CVE List - 2020 / February
Showing 501 - 600 of 1397 CVEs for February 2020 (Page 6 of 14)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2020-0618 | 2020-02-11 | A remote code execution vulnerability exists in Microsoft SQL Server Reporting Services when it incorrectly handles page requests, aka 'Microsoft SQL Server Reporting Services Remote Code Execution Vulnerability'. |
| CVE-2020-0655 | 2020-02-11 | A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an authenticated attacker abuses clipboard redirection, aka 'Remote Desktop Services Remote Code... |
| CVE-2020-0657 | 2020-02-11 | An elevation of privilege vulnerability exists when the Windows Common Log File System (CLFS) driver improperly handles objects in memory, aka 'Windows Common Log File System Driver Elevation of Privilege... |
| CVE-2020-0658 | 2020-02-11 | An information disclosure vulnerability exists in the Windows Common Log File System (CLFS) driver when it fails to properly handle objects in memory, aka 'Windows Common Log File System Driver... |
| CVE-2020-0659 | 2020-02-11 | An elevation of privilege vulnerability exists when the Windows Data Sharing Service improperly handles file operations, aka 'Windows Data Sharing Service Elevation of Privilege Vulnerability'. This CVE ID is unique... |
| CVE-2020-0660 | 2020-02-11 | A denial of service vulnerability exists in Remote Desktop Protocol (RDP) when an attacker connects to the target system using RDP and sends specially crafted requests, aka 'Windows Remote Desktop... |
| CVE-2020-0661 | 2020-02-11 | A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate input from a privileged user on a guest operating system, aka 'Windows Hyper-V... |
| CVE-2020-0662 | 2020-02-11 | A remote code execution vulnerability exists in the way that Windows handles objects in memory, aka 'Windows Remote Code Execution Vulnerability'. |
| CVE-2020-0663 | 2020-02-11 | An elevation of privilege vulnerability exists when Microsoft Edge does not properly enforce cross-domain policies, which could allow an attacker to access information from one domain and inject it into... |
| CVE-2020-0665 | 2020-02-11 | An elevation of privilege vulnerability exists in Active Directory Forest trusts due to a default setting that lets an attacker in the trusting forest request delegation of a TGT for... |
| CVE-2020-0666 | 2020-02-11 | An elevation of privilege vulnerability exists in the way that the Windows Search Indexer handles objects in memory, aka 'Windows Search Indexer Elevation of Privilege Vulnerability'. This CVE ID is... |
| CVE-2020-0667 | 2020-02-11 | An elevation of privilege vulnerability exists in the way that the Windows Search Indexer handles objects in memory, aka 'Windows Search Indexer Elevation of Privilege Vulnerability'. This CVE ID is... |
| CVE-2020-0668 | 2020-02-11 | An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from... |
| CVE-2020-0669 | 2020-02-11 | An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from... |
| CVE-2020-0670 | 2020-02-11 | An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from... |
| CVE-2020-0671 | 2020-02-11 | An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from... |
| CVE-2020-0672 | 2020-02-11 | An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from... |
| CVE-2020-0673 | 2020-02-11 | A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is... |
| CVE-2020-0674 | 2020-02-11 | A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is... |
| CVE-2020-0675 | 2020-02-11 | An information disclosure vulnerability exists in the Cryptography Next Generation (CNG) service when it fails to properly handle objects in memory.To exploit this vulnerability, an attacker would have to log... |
| CVE-2020-0676 | 2020-02-11 | An information disclosure vulnerability exists in the Cryptography Next Generation (CNG) service when it fails to properly handle objects in memory.To exploit this vulnerability, an attacker would have to log... |
| CVE-2020-0677 | 2020-02-11 | An information disclosure vulnerability exists in the Cryptography Next Generation (CNG) service when it fails to properly handle objects in memory.To exploit this vulnerability, an attacker would have to log... |
| CVE-2020-0678 | 2020-02-11 | An elevation of privilege vulnerability exists when Windows Error Reporting manager improperly handles hard links, aka 'Windows Error Reporting Manager Elevation of Privilege Vulnerability'. |
| CVE-2020-0679 | 2020-02-11 | An elevation of privilege vulnerability exists in the way that the Windows Function Discovery Service handles objects in memory, aka 'Windows Function Discovery Service Elevation of Privilege Vulnerability'. This CVE... |
