CVE-2020-8321
A potential vulnerability in the SMI callback function used in the System Lock Preinstallation driver in some Lenovo Notebook and ThinkStation models may allow arbitrary code execution.
Source: CVE-2020-8321
[월:] 2020년 06월
CVE-2020-8320
CVE-2020-8320
An internal shell was included in BIOS image in some ThinkPad models that could allow escalation of privilege.
Source: CVE-2020-8320
CVE-2020-1348
CVE-2020-1348
An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka ‘Windows GDI Information Disclosure Vulnerability’.
Source: CVE-2020-1348
CVE-2020-1324
CVE-2020-1324
An elevation of privilege (user to user) vulnerability exists in Windows Security Health Service when handling certain objects in memory.To exploit the vulnerability, an attacker would first have to log on to the system, aka ‘Windows Elevation of Privilege Vulnerability’. This CVE ID is unique from CVE-2020-1162.
Source: CVE-2020-1324
CVE-2020-1331
CVE-2020-1331
A spoofing vulnerability exists when System Center Operations Manager (SCOM) does not properly sanitize a specially crafted web request to an affected SCOM instance, aka ‘System Center Operations Manager Spoofing Vulnerability’.
Source: CVE-2020-1331
CVE-2020-1340
CVE-2020-1340
A spoofing vulnerability exists when the NuGetGallery does not properly sanitize input on package metadata values, aka ‘NuGetGallery Spoofing Vulnerability’.
Source: CVE-2020-1340
CVE-2020-1343
CVE-2020-1343
An information disclosure vulnerability exists in Visual Studio Code Live Share Extension when it exposes tokens in plain text, aka ‘Visual Studio Code Live Share Information Disclosure Vulnerability’.
Source: CVE-2020-1343
CVE-2020-1334
CVE-2020-1334
An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka ‘Windows Runtime Elevation of Privilege Vulnerability’. This CVE ID is unique from CVE-2020-1231, CVE-2020-1233, CVE-2020-1235, CVE-2020-1265, CVE-2020-1282, CVE-2020-1304, CVE-2020-1306.
Source: CVE-2020-1334
CVE-2020-1329
CVE-2020-1329
A spoofing vulnerability exists when Microsoft Bing Search for Android improperly handles specific HTML content, aka ‘Microsoft Bing Search Spoofing Vulnerability’.
Source: CVE-2020-1329
CVE-2020-1327
CVE-2020-1327
A spoofing vulnerability exists in Microsoft Azure DevOps Server when it fails to properly handle web requests, aka ‘Azure DevOps Server HTML Injection Vulnerability’.
Source: CVE-2020-1327