Логотип exploitDog
source:"msrc"
Консоль
Логотип exploitDog

exploitDog

source:"msrc"

Количество 18 769

Количество 18 769

msrc логотип

CVE-2020-14422

около 5 лет назад

CVSS3: 5.9
EPSS: Низкий
msrc логотип

CVE-2020-1441

больше 5 лет назад

Windows Spatial Data Service Elevation of Privilege Vulnerability

CVSS3: 7
EPSS: Низкий
msrc логотип

CVE-2020-14415

больше 5 лет назад

CVSS3: 3.3
EPSS: Низкий
msrc логотип

CVE-2020-1440

больше 5 лет назад

Microsoft SharePoint Server Tampering Vulnerability

CVSS3: 6.3
EPSS: Низкий
msrc логотип

CVE-2020-1439

больше 5 лет назад

PerformancePoint Services Remote Code Execution Vulnerability

EPSS: Средний
msrc логотип

CVE-2020-14390

больше 5 лет назад

A flaw was found in the Linux kernel in versions before 5.9-rc6. When changing screen size an out-of-bounds memory write can occur leading to memory corruption or a denial of service. Due to the nature of the flaw privilege escalation cannot be fully ruled out.

CVSS3: 5.6
EPSS: Низкий
msrc логотип

CVE-2020-1438

больше 5 лет назад

Windows Network Connections Service Elevation of Privilege Vulnerability

CVSS3: 7
EPSS: Низкий
msrc логотип

CVE-2020-14387

около 4 лет назад

CVSS3: 7.4
EPSS: Низкий
msrc логотип

CVE-2020-14386

больше 5 лет назад

A flaw was found in the Linux kernel before 5.9-rc4. Memory corruption can be exploited to gain root privileges from unprivileged processes. The highest threat from this vulnerability is to data confidentiality and integrity.

CVSS3: 7.8
EPSS: Низкий
msrc логотип

CVE-2020-14385

больше 5 лет назад

A flaw was found in the Linux kernel before 5.9-rc4. A failure of the file system metadata validator in XFS can cause an inode with a valid user-creatable extended attribute to be flagged as corrupt. This can lead to the filesystem being shutdown or otherwise rendered inaccessible until it is remounted leading to a denial of service. The highest threat from this vulnerability is to system availability.

CVSS3: 5.5
EPSS: Низкий
msrc логотип

CVE-2020-14383

больше 1 года назад

CVSS3: 6.5
EPSS: Низкий
msrc логотип

CVE-2020-14381

около 5 лет назад

A flaw was found in the Linux kernel’s futex implementation. This flaw allows a local attacker to corrupt system memory or escalate their privileges when creating a futex on a filesystem that is about to be unmounted. The highest threat from this vulnerability is to confidentiality integrity as well as system availability.

CVSS3: 7.8
EPSS: Низкий
msrc логотип

CVE-2020-1437

больше 5 лет назад

Windows Network Location Awareness Service Elevation of Privilege Vulnerability

CVSS3: 7
EPSS: Низкий
msrc логотип

CVE-2020-14378

5 месяцев назад

An integer underflow in dpdk versions before 18.11.10 and before 19.11.5 in the `move_desc` function can lead to large amounts of CPU cycles being eaten up in a long running loop. An attacker could cause `move_desc` to get stuck in a 4,294,967,295-count iteration loop. Depending on how `vhost_crypto` is being used this could prevent other VMs or network tasks from being serviced by the busy DPDK lcore for an extended period.

CVSS3: 3.3
EPSS: Низкий
msrc логотип

CVE-2020-14376

5 месяцев назад

A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5. A lack of bounds checking when copying iv_data from the VM guest memory into host memory can lead to a large buffer overflow. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

CVSS3: 7.8
EPSS: Низкий
msrc логотип

CVE-2020-14372

почти 5 лет назад

A flaw was found in grub2 in versions prior to 2.06 where it incorrectly enables the usage of the ACPI command when Secure Boot is enabled. This flaw allows an attacker with privileged access to craft a Secondary System Description Table (SSDT) containing code to overwrite the Linux kernel lockdown variable content directly into memory. The table is further loaded and executed by the kernel defeating its Secure Boot lockdown and allowing the attacker to load unsigned code. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

CVSS3: 7.5
EPSS: Низкий
msrc логотип

CVE-2020-1436

больше 5 лет назад

Windows Font Library Remote Code Execution Vulnerability

CVSS3: 6.3
EPSS: Средний
msrc логотип

CVE-2020-14364

больше 5 лет назад

CVSS3: 5
EPSS: Средний
msrc логотип

CVE-2020-1435

больше 5 лет назад

GDI+ Remote Code Execution Vulnerability

CVSS3: 6.3
EPSS: Средний
msrc логотип

CVE-2020-14356

больше 5 лет назад

CVSS3: 7.8
EPSS: Низкий

Уязвимостей на страницу

Уязвимость
CVSS
EPSS
Опубликовано
msrc логотип
CVSS3: 5.9
1%
Низкий
около 5 лет назад
msrc логотип
CVE-2020-1441

