CVE-2020-0891
This vulnerability is caused when SharePoint Server does not properly sanitize a specially crafted request to an affected SharePoint server.An authenticated attacker could exploit this vulnerability by sending a specially crafted request to an affected SharePoint server, aka ‘Microsoft SharePoint Reflective XSS Vulnerability’. This CVE ID is unique from CVE-2020-0795.
Source: CVE-2020-0891
CVE-2020-0859
An information vulnerability exists when Windows Modules Installer Service improperly discloses file information, aka ‘Windows Modules Installer Service Information Disclosure Vulnerability’.
Source: CVE-2020-0859
CVE-2020-0866
An elevation of privilege vulnerability exists when the Windows Work Folder Service improperly handles file operations, aka ‘Windows Work Folder Service Elevation of Privilege Vulnerability’. This CVE ID is unique from CVE-2020-0777, CVE-2020-0797, CVE-2020-0800, CVE-2020-0864, CVE-2020-0865, CVE-2020-0897.
Source: CVE-2020-0866
CVE-2020-0860
An elevation of privilege vulnerability exists when the Windows ActiveX Installer Service improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka ‘Windows ActiveX Installer Service Elevation of Privilege Vulnerability’. This CVE ID is unique from CVE-2020-0770, CVE-2020-0773.
Source: CVE-2020-0860
CVE-2020-0858
An elevation of privilege vulnerability exists when the "Public Account Pictures" folder improperly handles junctions.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka ‘Windows Elevation of Privilege Vulnerability’. This CVE ID is unique from CVE-2020-0776.
Source: CVE-2020-0858
CVE-2020-0857
An elevation of privilege vulnerability exists in the way that the Windows Search Indexer handles objects in memory, aka ‘Windows Search Indexer Elevation of Privilege Vulnerability’.
Source: CVE-2020-0857
CVE-2020-0872
A remote code execution vulnerability exists in Application Inspector version v1.0.23 or earlier when the tool reflects example code snippets from third-party source files into its HTML output, aka ‘Remote Code Execution Vulnerability in Application Inspector’.
Source: CVE-2020-0872
CVE-2020-0861
An information disclosure vulnerability exists when the Windows Network Driver Interface Specification (NDIS) improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka ‘Windows Network Driver Interface Specification (NDIS) Information Disclosure Vulnerability’.
Source: CVE-2020-0861
CVE-2020-0874
An information disclosure vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory, allowing an attacker to retrieve information from a targeted system, aka ‘Windows GDI Information Disclosure Vulnerability’. This CVE ID is unique from CVE-2020-0774, CVE-2020-0879, CVE-2020-0880, CVE-2020-0882.
Source: CVE-2020-0874
CVE-2020-0863
An information vulnerability exists when Windows Connected User Experiences and Telemetry Service improperly discloses file information, aka ‘Connected User Experiences and Telemetry Service Information Disclosure Vulnerability’.
Source: CVE-2020-0863