CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 2 and 2.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1251 CVE-2020-1330 200 +Info 2020-07-14 2020-07-16
2.1
None Local Low Not required Partial None None
An information disclosure vulnerability exists when Windows Mobile Device Management (MDM) Diagnostics improperly handles junctions, aka 'Windows Mobile Device Management Diagnostics Information Disclosure Vulnerability'.
1252 CVE-2020-1315 200 +Info 2020-06-09 2020-06-15
2.6
None Remote High Not required Partial None None
An information disclosure vulnerability exists when Internet Explorer improperly handles objects in memory, aka 'Internet Explorer Information Disclosure Vulnerability'.
1253 CVE-2020-1296 200 +Info 2020-06-09 2020-06-15
2.1
None Local Low Not required Partial None None
A vulnerability exists in the way the Windows Diagnostics & feedback settings app handles objects in memory, aka 'Windows Diagnostics & feedback Information Disclosure Vulnerability'.
1254 CVE-2020-1290 200 +Info 2020-06-09 2020-06-15
2.1
None Local Low Not required Partial None None
An information disclosure vulnerability exists when the win32k component improperly provides kernel information, aka 'Win32k Information Disclosure Vulnerability'.
1255 CVE-2020-1268 200 +Info 2020-06-09 2020-06-14
2.1
None Local Low Not required Partial None None
An information disclosure vulnerability exists when a Windows service improperly handles objects in memory, aka 'Windows Service Information Disclosure Vulnerability'.
1256 CVE-2020-1263 200 +Info 2020-06-09 2020-06-18
2.1
None Local Low Not required Partial None None
An information disclosure vulnerability exists in the way Windows Error Reporting (WER) handles objects in memory, aka 'Windows Error Reporting Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-1261.
1257 CVE-2020-1261 200 +Info 2020-06-09 2020-06-16
2.1
None Local Low Not required Partial None None
An information disclosure vulnerability exists in the way Windows Error Reporting (WER) handles objects in memory, aka 'Windows Error Reporting Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-1263.
1258 CVE-2020-1250 200 +Info 2020-09-11 2020-09-17
2.1
None Local Low Not required Partial None None
An information disclosure vulnerability exists when the win32k component improperly provides kernel information, aka 'Win32k Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-0941.
1259 CVE-2020-1242 200 +Info 2020-06-09 2020-06-12
2.6
None Remote High Not required Partial None None
An information disclosure vulnerability exists in the way that Microsoft Edge handles cross-origin requests, aka 'Microsoft Edge Information Disclosure Vulnerability'.
1260 CVE-2020-1160 200 +Info 2020-06-09 2020-06-12
2.1
None Local Low Not required Partial None None
An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory, aka 'Microsoft Graphics Component Information Disclosure Vulnerability'.
1261 CVE-2020-1145 200 +Info 2020-05-21 2020-05-26
2.1
None Local Low Not required Partial None None
An information disclosure vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory, allowing an attacker to retrieve information from a targeted system, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-0963, CVE-2020-1141, CVE-2020-1179.
1262 CVE-2020-1141 200 +Info 2020-05-21 2020-05-26
2.1
None Local Low Not required Partial None None
An information disclosure vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory, allowing an attacker to retrieve information from a targeted system, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-0963, CVE-2020-1145, CVE-2020-1179.
1263 CVE-2020-1123 732 DoS 2020-05-21 2020-05-27
2.1
None Local Low Not required None None Partial
A denial of service vulnerability exists when Connected User Experiences and Telemetry Service improperly handles file operations, aka 'Connected User Experiences and Telemetry Service Denial of Service Vulnerability'. This CVE ID is unique from CVE-2020-1084.
1264 CVE-2020-1119 2020-09-11 2020-09-15
2.1
None Local Low Not required Partial None None
An information disclosure vulnerability exists when StartTileData.dll improperly handles objects in memory, aka 'Windows Information Disclosure Vulnerability'.
1265 CVE-2020-1116 200 +Info 2020-05-21 2020-05-27
2.1
None Local Low Not required Partial None None
An information disclosure vulnerability exists when the Windows Client Server Run-Time Subsystem (CSRSS) fails to properly handle objects in memory, aka 'Windows CSRSS Information Disclosure Vulnerability'.
1266 CVE-2020-1084 732 DoS 2020-05-21 2020-05-27
2.1
None Local Low Not required None None Partial
A Denial Of Service vulnerability exists when Connected User Experiences and Telemetry Service fails to validate certain function values.An attacker who successfully exploited this vulnerability could deny dependent security feature functionality.To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application.The security update addresses the vulnerability by correcting how the Connected User Experiences and Telemetry Service validates certain function values., aka 'Connected User Experiences and Telemetry Service Denial of Service Vulnerability'. This CVE ID is unique from CVE-2020-1123.