| CVE-2020-0680 | 2020-02-11 | An elevation of privilege vulnerability exists in the way that the Windows Function Discovery Service handles objects in memory, aka 'Windows Function Discovery Service Elevation of Privilege Vulnerability'. This CVE... |
| CVE-2020-0681 | 2020-02-11 | A remote code execution vulnerability exists in the Windows Remote Desktop Client when a user connects to a malicious server, aka 'Remote Desktop Client Remote Code Execution Vulnerability'. This CVE... |
| CVE-2020-0682 | 2020-02-11 | An elevation of privilege vulnerability exists in the way that the Windows Function Discovery Service handles objects in memory, aka 'Windows Function Discovery Service Elevation of Privilege Vulnerability'. This CVE... |
| CVE-2020-0683 | 2020-02-11 | An elevation of privilege vulnerability exists in the Windows Installer when MSI packages process symbolic links, aka 'Windows Installer Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0686. |
| CVE-2020-0685 | 2020-02-11 | An elevation of privilege vulnerability exists when Windows improperly handles COM object creation, aka 'Windows COM Server Elevation of Privilege Vulnerability'. |
| CVE-2020-0686 | 2020-02-11 | An elevation of privilege vulnerability exists in the Windows Installer when MSI packages process symbolic links, aka 'Windows Installer Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0683. |
| CVE-2020-0689 | 2020-02-11 | A security feature bypass vulnerability exists in secure boot, aka 'Microsoft Secure Boot Security Feature Bypass Vulnerability'. |
| CVE-2020-0691 | 2020-02-11 | An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is... |
| CVE-2020-0688 | 2020-02-11 | A remote code execution vulnerability exists in Microsoft Exchange software when the software fails to properly handle objects in memory, aka 'Microsoft Exchange Memory Corruption Vulnerability'. |
| CVE-2020-0692 | 2020-02-11 | An elevation of privilege vulnerability exists in Microsoft Exchange Server, aka 'Microsoft Exchange Server Elevation of Privilege Vulnerability'. |
| CVE-2020-0693 | 2020-02-11 | A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This... |
| CVE-2020-0695 | 2020-02-11 | A spoofing vulnerability exists when Office Online Server does not validate origin in cross-origin communications correctly, aka 'Microsoft Office Online Server Spoofing Vulnerability'. |
| CVE-2020-0694 | 2020-02-11 | A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This... |
| CVE-2020-0696 | 2020-02-11 | A security feature bypass vulnerability exists in Microsoft Outlook software when it improperly handles the parsing of URI formats, aka 'Microsoft Outlook Security Feature Bypass Vulnerability'. |
| CVE-2020-0697 | 2020-02-11 | An elevation of privilege vulnerability exists in Microsoft Office OLicenseHeartbeat task, where an attacker who successfully exploited this vulnerability could run this task as SYSTEM.To exploit the vulnerability, an authenticated... |
| CVE-2020-0698 | 2020-02-11 | An information disclosure vulnerability exists when the Telephony Service improperly discloses the contents of its memory, aka 'Windows Information Disclosure Vulnerability'. |
| CVE-2020-0701 | 2020-02-11 | An elevation of privilege vulnerability exists in the way that the Windows Client License Service (ClipSVC) handles objects in memory, aka 'Windows Client License Service Elevation of Privilege Vulnerability'. |
| CVE-2020-0702 | 2020-02-11 | A security feature bypass vulnerability exists in Surface Hub when prompting for credentials, aka 'Surface Hub Security Feature Bypass Vulnerability'. |
| CVE-2020-0703 | 2020-02-11 | An elevation of privilege vulnerability exists when the Windows Backup Service improperly handles file operations.To exploit this vulnerability, an attacker would first have to gain execution on the victim system,... |
| CVE-2020-0704 | 2020-02-11 | An elevation of privilege vulnerability exists when the Windows Wireless Network Manager improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system,... |
| CVE-2020-0705 | 2020-02-11 | An information disclosure vulnerability exists when the Windows Network Driver Interface Specification (NDIS) improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim... |
| CVE-2020-0706 | 2020-02-11 | An information disclosure vulnerability exists in the way that affected Microsoft browsers handle cross-origin requests, aka 'Microsoft Browser Information Disclosure Vulnerability'. |
| CVE-2020-0707 | 2020-02-11 | An elevation of privilege vulnerability exists when the Windows IME improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows... |
| CVE-2020-0708 | 2020-02-11 | A remote code execution vulnerability exists when the Windows Imaging Library improperly handles memory.To exploit this vulnerability, an attacker would first have to coerce a victim to open a specially... |
