An elevation of privilege vulnerability exists when the Windows Speech Runtime improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka ‘Windows Speech Runtime Elevation...
A remote code execution vulnerability exists when the Windows Font Driver Host improperly handles memory.An attacker who successfully exploited the vulnerability would gain execution on a victim system.The security update addresses the vulnerability by...
An elevation of privilege vulnerability exists when the Windows UPnP Device Host improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka ‘Windows UPnP Device...
An elevation of privilege vulnerability exists when the Windows File Server Resource Management Service improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka ‘Windows...
An elevation of privilege vulnerability exists when the Windows File Server Resource Management Service improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka ‘Windows...
An elevation of privilege vulnerability exists when the Windows Work Folders Service improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka ‘Windows Work Folders...
ftp-srv is an npm package which is a modern and extensible FTP server designed to be simple yet configurable. In ftp-srv before versions 2.19.6, 3.1.2, and 4.3.4 are vulnerable to Server-Side Request Forgery. The...
An elevation of privilege vulnerability exists when the Windows Telephony Server improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka ‘Windows Telephony Server Elevation...
An elevation of privilege vulnerability exists when the Windows CSC Service improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka ‘Windows CSC Service Elevation...
An information disclosure vulnerability exists when the Windows State Repository Service improperly handles objects in memory, aka ‘Windows State Repository Service Information Disclosure Vulnerability’. Date published : 2020-08-17 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1512
An elevation of privilege vulnerability exists when Connected User Experiences and Telemetry Service improperly handles file operations, aka ‘Connected User Experiences and Telemetry Service Elevation of Privilege Vulnerability’. Date published : 2020-08-17 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1511
An information disclosure vulnerability exists when the win32k component improperly provides kernel information, aka ‘Win32k Information Disclosure Vulnerability’. Date published : 2020-08-17 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1510
An elevation of privilege vulnerability exists in the Local Security Authority Subsystem Service (LSASS) when an authenticated attacker sends a specially crafted authentication request, aka ‘Local Security Authority Subsystem Service Elevation of Privilege Vulnerability’....
An information disclosure vulnerability exists when Microsoft SharePoint Server fails to properly handle objects in memory, aka ‘Microsoft SharePoint Information Disclosure Vulnerability’. Date published : 2020-08-17 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1505