An elevation of privilege vulnerability exists when the Windows IME improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka ‘Windows IME Elevation of Privilege...
An information disclosure vulnerability exists in the way that affected Microsoft browsers handle cross-origin requests, aka ‘Microsoft Browser Information Disclosure Vulnerability’. Date published : 2020-02-11 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0706
An information disclosure vulnerability exists when the Windows Network Driver Interface Specification (NDIS) improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka ‘Windows Network...
An elevation of privilege vulnerability exists when the Windows Wireless Network Manager improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka ‘Windows Wireless Network...
An elevation of privilege vulnerability exists when the Windows Backup Service improperly handles file operations.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka ‘Windows Backup Service...
A security feature bypass vulnerability exists in Surface Hub when prompting for credentials, aka ‘Surface Hub Security Feature Bypass Vulnerability’. Date published : 2020-02-11 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0702
An elevation of privilege vulnerability exists in the way that the Windows Client License Service (ClipSVC) handles objects in memory, aka ‘Windows Client License Service Elevation of Privilege Vulnerability’. Date published : 2020-02-11 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0701
An information disclosure vulnerability exists when the Telephony Service improperly discloses the contents of its memory, aka ‘Windows Information Disclosure Vulnerability’. Date published : 2020-02-11 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0698
An elevation of privilege vulnerability exists in Microsoft Office OLicenseHeartbeat task, where an attacker who successfully exploited this vulnerability could run this task as SYSTEM.To exploit the vulnerability, an authenticated attacker would need to...
A security feature bypass vulnerability exists in Microsoft Outlook software when it improperly handles the parsing of URI formats, aka ‘Microsoft Outlook Security Feature Bypass Vulnerability’. Date published : 2020-02-11 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0696
A spoofing vulnerability exists when Office Online Server does not validate origin in cross-origin communications correctly, aka ‘Microsoft Office Online Server Spoofing Vulnerability’. Date published : 2020-02-11 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0695
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka ‘Microsoft Office SharePoint XSS Vulnerability’. This CVE ID is unique...
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka ‘Microsoft Office SharePoint XSS Vulnerability’. This CVE ID is unique...
An elevation of privilege vulnerability exists in Microsoft Exchange Server, aka ‘Microsoft Exchange Server Elevation of Privilege Vulnerability’. Date published : 2020-02-11 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0692