| CVE-2020-0709 | 2020-02-11 | An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory, aka 'DirectX Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0732. |
| CVE-2020-0710 | 2020-02-11 | A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from... |
| CVE-2020-0711 | 2020-02-11 | A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from... |
| CVE-2020-0712 | 2020-02-11 | A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from... |
| CVE-2020-0713 | 2020-02-11 | A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from... |
| CVE-2020-0714 | 2020-02-11 | An information disclosure vulnerability exists when DirectX improperly handles objects in memory, aka 'DirectX Information Disclosure Vulnerability'. |
| CVE-2020-0715 | 2020-02-11 | An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handles objects in memory, aka 'Windows Graphics Component Elevation of Privilege Vulnerability'. This CVE ID is unique from... |
| CVE-2020-0716 | 2020-02-11 | An information disclosure vulnerability exists when the win32k component improperly provides kernel information, aka 'Win32k Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-0717. |
| CVE-2020-0717 | 2020-02-11 | An information disclosure vulnerability exists when the win32k component improperly provides kernel information, aka 'Win32k Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-0716. |
| CVE-2020-0719 | 2020-02-11 | An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique... |
| CVE-2020-0720 | 2020-02-11 | An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique... |
| CVE-2020-0721 | 2020-02-11 | An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique... |
| CVE-2020-0722 | 2020-02-11 | An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique... |
| CVE-2020-0723 | 2020-02-11 | An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique... |
| CVE-2020-0724 | 2020-02-11 | An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique... |
| CVE-2020-0725 | 2020-02-11 | An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique... |
| CVE-2020-0726 | 2020-02-11 | An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique... |
| CVE-2020-0727 | 2020-02-11 | An elevation of privilege vulnerability exists when the Connected User Experiences and Telemetry Service improperly handles file operations, aka 'Connected User Experiences and Telemetry Service Elevation of Privilege Vulnerability'. |
| CVE-2020-0728 | 2020-02-11 | An information vulnerability exists when Windows Modules Installer Service improperly discloses file information, aka 'Windows Modules Installer Service Information Disclosure Vulnerability'. |
| CVE-2020-0729 | 2020-02-11 | A remote code execution vulnerability exists in Microsoft Windows that could allow remote code execution if a .LNK file is processed.An attacker who successfully exploited this vulnerability could gain the... |
| CVE-2020-0730 | 2020-02-11 | An elevation of privilege vulnerability exists when the Windows User Profile Service (ProfSvc) improperly handles symlinks, aka 'Windows User Profile Service Elevation of Privilege Vulnerability'. |
| CVE-2020-0731 | 2020-02-11 | An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique... |
| CVE-2020-0732 | 2020-02-11 | An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory, aka 'DirectX Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0709. |
| CVE-2020-0733 | 2020-02-11 | An elevation of privilege vulnerability exists when the Windows Malicious Software Removal Tool (MSRT) improperly handles junctions.To exploit this vulnerability, an attacker would first have to gain execution on the... |
| CVE-2020-0734 | 2020-02-11 | A remote code execution vulnerability exists in the Windows Remote Desktop Client when a user connects to a malicious server, aka 'Remote Desktop Client Remote Code Execution Vulnerability'. This CVE... |
| CVE-2020-0735 | 2020-02-11 | An elevation of privilege vulnerability exists in the way that the Windows Search Indexer handles objects in memory, aka 'Windows Search Indexer Elevation of Privilege Vulnerability'. This CVE ID is... |
| CVE-2020-0736 | 2020-02-11 | An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. |
| CVE-2020-0737 | 2020-02-11 | An elevation of privilege vulnerability exists in the way that the tapisrv.dll handles objects in memory, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0739. |
| CVE-2020-0738 | 2020-02-11 | A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory, aka 'Media Foundation Memory Corruption Vulnerability'. |
| CVE-2020-0739 | 2020-02-11 | An elevation of privilege vulnerability exists in the way that the dssvc.dll handles file creation allowing for a file overwrite or creation in a secured location, aka 'Windows Elevation of... |