1267 CVE-2020-1083 2020-09-11 2020-09-16
2.1
None Local Low Not required Partial None None
An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory, aka 'Microsoft Graphics Component Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-0921.
1268 CVE-2020-1076 119 DoS Overflow 2020-05-21 2020-05-27
2.1
None Local Low Not required None None Partial
A denial of service vulnerability exists when Windows improperly handles objects in memory, aka 'Windows Denial of Service Vulnerability'.
1269 CVE-2020-1075 200 +Info 2020-05-21 2020-05-27
2.1
None Local Low Not required Partial None None
An information disclosure vulnerability exists when Windows Subsystem for Linux improperly handles objects in memory, aka 'Windows Subsystem for Linux Information Disclosure Vulnerability'.
1270 CVE-2020-1072 200 +Info 2020-05-21 2020-05-27
2.1
None Local Low Not required Partial None None
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'.
1271 CVE-2020-1033 2020-09-11 2020-09-15
2.1
None Local Low Not required Partial None None
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-0928, CVE-2020-1589, CVE-2020-1592, CVE-2020-16854.
1272 CVE-2020-1016 200 +Info 2020-04-15 2020-04-21
2.1
None Local Low Not required Partial None None
An information disclosure vulnerability exists when the Windows Push Notification Service improperly handles objects in memory, aka 'Windows Push Notification Service Information Disclosure Vulnerability'.
1273 CVE-2020-1007 200 +Info 2020-04-15 2020-04-21
2.1
None Local Low Not required Partial None None
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-0821.
1274 CVE-2020-1005 200 +Info 2020-04-15 2020-04-22
2.1
None Local Low Not required Partial None None
An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory, aka 'Microsoft Graphics Component Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-0982, CVE-2020-0987.
1275 CVE-2020-0989 862 2020-09-11 2020-09-15
2.1
None Local Low Not required Partial None None
An information disclosure vulnerability exists when Windows Mobile Device Management (MDM) Diagnostics improperly handles junctions, aka 'Windows Mobile Device Management Diagnostics Information Disclosure Vulnerability'.
1276 CVE-2020-0987 200 +Info 2020-04-15 2020-07-16
2.1
None Local Low Not required Partial None None
An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory, aka 'Microsoft Graphics Component Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-0982, CVE-2020-1005.
1277 CVE-2020-0982 200 +Info 2020-04-15 2020-04-22
2.1
None Local Low Not required Partial None None
An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory, aka 'Microsoft Graphics Component Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-0987, CVE-2020-1005.
1278 CVE-2020-0962 200 +Info 2020-04-15 2020-04-21
2.1
None Local Low Not required Partial None None
An information disclosure vulnerability exists when the win32k component improperly provides kernel information, aka 'Win32k Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-0699.
1279 CVE-2020-0955 200 +Info 2020-04-15 2020-04-17
2.1
None Local Low Not required Partial None None
An information disclosure vulnerability exists when certain central processing units (CPU) speculatively access memory, aka 'Windows Kernel Information Disclosure in CPU Memory Access'.
1280 CVE-2020-0943 287 Bypass 2020-04-15 2020-04-21
2.1
None Local Low Not required Partial None None
An authentication bypass vulnerability exists in Microsoft YourPhoneCompanion application for Android, in the way the application processes notifications generated by work profiles.This could allow an unauthenticated attacker to view notifications, aka 'Microsoft YourPhone Application for Android Authentication Bypass Vulnerability'.
1281 CVE-2020-0941 200 +Info 2020-09-11 2020-09-15
2.1
None Local Low Not required Partial None None
An information disclosure vulnerability exists when the win32k component improperly provides kernel information, aka 'Win32k Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-1250.
1282 CVE-2020-0935 269 2020-04-15 2020-04-21
2.1
None Local Low Not required None Partial None
An elevation of privilege vulnerability exists when the OneDrive for Windows Desktop application improperly handles symbolic links, aka 'OneDrive for Windows Elevation of Privilege Vulnerability'.
1283 CVE-2020-0928 2020-09-11 2020-09-15
2.1
None Local Low Not required Partial None None
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-1033, CVE-2020-1589, CVE-2020-1592, CVE-2020-16854.
1284 CVE-2020-0921 200 +Info 2020-09-11 2020-09-17
2.1
None Local Low Not required Partial None None
An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory, aka 'Microsoft Graphics Component Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-1083.
1285 CVE-2020-0914 2020-09-11 2020-09-15
2.1
None Local Low Not required Partial None None
An information disclosure vulnerability exists when the Windows State Repository Service improperly handles objects in memory, aka 'Windows State Repository Service Information Disclosure Vulnerability'.
1286 CVE-2020-0904 732 DoS 2020-09-11 2020-09-16
2.1
None Local Low Not required None None Partial
A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate specific malicious data from a user on a guest operating system.To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system, running as a virtual machine, could run a specially crafted application.The security update addresses the vulnerability by resolving the conditions where Hyper-V would fail to handle these requests., aka 'Windows Hyper-V Denial of Service Vulnerability'. This CVE ID is unique from CVE-2020-0890.
