Total
32135 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-0610 | 1 Microsoft | 3 Windows Server 2012, Windows Server 2016, Windows Server 2019 | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| A remote code execution vulnerability exists in Windows Remote Desktop Gateway (RD Gateway) when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Windows Remote Desktop Gateway (RD Gateway) Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0609. | |||||
| CVE-2020-0609 | 1 Microsoft | 3 Windows Server 2012, Windows Server 2016, Windows Server 2019 | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| A remote code execution vulnerability exists in Windows Remote Desktop Gateway (RD Gateway) when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Windows Remote Desktop Gateway (RD Gateway) Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0610. | |||||
| CVE-2020-0608 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| An information disclosure vulnerability exists when the win32k component improperly provides kernel information, aka 'Win32k Information Disclosure Vulnerability'. | |||||
| CVE-2020-0607 | 1 Microsoft | 7 Windows 10, Windows 7, Windows 8.1 and 4 more | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| An information disclosure vulnerability exists in the way that Microsoft Graphics Components handle objects in memory, aka 'Microsoft Graphics Components Information Disclosure Vulnerability'. | |||||
| CVE-2020-0604 | 1 Microsoft | 1 Visual Studio Code | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
| A remote code execution vulnerability exists in Visual Studio Code when it process environment variables after opening a project. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker would need to convince a target to clone a repository and open it in Visual Studio Code. Attacker-specified code would execute when the target opened the integrated terminal. The update address the vulnerability by modifying the way Visual Studio Code handles environment variables. | |||||
| CVE-2020-0602 | 2 Microsoft, Redhat | 3 Asp.net Core, Enterprise Linux, Enterprise Linux Eus | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| A denial of service vulnerability exists when ASP.NET Core improperly handles web requests, aka 'ASP.NET Core Denial of Service Vulnerability'. | |||||
| CVE-2020-0600 | 1 Intel | 20 Compute Stick Stck1a32wfc, Compute Stick Stck1a32wfc Firmware, Nuc 7 Essential Pc Nuc7cjysal and 17 more | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| Improper buffer restrictions in firmware for some Intel(R) NUC may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2020-0593 | 1 Intel | 479 Bios, Core I3-1000g1, Core I3-1000g4 and 476 more | 2024-11-21 | 4.6 MEDIUM | 6.7 MEDIUM |
| Improper buffer restrictions in BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access. | |||||
| CVE-2020-0591 | 2 Intel, Siemens | 202 Bios, Core I5-7640x, Core I7-3820 and 199 more | 2024-11-21 | 4.6 MEDIUM | 6.7 MEDIUM |
| Improper buffer restrictions in BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access. | |||||
| CVE-2020-0583 | 1 Intel | 6 Core I3, Core I5, Core I7 and 3 more | 2024-11-21 | 4.6 MEDIUM | 8.8 HIGH |
| Improper access control in the subsystem for Intel(R) Smart Sound Technology may allow an authenticated user to potentially enable escalation of privilege via local access. This affects Intel® Smart Sound Technology before versions: 10th Generation Intel® Core™ i7 Processors, version 3431 and 8th Generation Intel® Core™ Processors, version 3349. | |||||
| CVE-2020-0578 | 1 Intel | 2 Compute Module Mfs2600ki, Compute Module Mfs2600ki Firmware | 2024-11-21 | 5.8 MEDIUM | 8.8 HIGH |
| Improper conditions check for Intel(R) Modular Server MFS2600KISPP Compute Module may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access. | |||||
| CVE-2020-0577 | 1 Intel | 2 Compute Module Mfs2600ki, Compute Module Mfs2600ki Firmware | 2024-11-21 | 5.8 MEDIUM | 8.8 HIGH |
| Insufficient control flow for Intel(R) Modular Server MFS2600KISPP Compute Module may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access. | |||||
| CVE-2020-0575 | 1 Intel | 1 Unite | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| Improper buffer restrictions in the Intel(R) Unite Client for Windows* before version 4.2.13064 may allow an authenticated user to potentially enable information disclosure via local access. | |||||
| CVE-2020-0574 | 1 Intel | 2 Max 10 Fpga, Max 10 Fpga Firmware | 2024-11-21 | 3.6 LOW | 5.9 MEDIUM |
| Improper configuration in block design for Intel(R) MAX(R) 10 FPGA all versions may allow an authenticated user to potentially enable escalation of privilege and information disclosure via physical access. | |||||
| CVE-2020-0571 | 1 Intel | 22 Bios, Core I3 8100, Core I3 8100f and 19 more | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| Improper conditions check in BIOS firmware for 8th Generation Intel(R) Core(TM) Processors and Intel(R) Pentium(R) Silver Processor Series may allow an authenticated user to potentially enable information disclosure via local access. | |||||
| CVE-2020-0566 | 1 Intel | 1 Trusted Execution Engine Firmware | 2024-11-21 | 4.6 MEDIUM | 6.8 MEDIUM |
| Improper Access Control in subsystem for Intel(R) TXE versions before 3.175 and 4.0.25 may allow an unauthenticated user to potentially enable escalation of privilege via physical access. | |||||
| CVE-2020-0558 | 1 Intel | 12 Dual Band Wireless-ac 3165, Dual Band Wireless-ac 3168, Dual Band Wireless-ac 7265 \(rev D\) and 9 more | 2024-11-21 | 3.3 LOW | 6.5 MEDIUM |
| Improper buffer restrictions in kernel mode driver for Intel(R) PROSet/Wireless WiFi products before version 21.70 on Windows 10 may allow an unprivileged user to potentially enable denial of service via adjacent access. | |||||
| CVE-2020-0556 | 4 Bluez, Canonical, Debian and 1 more | 4 Bluez, Ubuntu Linux, Debian Linux and 1 more | 2024-11-21 | 5.8 MEDIUM | 7.1 HIGH |
| Improper access control in subsystem for BlueZ before version 5.54 may allow an unauthenticated user to potentially enable escalation of privilege and denial of service via adjacent access | |||||
| CVE-2020-0551 | 1 Intel | 1321 Atom C2308, Atom C2316, Atom C2338 and 1318 more | 2024-11-21 | 1.9 LOW | 5.6 MEDIUM |
| Load value injection in some Intel(R) Processors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. The list of affected products is provided in intel-sa-00334: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00334.html | |||||
| CVE-2020-0550 | 1 Intel | 752 Celeron 1000m, Celeron 1005m, Celeron 1007u and 749 more | 2024-11-21 | 1.9 LOW | 5.6 MEDIUM |
| Improper data forwarding in some data cache for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. The list of affected products is provided in intel-sa-00330: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00330.html | |||||