Vulnerabilities (CVE)

Filtered by vendor Microsoft Subscribe
Total 21359 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-15138 3 Apple, Microsoft, Prismjs 3 Safari, Internet Explorer, Previewers 2024-11-21 2.6 LOW 7.1 HIGH
Prism is vulnerable to Cross-Site Scripting. The easing preview of the Previewers plugin has an XSS vulnerability that allows attackers to execute arbitrary code in Safari and Internet Explorer. This impacts all Safari and Internet Explorer users of Prism >=v1.1.0 that use the _Previewers_ plugin (>=v1.10.0) or the _Previewer: Easing_ plugin (v1.1.0 to v1.9.0). This problem is fixed in version 1.21.0. To workaround the issue without upgrading, disable the easing preview on all impacted code blocks. You need Prism v1.10.0 or newer to apply this workaround.
CVE-2020-14999 2 Acronis, Microsoft 2 Agent, Windows 2024-11-21 5.0 MEDIUM 7.5 HIGH
A logic bug in system monitoring driver of Acronis Agent after 12.5.21540 and before 12.5.23094 allowed to bypass Windows memory protection and access sensitive data.
CVE-2020-13938 4 Apache, Mcafee, Microsoft and 1 more 4 Http Server, Epolicy Orchestrator, Windows and 1 more 2024-11-21 2.1 LOW 5.5 MEDIUM
Apache HTTP Server versions 2.4.0 to 2.4.46 Unprivileged local users can stop httpd on Windows
CVE-2020-13872 2 Microsoft, Royalapps 2 Windows, Royal Ts 2024-11-21 3.3 LOW 8.8 HIGH
Royal TS before 5 has a 0.0.0.0 listener, which makes it easier for attackers to bypass tunnel authentication via a brute-force approach.
CVE-2020-13699 2 Microsoft, Teamviewer 2 Windows, Teamviewer 2024-11-21 6.8 MEDIUM 8.8 HIGH
TeamViewer Desktop for Windows before 15.8.3 does not properly quote its custom URI handlers. A malicious website could launch TeamViewer with arbitrary parameters, as demonstrated by a teamviewer10: --play URL. An attacker could force a victim to send an NTLM authentication request and either relay the request or capture the hash for offline password cracking. This affects teamviewer10, teamviewer8, teamviewerapi, tvchat1, tvcontrol1, tvfiletransfer1, tvjoinv8, tvpresent1, tvsendfile1, tvsqcustomer1, tvsqsupport1, tvvideocall1, and tvvpn1. The issue is fixed in 8.0.258861, 9.0.258860, 10.0.258873, 11.0.258870, 12.0.258869, 13.2.36220, 14.2.56676, 14.7.48350, and 15.8.3.
CVE-2020-13417 4 Apple, Aviatrix, Linux and 1 more 6 Macos, Controller, Gateway and 3 more 2024-11-21 7.5 HIGH 9.8 CRITICAL
An Elevation of Privilege issue was discovered in Aviatrix VPN Client before 2.10.7, because of an incomplete fix for CVE-2020-7224. This affects Linux, macOS, and Windows installations for certain OpenSSL parameters.
CVE-2020-12987 2 Amd, Microsoft 3 Radeon Pro Software, Radeon Software, Windows 10 2024-11-21 2.1 LOW 5.5 MEDIUM
A heap information leak/kernel pool address disclosure vulnerability in the AMD Graphics Driver for Windows 10 may lead to KASLR bypass.
CVE-2020-12986 2 Amd, Microsoft 3 Radeon Pro Software, Radeon Software, Windows 10 2024-11-21 7.2 HIGH 7.8 HIGH
An insufficient pointer validation vulnerability in the AMD Graphics Driver for Windows 10 may cause arbitrary code execution in the kernel, leading to escalation of privilege or denial of service.
CVE-2020-12985 2 Amd, Microsoft 3 Radeon Pro Software, Radeon Software, Windows 10 2024-11-21 4.6 MEDIUM 7.8 HIGH
An insufficient pointer validation vulnerability in the AMD Graphics Driver for Windows 10 may lead to escalation of privilege or denial of service.
CVE-2020-12983 2 Amd, Microsoft 3 Radeon Pro Software, Radeon Software, Windows 10 2024-11-21 4.6 MEDIUM 7.8 HIGH
An out of bounds write vulnerability in the AMD Graphics Driver for Windows 10 may lead to escalation of privileges or denial of service.
CVE-2020-12982 2 Amd, Microsoft 3 Radeon Pro Software, Radeon Software, Windows 10 2024-11-21 4.6 MEDIUM 7.8 HIGH
An invalid object pointer free vulnerability in the AMD Graphics Driver for Windows 10 may lead to escalation of privilege or denial of service.
CVE-2020-12981 2 Amd, Microsoft 3 Radeon Pro Software, Radeon Software, Windows 10 2024-11-21 7.2 HIGH 7.8 HIGH
An insufficient input validation in the AMD Graphics Driver for Windows 10 may allow unprivileged users to unload the driver, potentially causing memory corruptions in high privileged processes, which can lead to escalation of privileges or denial of service.
CVE-2020-12980 2 Amd, Microsoft 3 Radeon Pro Software, Radeon Software, Windows 10 2024-11-21 4.6 MEDIUM 7.8 HIGH
An out of bounds write and read vulnerability in the AMD Graphics Driver for Windows 10 may lead to escalation of privilege or denial of service.
CVE-2020-12963 2 Amd, Microsoft 2 Radeon Software, Windows 10 2024-11-21 7.2 HIGH 7.8 HIGH
An insufficient pointer validation vulnerability in the AMD Graphics Driver for Windows may allow unprivileged users to compromise the system.
CVE-2020-12962 2 Amd, Microsoft 2 Radeon Software, Windows 2024-11-21 4.6 MEDIUM 7.8 HIGH
Escape call interface in the AMD Graphics Driver for Windows may cause privilege escalation.
CVE-2020-12960 2 Amd, Microsoft 2 Radeon Software, Windows 10 2024-11-21 2.1 LOW 5.5 MEDIUM
AMD Graphics Driver for Windows 10, amdfender.sys may improperly handle input validation on InputBuffer which may result in a denial of service (DoS).
CVE-2020-12929 2 Amd, Microsoft 2 Radeon Software, Windows 10 2024-11-21 4.6 MEDIUM 7.8 HIGH
Improper parameters validation in some trusted applications of the PSP contained in the AMD Graphics Driver may allow a local attacker to bypass security restrictions and achieve arbitrary code execution .
CVE-2020-12905 2 Amd, Microsoft 2 Radeon Software, Windows 10 2024-11-21 2.1 LOW 5.5 MEDIUM
Out of Bounds Read in AMD Graphics Driver for Windows 10 in Escape 0x3004403 may lead to arbitrary information disclosure.
CVE-2020-12904 2 Amd, Microsoft 2 Radeon Software, Windows 10 2024-11-21 2.1 LOW 5.5 MEDIUM
Out of Bounds Read in AMD Graphics Driver for Windows 10 in Escape 0x3004203 may lead to arbitrary information disclosure.
CVE-2020-12903 2 Amd, Microsoft 2 Radeon Software, Windows 10 2024-11-21 4.6 MEDIUM 7.8 HIGH
Out of Bounds Write and Read in AMD Graphics Driver for Windows 10 in Escape 0x6002d03 may lead to escalation of privilege or denial of service.