Windows Spatial Data Service Elevation of Privilege Vulnerability

CVSS3: 7
больше 5 лет назад
msrc логотип
CVSS3: 3.3
0%
Низкий
больше 5 лет назад
msrc логотип
CVE-2020-1440

Microsoft SharePoint Server Tampering Vulnerability

CVSS3: 6.3
2%
Низкий
больше 5 лет назад
msrc логотип
CVE-2020-1439

PerformancePoint Services Remote Code Execution Vulnerability

31%
Средний
больше 5 лет назад
msrc логотип
CVE-2020-14390

A flaw was found in the Linux kernel in versions before 5.9-rc6. When changing screen size an out-of-bounds memory write can occur leading to memory corruption or a denial of service. Due to the nature of the flaw privilege escalation cannot be fully ruled out.

CVSS3: 5.6
0%
Низкий
больше 5 лет назад
msrc логотип
CVE-2020-1438

Windows Network Connections Service Elevation of Privilege Vulnerability

CVSS3: 7
0%
Низкий
больше 5 лет назад
msrc логотип
CVSS3: 7.4
0%
Низкий
около 4 лет назад
msrc логотип
CVE-2020-14386

A flaw was found in the Linux kernel before 5.9-rc4. Memory corruption can be exploited to gain root privileges from unprivileged processes. The highest threat from this vulnerability is to data confidentiality and integrity.

CVSS3: 7.8
1%
Низкий
больше 5 лет назад
msrc логотип
CVE-2020-14385

A flaw was found in the Linux kernel before 5.9-rc4. A failure of the file system metadata validator in XFS can cause an inode with a valid user-creatable extended attribute to be flagged as corrupt. This can lead to the filesystem being shutdown or otherwise rendered inaccessible until it is remounted leading to a denial of service. The highest threat from this vulnerability is to system availability.

CVSS3: 5.5
0%
Низкий
больше 5 лет назад
msrc логотип
CVSS3: 6.5
0%
Низкий
больше 1 года назад
msrc логотип
CVE-2020-14381

A flaw was found in the Linux kernel’s futex implementation. This flaw allows a local attacker to corrupt system memory or escalate their privileges when creating a futex on a filesystem that is about to be unmounted. The highest threat from this vulnerability is to confidentiality integrity as well as system availability.

CVSS3: 7.8
1%
Низкий
около 5 лет назад
msrc логотип
CVE-2020-1437

Windows Network Location Awareness Service Elevation of Privilege Vulnerability

CVSS3: 7
0%
Низкий
больше 5 лет назад
msrc логотип
CVE-2020-14378

An integer underflow in dpdk versions before 18.11.10 and before 19.11.5 in the `move_desc` function can lead to large amounts of CPU cycles being eaten up in a long running loop. An attacker could cause `move_desc` to get stuck in a 4,294,967,295-count iteration loop. Depending on how `vhost_crypto` is being used this could prevent other VMs or network tasks from being serviced by the busy DPDK lcore for an extended period.

CVSS3: 3.3
0%
Низкий
5 месяцев назад
msrc логотип
CVE-2020-14376

A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5. A lack of bounds checking when copying iv_data from the VM guest memory into host memory can lead to a large buffer overflow. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

CVSS3: 7.8
0%
Низкий
5 месяцев назад
msrc логотип
CVE-2020-14372

A flaw was found in grub2 in versions prior to 2.06 where it incorrectly enables the usage of the ACPI command when Secure Boot is enabled. This flaw allows an attacker with privileged access to craft a Secondary System Description Table (SSDT) containing code to overwrite the Linux kernel lockdown variable content directly into memory. The table is further loaded and executed by the kernel defeating its Secure Boot lockdown and allowing the attacker to load unsigned code. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

CVSS3: 7.5
1%
Низкий
почти 5 лет назад
msrc логотип
CVE-2020-1436

Windows Font Library Remote Code Execution Vulnerability

CVSS3: 6.3
11%
Средний
больше 5 лет назад
msrc логотип
CVSS3: 5
11%
Средний
больше 5 лет назад
msrc логотип
CVE-2020-1435

GDI+ Remote Code Execution Vulnerability

CVSS3: 6.3
36%
Средний
больше 5 лет назад
msrc логотип
CVSS3: 7.8
1%
Низкий
больше 5 лет назад

Уязвимостей на страницу