A tampering vulnerability exists when Microsoft SharePoint Server fails to properly handle profile data, aka ‘Microsoft SharePoint Server Tampering Vulnerability’. This CVE ID is unique from CVE-2020-1440. Date published : 2020-09-11 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1523
In Action View before versions 5.2.4.4 and 6.0.3.3 there is a potential Cross-Site Scripting (XSS) vulnerability in Action View’s translation helpers. Views that allow the user to control the default (not found) value of...
In ZeroMQ before version 4.3.3, there is a denial-of-service vulnerability. Users with TCP transport public endpoints, even with CURVE/ZAP enabled, are impacted. If a raw TCP socket is opened and connected to an endpoint...
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka ‘Microsoft Office SharePoint XSS Vulnerability’. This CVE ID is unique...
A remote code execution vulnerability exists when Windows Media Audio Decoder improperly handles objects, aka ‘Windows Media Audio Decoder Remote Code Execution Vulnerability’. This CVE ID is unique from CVE-2020-1593. Date published : 2020-09-11...
An elevation of privilege vulnerability exists in the way that Microsoft COM for Windows handles objects in memory, aka ‘Microsoft COM for Windows Elevation of Privilege Vulnerability’. Date published : 2020-09-11 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1507
An elevation of privilege vulnerability exists in the way that the Wininit.dll handles objects in memory, aka ‘Windows Start-Up Application Elevation of Privilege Vulnerability’. Date published : 2020-09-11 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1506
An elevation of privilege vulnerability exists in the way that the Windows Function Discovery Service handles objects in memory, aka ‘Windows Function Discovery Service Elevation of Privilege Vulnerability’. Date published : 2020-09-11 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1491
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka ‘Microsoft Office SharePoint XSS Vulnerability’. This CVE ID is unique...
An elevation of privilege vulnerability exists when Microsoft Windows CloudExperienceHost fails to check COM objects, aka ‘Windows CloudExperienceHost Elevation of Privilege Vulnerability’. Date published : 2020-09-11 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1471
A remote code execution vulnerability exists in Microsoft SharePoint Server when it fails to properly identify and filter unsafe ASP.Net web controls, aka ‘Microsoft SharePoint Server Remote Code Execution Vulnerability’. Date published : 2020-09-11...
A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka ‘Microsoft SharePoint Remote Code Execution Vulnerability’. This CVE ID is unique...
A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka ‘Microsoft SharePoint Remote Code Execution Vulnerability’. This CVE ID is unique...
A tampering vulnerability exists when Microsoft SharePoint Server fails to properly handle profile data, aka ‘Microsoft SharePoint Server Tampering Vulnerability’. This CVE ID is unique from CVE-2020-1523. Date published : 2020-09-11 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1440