Microsoft Windows vulnerabilities

CVE-2020-0987 [MEDIUM] CVE-2020-0987: An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory, aka 'Microsoft Grap An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory, aka 'Microsoft Graphics Component Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-0982, CVE-2020-1005.

CVE-2020-0955 [MEDIUM] CVE-2020-0955: An information disclosure vulnerability exists when certain central processing units (CPU) speculati An information disclosure vulnerability exists when certain central processing units (CPU) speculatively access memory, aka 'Windows Kernel Information Disclosure in CPU Memory Access'.

CVE-2020-0794 [MEDIUM] CVE-2020-0794: A denial of service vulnerability exists when Windows improperly handles objects in memory, aka 'Win A denial of service vulnerability exists when Windows improperly handles objects in memory, aka 'Windows Denial of Service Vulnerability'.

CVE-2020-0962 [MEDIUM] CVE-2020-0962: An information disclosure vulnerability exists when the win32k component improperly provides kernel information, aka 'Win32k Information Disclosure Vu An information disclosure vulnerability exists when the win32k component improperly provides kernel information, aka 'Win32k Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-0699.

CVE-2020-0937 [MEDIUM] CVE-2020-0937: An information disclosure vulnerability exists when Media Foundation improperly handles objects in memory, aka 'Media Foundation Information Disclosur An information disclosure vulnerability exists when Media Foundation improperly handles objects in memory, aka 'Media Foundation Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-0939, CVE-2020-0945, CVE-2020-0946, CVE-2020-0947.

CVE-2020-0699 [MEDIUM] CVE-2020-0699: An information disclosure vulnerability exists when the win32k component improperly provides kernel An information disclosure vulnerability exists when the win32k component improperly provides kernel information, aka 'