CVE-2020-0904
A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate specific malicious data from a user on a guest operating system.To exploit the vulnerability, an attacker who...
Monthly Archive: September 2020
CVE-2020-0890
A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate specific malicious data from a user on a guest operating system.To exploit the vulnerability, an attacker who...
CVE-2020-0886
An elevation of privilege vulnerability exists when the Windows Storage Services improperly handle file operations, aka ‘Windows Storage Services Elevation of Privilege Vulnerability’. This CVE ID is unique from CVE-2020-1559. Date published : 2020-09-11...
CVE-2020-0878
A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory, aka ‘Microsoft Browser Memory Corruption Vulnerability’. Date published : 2020-09-11 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0878
CVE-2020-0875
An information disclosure vulnerability exists in how splwow64.exe handles certain calls, aka ‘Microsoft splwow64 Information Disclosure Vulnerability’. Date published : 2020-09-11 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0875
CVE-2020-0870
An elevation of privilege vulnerability exists when the Shell infrastructure component improperly handles objects in memory, aka ‘Shell infrastructure component Elevation of Privilege Vulnerability’. Date published : 2020-09-11 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0870
CVE-2020-0856
An information disclosure vulnerability exists when Active Directory integrated DNS (ADIDNS) mishandles objects in memory, aka ‘Active Directory Information Disclosure Vulnerability’. This CVE ID is unique from CVE-2020-0664. Date published : 2020-09-11 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0856
CVE-2020-0839
An elevation of privilege vulnerability exists in the way that the dnsrslvr.dll handles objects in memory, aka ‘Windows dnsrslvr.dll Elevation of Privilege Vulnerability’. Date published : 2020-09-11 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0839
CVE-2020-0838
An elevation of privilege vulnerability exists when NTFS improperly checks access, aka ‘NTFS Elevation of Privilege Vulnerability’. Date published : 2020-09-11 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0838
CVE-2020-0837
A spoofing vulnerability exists when Active Directory Federation Services (ADFS) improperly handles multi-factor authentication requests.To exploit this vulnerability, an attacker could send a specially crafted authentication request, aka ‘ADFS Spoofing Vulnerability’. Date published :...
CVE-2020-0836
A denial of service vulnerability exists in Windows DNS when it fails to properly handle queries, aka ‘Windows DNS Denial of Service Vulnerability’. This CVE ID is unique from CVE-2020-1228. Date published : 2020-09-11...
CVE-2020-0805
A security feature bypass vulnerability exists when a Windows Projected Filesystem improperly handles file redirections, aka ‘Projected Filesystem Security Feature Bypass Vulnerability’. Date published : 2020-09-11 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0805
CVE-2020-0790
A local elevation of privilege vulnerability exists in how splwow64.exe handles certain calls, aka ‘Microsoft splwow64 Elevation of Privilege Vulnerability’. Date published : 2020-09-11 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0790
CVE-2020-0782
An elevation of privilege vulnerability exists when the Windows Cryptographic Catalog Services improperly handle objects in memory, aka ‘Windows Cryptographic Catalog Services Elevation of Privilege Vulnerability’. Date published : 2020-09-11 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0782