PT-2020-4884 · Microsoft · Azure Sphere

Name of the Vulnerable Software and Affected Versions: Azure Sphere affected versions not specified Description: The issue is related to errors in code generation management in the MTD driver of the Azure Sphere operating system. Exploitation of this issue may allow an attacker to execute arbitra...

PT-2020-4774 · Microsoft · Office Excel

Name of the Vulnerable Software and Affected Versions: Microsoft Excel affected versions not specified Description: The issue is related to errors in code generation management in Microsoft Excel. It allows remote attackers to execute arbitrary code. Recommendations: At the moment, there is no...

PT-2020-4775 · Microsoft · Office Excel

Name of the Vulnerable Software and Affected Versions: Microsoft Excel affected versions not specified Description: The issue is related to errors in code generation management in Microsoft Excel. It allows remote attackers to execute arbitrary code. There is no information provided about the...

PT-2020-4869 · Microsoft · Teams

Name of the Vulnerable Software and Affected Versions: Microsoft Teams affected versions not specified Description: The issue is related to incorrect code generation management in Microsoft Teams. It allows a remote attacker to execute arbitrary code. Recommendations: At the moment, there is no...

PT-2020-4777 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to errors in code generation management in the Windows GDI+ component, which can be exploited by remote attackers to execute arbitrary code and affect the system...

PT-2020-4772 · Microsoft · Office Access Connectivity Engine +1

Name of the Vulnerable Software and Affected Versions: Microsoft Office Access Connectivity Engine affected versions not specified Description: The issue is related to errors in code generation management within the Microsoft Office Access Connectivity Engine component of the Microsoft Office...

PT-2020-4814 · Microsoft · Azure Sphere

Name of the Vulnerable Software and Affected Versions: Azure Sphere affected versions not specified Description: The issue is related to incorrect code generation management in the Azure Sphere operating system. Exploitation of this issue may allow an attacker to execute arbitrary code using a...

PT-2020-4792 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to errors in code generation management in the Windows NTFS file system, allowing remote attackers to execute arbitrary code and affect the system. Recommendations: At...

PT-2020-4820 · Microsoft · Heif Image Extension

Name of the Vulnerable Software and Affected Versions: HEIF Image Extension affected versions not specified Description: The issue is related to incorrect code generation management in the HEIF Image Extension, which can be exploited by a remote attacker to execute arbitrary code. Recommendations...

PT-2020-4660 · Microsoft · Hevc Video Extensions

Name of the Vulnerable Software and Affected Versions: HEVC Video Extensions affected versions not specified Description: The issue is related to errors in code generation management. It may allow a remote attacker to execute arbitrary code. Recommendations: At the moment, there is no information...

PT-2020-4811 · Microsoft · Azure Sphere

Name of the Vulnerable Software and Affected Versions: Azure Sphere affected versions not specified Description: The issue is related to incorrect code generation management in the Azure Sphere operating system. Exploitation of this issue may allow an attacker to execute arbitrary code using a...

PT-2020-4771 · Microsoft · Sharepoint Server +1

Name of the Vulnerable Software and Affected Versions: Microsoft SharePoint affected versions not specified Description: The issue is related to errors in code generation management in Microsoft SharePoint. It allows remote attackers to execute arbitrary code. Recommendations: At the moment, ther...

PT-2020-4809 · Microsoft · Av1 Video Extension

Name of the Vulnerable Software and Affected Versions: AV1 Video Extension affected versions not specified Description: The issue is related to incorrect code generation management in the AV1 Video Extension codec. It may allow a remote attacker to execute arbitrary code. Recommendations: At the...

PT-2020-4819 · Microsoft · Hevc Video Extensions

Name of the Vulnerable Software and Affected Versions: HEVC Video Extensions affected versions not specified Description: The issue is related to incorrect code generation management in the HEVC Video Extension codec. Exploitation of this issue may allow a remote attacker to execute arbitrary cod...

PT-2020-4662 · Microsoft · Hevc Video Extensions

Name of the Vulnerable Software and Affected Versions: HEVC Video Extensions affected versions not specified Description: The issue is related to errors in code generation management. It may allow a remote attacker to execute arbitrary code. Recommendations: At the moment, there is no information...

PT-2020-4868 · Microsoft · Windows Print Spooler +1

Name of the Vulnerable Software and Affected Versions: Windows Print Spooler affected versions not specified Description: The issue is related to incorrect code generation management in the Windows Print Spooler component of the Windows operating system. It allows a remote attacker to execute...

PT-2020-4157 · Microsoft · Windows Media Audio Decoder +1

Name of the Vulnerable Software and Affected Versions: Windows Media Audio Decoder affected versions not specified Description: A remote code execution issue exists due to improper handling of objects by Windows Media Audio Decoder, allowing an attacker to potentially take control of an affected...

Huawei EulerOS: Security Advisory for pcp (EulerOS-SA-2020-1873)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2020-24240

GNU Bison before 3.7.1 has a use-after-free in obstackfree in lib/obstack.c called from gramlex when a '\0' byte is encountered. NOTE: there is a risk only if Bison is used with untrusted input, and the observed bug happens to cause unsafe behavior with a specific compiler/architecture. The bug...

CVE-2020-24240

GNU Bison before 3.7.1 has a use-after-free in obstackfree in lib/obstack.c called from gramlex when a '\0' byte is encountered. NOTE: there is a risk only if Bison is used with untrusted input, and the observed bug happens to cause unsafe behavior with a specific compiler/architecture. The bug...