CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Microsoft CVE•added 2020/09/08 7:0 a.m.•32 views

Windows Kernel Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. To exploit the vulnerability, a locally authenticated attacker could run a specially...

7.8CVSS3.4AI score0.17023EPSS

Exploits2

Microsoft CVE•added 2020/09/08 7:0 a.m.•48 views

Active Directory Remote Code Execution Vulnerability

A remote code execution vulnerability exists when Active Directory integrated DNS ADIDNS mishandles objects in memory. An authenticated attacker who successfully exploited the vulnerability could run arbitrary code in the context of the Local System Account To exploit the vulnerability, an...

8.8CVSS3.8AI score0.11137EPSS

Microsoft CVE•added 2020/09/08 7:0 a.m.•29 views

Microsoft Excel Remote Code Execution Vulnerability

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with...

8.8CVSS2.6AI score0.10675EPSS

Microsoft KB•added 2020/09/08 7:0 a.m.•33 views

Description of the security update for SharePoint Enterprise Server 2013: September 8, 2020

Description of the security update for SharePoint Enterprise Server 2013: September 8, 2020 Summary This security update resolves a remote code execution vulnerability that exists in Microsoft Word if the software does not correctly handle objects in memory. To learn more about the vulnerability,...

8.8CVSS8AI score0.12172EPSS

Exploits1

Positive Technologies•added 2020/09/08 12:0 a.m.•2 views

PT-2020-4026 · Microsoft · Office Word +1

Name of the Vulnerable Software and Affected Versions: Microsoft Word affected versions not specified Description: A remote code execution issue exists in Microsoft Word software due to its failure to properly handle objects in memory. This could allow an attacker to use a specially crafted file ...

9.3CVSS7.7AI score0.10675EPSS

Exploits0References6

7.8CVSS7.9AI score0.14496EPSS

CVE-2020-1562

A remote code execution vulnerability exists in the way that Microsoft Graphics Components handle objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code on a target system. To exploit the vulnerability, a user would have to open a specially crafte...

4.2CVSS6.8AI score0.01512EPSS

CVE-2020-1566

An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create ne...

7.8CVSS7.7AI score0.1249EPSS

CVE-2020-1563

A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with...

OSV•added 2020/08/17 7:15 p.m.•1 views

CVE-2020-1505

An information disclosure vulnerability exists when Microsoft SharePoint Server fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. To exploit the vulnerability, an attacker would...

5.5CVSS6.7AI score0.01169EPSS

7.8CVSS7.3AI score0.00376EPSS

CVE-2020-1486

Prion•added 2020/08/17 7:15 p.m.•23 views

Remote code execution

9.3CVSS8.6AI score0.15375EPSS

Exploits0References1Affected Software2

Prion•added 2020/08/17 7:15 p.m.•16 views

Remote code execution

A remote code execution vulnerability exists in Microsoft Access software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with...

6.8CVSS8AI score0.11602EPSS

Exploits0References1Affected Software2

Prion•added 2020/08/17 7:15 p.m.•18 views

Privilege escalation

7.2CVSS6.7AI score0.00376EPSS

Exploits0References1Affected Software5

CVE•added 2020/08/17 7:13 p.m.•115 views

CVE-2020-1533

CVE-2020-1533 is a Windows WalletService elevation-of-privilege vulnerability. The issue arises from how WalletService handles objects in memory, permitting a locally authenticated attacker to execute code with elevated privileges by running a crafted application. The CVE entry notes that exploit...

7.8CVSS7.9AI score0.00285EPSS

Exploits0References1Affected Software3

Microsoft CVE•added 2020/08/11 7:0 a.m.•37 views

Microsoft Excel Remote Code Execution Vulnerability

9.3CVSS2.6AI score0.15792EPSS

Microsoft CVE•added 2020/08/11 7:0 a.m.•189 views

Microsoft Excel Remote Code Execution Vulnerability

9.3CVSS2.6AI score0.1773EPSS

Microsoft CVE•added 2020/08/11 7:0 a.m.•34 views

Microsoft Excel Remote Code Execution Vulnerability

9.3CVSS2.6AI score0.15375EPSS

Microsoft CVE•added 2020/08/11 7:0 a.m.•26 views

Media Foundation Information Disclosure Vulnerability

An information disclosure vulnerability exists when Media Foundation improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. To exploit this vulnerability, an attacker would have to log onto ...

7.8CVSS1.3AI score0.21467EPSS