Monthly Archive: April 2020

An elevation of privilege vulnerability exists in RMS Sharing App for Mac in the way it allows an attacker to load unsigned binaries, aka ‘Microsoft RMS Sharing App for Mac Elevation of Privilege Vulnerability’....

An information disclosure vulnerability exists when Microsoft Dynamics Business Central/NAV on-premise does not properly hide the value of a masked field when showing the records as a chart page.The attacker who successfully exploited the...

An elevation of privilege vulnerability exists in the way the Windows Push Notification Service handles objects in memory, aka ‘Windows Push Notification Service Elevation of Privilege Vulnerability’. This CVE ID is unique from CVE-2020-0940,...

An information disclosure vulnerability exists when the Windows Push Notification Service improperly handles objects in memory, aka ‘Windows Push Notification Service Information Disclosure Vulnerability’. Date published : 2020-04-15 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1016

An elevation of privilege vulnerability exists in the way that the User-Mode Power Service (UMPS) handles objects in memory, aka ‘Windows Elevation of Privilege Vulnerability’. This CVE ID is unique from CVE-2020-0934, CVE-2020-0983, CVE-2020-1009,...

An elevation of privilege vulnerability exists in the Microsoft Windows Update Client when it does not properly handle privileges, aka ‘Microsoft Windows Update Client Elevation of Privilege Vulnerability’. Date published : 2020-04-15 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1014

An elevation of privilege vulnerability exists when the Windows System Assessment Tool improperly handles file operations, aka ‘Windows Elevation of Privilege Vulnerability’. This CVE ID is unique from CVE-2020-0934, CVE-2020-0983, CVE-2020-1009, CVE-2020-1015. Date published...

An elevation of privilege vulnerability exists in the way that the Microsoft Store Install Service handles file operations in protected locations, aka ‘Windows Elevation of Privilege Vulnerability’. This CVE ID is unique from CVE-2020-0934,...

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka ‘Jet Database Engine Remote Code Execution Vulnerability’. This CVE ID is unique from CVE-2020-0889, CVE-2020-0953, CVE-2020-0959,...

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka ‘Windows Kernel Information Disclosure Vulnerability’. This CVE ID is unique from CVE-2020-0821. Date published : 2020-04-15 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1007

An elevation of privilege vulnerability exists in the way the Windows Push Notification Service handles objects in memory, aka ‘Windows Push Notification Service Elevation of Privilege Vulnerability’. This CVE ID is unique from CVE-2020-0940,...

An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory, aka ‘Microsoft Graphics Component Information Disclosure Vulnerability’. This CVE ID is unique from CVE-2020-0982, CVE-2020-0987. Date published :...

An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handles objects in memory, aka ‘Windows Graphics Component Elevation of Privilege Vulnerability’. Date published : 2020-04-15 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1004

An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka ‘Windows Kernel Elevation of Privilege Vulnerability’. This CVE ID is unique from CVE-2020-0913, CVE-2020-1000, CVE-2020-1027. Date...