| CVE-2020-0740 | 2020-02-11 | An elevation of privilege vulnerability exists in the way that the Connected Devices Platform Service handles objects in memory, aka 'Connected Devices Platform Service Elevation of Privilege Vulnerability'. This CVE... |
| CVE-2020-0741 | 2020-02-11 | An elevation of privilege vulnerability exists in the way that the Connected Devices Platform Service handles objects in memory, aka 'Connected Devices Platform Service Elevation of Privilege Vulnerability'. This CVE... |
| CVE-2020-0742 | 2020-02-11 | An elevation of privilege vulnerability exists in the way that the Connected Devices Platform Service handles objects in memory, aka 'Connected Devices Platform Service Elevation of Privilege Vulnerability'. This CVE... |
| CVE-2020-0743 | 2020-02-11 | An elevation of privilege vulnerability exists in the way that the Connected Devices Platform Service handles objects in memory, aka 'Connected Devices Platform Service Elevation of Privilege Vulnerability'. This CVE... |
| CVE-2020-0744 | 2020-02-11 | An information disclosure vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory, allowing an attacker to retrieve information from a targeted system, aka... |
| CVE-2020-0745 | 2020-02-11 | An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handles objects in memory, aka 'Windows Graphics Component Elevation of Privilege Vulnerability'. This CVE ID is unique from... |
| CVE-2020-0746 | 2020-02-11 | An information disclosure vulnerability exists in the way that Microsoft Graphics Components handle objects in memory, aka 'Microsoft Graphics Components Information Disclosure Vulnerability'. |
| CVE-2020-0747 | 2020-02-11 | An elevation of privilege vulnerability exists when the Windows Data Sharing Service improperly handles file operations, aka 'Windows Data Sharing Service Elevation of Privilege Vulnerability'. This CVE ID is unique... |
| CVE-2020-0748 | 2020-02-11 | An information disclosure vulnerability exists in the Cryptography Next Generation (CNG) service when it fails to properly handle objects in memory.To exploit this vulnerability, an attacker would have to log... |
| CVE-2020-0749 | 2020-02-11 | An elevation of privilege vulnerability exists in the way that the Connected Devices Platform Service handles objects in memory, aka 'Connected Devices Platform Service Elevation of Privilege Vulnerability'. This CVE... |
| CVE-2020-0750 | 2020-02-11 | An elevation of privilege vulnerability exists in the way that the Connected Devices Platform Service handles objects in memory, aka 'Connected Devices Platform Service Elevation of Privilege Vulnerability'. This CVE... |
| CVE-2020-0751 | 2020-02-11 | A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate specific malicious data from a user on a guest operating system.To exploit the... |
| CVE-2020-0752 | 2020-02-11 | An elevation of privilege vulnerability exists in the way that the Windows Search Indexer handles objects in memory, aka 'Windows Search Indexer Elevation of Privilege Vulnerability'. This CVE ID is... |
| CVE-2020-0753 | 2020-02-11 | An elevation of privilege vulnerability exists in Windows Error Reporting (WER) when WER handles and executes files, aka 'Windows Error Reporting Elevation of Privilege Vulnerability'. This CVE ID is unique... |
| CVE-2020-0754 | 2020-02-11 | An elevation of privilege vulnerability exists in Windows Error Reporting (WER) when WER handles and executes files, aka 'Windows Error Reporting Elevation of Privilege Vulnerability'. This CVE ID is unique... |
| CVE-2020-0755 | 2020-02-11 | An information disclosure vulnerability exists in the Cryptography Next Generation (CNG) service when it fails to properly handle objects in memory.To exploit this vulnerability, an attacker would have to log... |
| CVE-2020-0756 | 2020-02-11 | An information disclosure vulnerability exists in the Cryptography Next Generation (CNG) service when it fails to properly handle objects in memory.To exploit this vulnerability, an attacker would have to log... |
| CVE-2020-0757 | 2020-02-11 | An elevation of privilege vulnerability exists when Windows improperly handles Secure Socket Shell remote commands, aka 'Windows SSH Elevation of Privilege Vulnerability'. |
| CVE-2020-0759 | 2020-02-11 | A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'. |
| CVE-2020-0767 | 2020-02-11 | A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from... |
| CVE-2020-0792 | 2020-02-11 | An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handles objects in memory, aka 'Windows Graphics Component Elevation of Privilege Vulnerability'. This CVE ID is unique from... |
| CVE-2020-8892 | 2020-02-11 | An issue was discovered in MISP before 2.4.121. It did not consider the HTTP PUT method when trying to block a brute-force series of invalid requests. |