1287 CVE-2020-0879 200 +Info 2020-03-12 2020-03-16
2.1
None Local Low Not required Partial None None
An information disclosure vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory, allowing an attacker to retrieve information from a targeted system, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-0774, CVE-2020-0874, CVE-2020-0880, CVE-2020-0882.
1288 CVE-2020-0874 200 +Info 2020-03-12 2020-03-16
2.1
None Local Low Not required Partial None None
An information disclosure vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory, allowing an attacker to retrieve information from a targeted system, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-0774, CVE-2020-0879, CVE-2020-0880, CVE-2020-0882.
1289 CVE-2020-0871 200 +Info 2020-03-12 2020-03-17
2.1
None Local Low Not required Partial None None
An information disclosure vulnerability exists when Windows Network Connections Service fails to properly handle objects in memory, aka 'Windows Network Connections Service Information Disclosure Vulnerability'.
1290 CVE-2020-0863 200 +Info 2020-03-12 2020-03-16
2.1
None Local Low Not required Partial None None
An information vulnerability exists when Windows Connected User Experiences and Telemetry Service improperly discloses file information, aka 'Connected User Experiences and Telemetry Service Information Disclosure Vulnerability'.
1291 CVE-2020-0859 200 +Info 2020-03-12 2020-03-17
2.1
None Local Low Not required Partial None None
An information vulnerability exists when Windows Modules Installer Service improperly discloses file information, aka 'Windows Modules Installer Service Information Disclosure Vulnerability'.
1292 CVE-2020-0821 200 +Info 2020-04-15 2020-04-17
2.1
None Local Low Not required Partial None None
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-1007.
1293 CVE-2020-0820 200 +Info 2020-03-12 2020-03-16
2.1
None Local Low Not required Partial None None
An information disclosure vulnerability exists when Media Foundation improperly handles objects in memory, aka 'Media Foundation Information Disclosure Vulnerability'.
1294 CVE-2020-0805 732 Bypass 2020-09-11 2020-09-17
2.1
None Local Low Not required None Partial None
A security feature bypass vulnerability exists when a Windows Projected Filesystem improperly handles file redirections, aka 'Projected Filesystem Security Feature Bypass Vulnerability'.
1295 CVE-2020-0779 59 2020-03-12 2020-03-16
2.1
None Local Low Not required None Partial None
An elevation of privilege vulnerability exists in the Windows Installer when MSI packages process symbolic links, aka 'Windows Installer Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0798, CVE-2020-0814, CVE-2020-0842, CVE-2020-0843.
1296 CVE-2020-0775 200 +Info 2020-03-12 2020-03-17
2.1
None Local Low Not required Partial None None
An information disclosure vulnerability exists when Windows Error Reporting improperly handles file operations.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows Error Reporting Information Disclosure Vulnerability'.
1297 CVE-2020-0756 200 +Info 2020-02-11 2020-02-14
2.1
None Local Low Not required Partial None None
An information disclosure vulnerability exists in the Cryptography Next Generation (CNG) service when it fails to properly handle objects in memory.To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application.The security update addresses the vulnerability by correcting how the service handles objects in memory., aka 'Windows Key Isolation Service Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-0675, CVE-2020-0676, CVE-2020-0677, CVE-2020-0748, CVE-2020-0755.
1298 CVE-2020-0755 200 +Info 2020-02-11 2020-02-14
2.1
None Local Low Not required Partial None None
An information disclosure vulnerability exists in the Cryptography Next Generation (CNG) service when it fails to properly handle objects in memory.To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application.The security update addresses the vulnerability by correcting how the service handles objects in memory., aka 'Windows Key Isolation Service Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-0675, CVE-2020-0676, CVE-2020-0677, CVE-2020-0748, CVE-2020-0756.
1299 CVE-2020-0751 20 DoS 2020-02-11 2020-02-13
2.1
None Local Low Not required None None Partial
A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate specific malicious data from a user on a guest operating system.To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system, running as a virtual machine, could run a specially crafted application.The security update addresses the vulnerability by resolving the conditions where Hyper-V would fail to handle these requests., aka 'Windows Hyper-V Denial of Service Vulnerability'. This CVE ID is unique from CVE-2020-0661.
1300 CVE-2020-0748 119 Overflow 2020-02-11 2020-02-13
2.1
None Local Low Not required Partial None None
An information disclosure vulnerability exists in the Cryptography Next Generation (CNG) service when it fails to properly handle objects in memory.To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application.The security update addresses the vulnerability by correcting how the service handles objects in memory., aka 'Windows Key Isolation Service Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-0675, CVE-2020-0676, CVE-2020-0677, CVE-2020-0755, CVE-2020-0756.
Total number of vulnerabilities : 4561   Page : 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 (This Page)27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.