Integer overflows were discovered in the functions grub_cmd_initrd and grub_initrd_init in the efilinux component of GRUB2, as shipped in Debian, Red Hat, and Ubuntu (the functionality is not included in GRUB2 upstream), leading to a heap-based buffer overflow. These could be triggered by an extremely large number of arguments to the initrd command on 32-bit architectures, or a crafted filesystem with very large files on any architecture. An attacker could use this to execute arbitrary code and bypass UEFI Secure Boot restrictions. This issue affects GRUB2 version 2.04 and prior versions.
Max CVSS
6.4
EPSS Score
0.12%
Published
2020-07-29
Updated
2021-09-13
A remote code execution vulnerability exists in the ESLint extension for Visual Studio Code when it validates source code after opening a project, aka 'Visual Studio Code ESLint Extention Remote Code Execution Vulnerability'.
Max CVSS
9.3
EPSS Score
3.80%
Published
2020-07-14
Updated
2021-07-21
A remote code execution vulnerability exists when Microsoft Office improperly validates input before loading dynamic link library (DLL) files, aka 'Microsoft Office Remote Code Execution Vulnerability'.
Max CVSS
9.3
EPSS Score
0.91%
Published
2020-07-14
Updated
2020-07-20
A remote code execution vulnerability exists in the way that Microsoft Windows Codecs Library handles objects in memory, aka 'Microsoft Windows Codecs Library Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1425.
Max CVSS
7.8
EPSS Score
1.01%
Published
2020-07-27
Updated
2022-01-04
A remote code execution vulnerability exists in Microsoft Project software when the software fails to check the source markup of a file, aka 'Microsoft Project Remote Code Execution Vulnerability'.
Max CVSS
9.3
EPSS Score
0.92%
Published
2020-07-14
Updated
2020-07-24
A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1446, CVE-2020-1447.
Max CVSS
8.8
EPSS Score
3.80%
Published
2020-07-14
Updated
2021-07-21
A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1446, CVE-2020-1448.
Max CVSS
8.8
EPSS Score
3.80%
Published
2020-07-14
Updated
2021-07-21
A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1447, CVE-2020-1448.
Max CVSS
8.8
EPSS Score
3.80%
Published
2020-07-14
Updated
2021-07-21
A remote code execution vulnerability exists in the way Microsoft SharePoint software parses specially crafted email messages, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'.
Max CVSS
4.3
EPSS Score
0.87%
Published
2020-07-14
Updated
2021-07-21
A remote code execution vulnerability exists in PerformancePoint Services for SharePoint Server when the software fails to check the source markup of XML file input, aka 'PerformancePoint Services Remote Code Execution Vulnerability'.
Max CVSS
8.8
EPSS Score
0.86%
Published
2020-07-14
Updated
2020-07-23
A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted fonts.For all systems except Windows 10, an attacker who successfully exploited the vulnerability could execute code remotely, aka 'Windows Font Library Remote Code Execution Vulnerability'.
Max CVSS
8.8
EPSS Score
7.57%
Published
2020-07-14
Updated
2022-05-03
A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory, aka 'GDI+ Remote Code Execution Vulnerability'.
Max CVSS
9.3
EPSS Score
3.80%
Published
2020-07-14
Updated
2021-07-21
A remoted code execution vulnerability exists in the way that Microsoft Windows Codecs Library handles objects in memory, aka 'Microsoft Windows Codecs Library Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1457.
Max CVSS
7.8
EPSS Score
0.89%
Published
2020-07-27
Updated
2021-07-21
A remote code execution vulnerability exists in Microsoft Windows that could allow remote code execution if a .LNK file is processed.An attacker who successfully exploited this vulnerability could gain the same user rights as the local user, aka 'LNK Remote Code Execution Vulnerability'.
Max CVSS
9.3
EPSS Score
8.96%
Published
2020-07-14
Updated
2020-07-23
A remote code execution vulnerability exists in the way that Microsoft Graphics Components handle objects in memory, aka 'Microsoft Graphics Components Remote Code Execution Vulnerability'.
Max CVSS
9.3
EPSS Score
2.07%
Published
2020-07-14
Updated
2021-07-21
A remote code execution vulnerability exists when Windows Address Book (WAB) improperly processes vcard files.To exploit the vulnerability, an attacker could send a malicious vcard that a victim opens using Windows Address Book (WAB), aka 'Windows Address Book Remote Code Execution Vulnerability'.
Max CVSS
9.3
EPSS Score
1.12%
Published
2020-07-14
Updated
2020-09-28
A remote code execution vulnerability exists in the way that DirectWrite handles objects in memory, aka 'DirectWrite Remote Code Execution Vulnerability'.
Max CVSS
9.3
EPSS Score
1.12%
Published
2020-07-14
Updated
2021-07-21
A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts, aka 'Microsoft Graphics Remote Code Execution Vulnerability'.
Max CVSS
9.3
EPSS Score
2.98%
Published
2020-07-14
Updated
2020-09-28
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1400, CVE-2020-1401.
Max CVSS
9.3
EPSS Score
1.12%
Published
2020-07-14
Updated
2021-07-21
A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'VBScript Remote Code Execution Vulnerability'.
Max CVSS
7.6
EPSS Score
1.24%
Published
2020-07-14
Updated
2021-07-21
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1400, CVE-2020-1407.
Max CVSS
9.3
EPSS Score
1.12%
Published
2020-07-14
Updated
2021-07-21
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1401, CVE-2020-1407.
Max CVSS
9.3
EPSS Score
0.58%
Published
2020-07-14
Updated
2022-04-27
A remote code execution vulnerability exists in the Windows Remote Desktop Client when a user connects to a malicious server, aka 'Remote Desktop Client Remote Code Execution Vulnerability'.
Max CVSS
7.5
EPSS Score
1.24%
Published
2020-07-14
Updated
2021-07-21
A remote code execution vulnerability exists when the Windows Font Driver Host improperly handles memory.An attacker who successfully exploited the vulnerability would gain execution on a victim system.The security update addresses the vulnerability by correcting how the Windows Font Driver Host handles memory., aka 'Windows Font Driver Host Remote Code Execution Vulnerability'.
Max CVSS
7.8
EPSS Score
0.50%
Published
2020-07-14
Updated
2021-07-21

CVE-2020-1350

Known exploited
A remote code execution vulnerability exists in Windows Domain Name System servers when they fail to properly handle requests, aka 'Windows DNS Server Remote Code Execution Vulnerability'.
Max CVSS
10.0
EPSS Score
94.46%
Published
2020-07-14
Updated
2022-07-12
CISA KEV Added
2021-11-03
35 vulnerabilities found
1 2
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!