook server.</p> <p>The security update addresses the vulnerability by correcting how Microsoft Outlook handles objects in memory.</p>
CVE-2020-16940 1 Microsoft 19 Windows 10, Windows 10 1507, Windows 10 1607 and 16 more 2024-11-21 7.8 High
<p>An elevation of privilege vulnerability exists when the Windows User Profile Service (ProfSvc) improperly handles junction points. An attacker who successfully exploited this vulnerability could delete files and folders in an elevated context.</p> <p>To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and delete files or folders of their choosing.</p> <p>The security update addresses the vulnerability by correcting how the Windows User Profile Service handles junction points.</p>
CVE-2020-16939 1 Microsoft 19 Windows 10, Windows 10 1507, Windows 10 1607 and 16 more 2024-11-21 7.8 High
<p>An elevation of privilege vulnerability exists when Group Policy improperly checks access. An attacker who successfully exploited this vulnerability could run processes in an elevated context.</p> <p>To exploit the vulnerability, an attacker would first have to log on to the system, and then run a specially crafted application to take control over the affected system.</p> <p>The security update addresses the vulnerability by correcting how Group Policy checks access.</p>
CVE-2020-16937 1 Microsoft 10 .net, .net Framework, Windows 10 and 7 more 2024-11-21 4.7 Medium
<p>An information disclosure vulnerability exists when the .NET Framework improperly handles objects in memory. An attacker who successfully exploited the vulnerability could disclose contents of an affected system's memory.</p> <p>To exploit the vulnerability, an authenticated attacker would need to run a specially crafted application.</p> <p>The update addresses the vulnerability by correcting how the .NET Framework handles objects in memory.</p>
CVE-2020-16935 1 Microsoft 19 Windows 10, Windows 10 1507, Windows 10 1607 and 16 more 2024-11-21 7.8 High
<p>An elevation of privilege vulnerability exists when Windows improperly handles COM object creation. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges.</p> <p>To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system.</p> <p>The update addresses the vulnerability by correcting how the Windows COM Server creates COM objects.</p>
CVE-2020-16933 1 Microsoft 11 365 Apps, Office, Windows 10 and 8 more 2024-11-21 7 High
<p>A security feature bypass vulnerability exists in Microsoft Word software when it fails to properly handle .LNK files. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the file could then take actions on behalf of the logged-on user with the same permissions as the current user.</p> <p>To exploit the vulnerability, a user must open a specially crafted file with an affected version of Microsoft Word software. In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted file to the user and convincing the user to open the file. In a web-based attack scenario, an attacker could host a website (or leverage a compromised website that accepts or hosts user-provided content) that contains a specially crafted file that is designed to exploit the vulnerability. However, an attacker would have no way to force the user to visit the website. Instead, an attacker would have to convince the user to click a link, typically by way of an enticement in an email or Instant Messenger message, and then convince the user to open the specially crafted file.</p> <p>The security update addresses the vulnerability by correcting how Microsoft Word handles these files.</p>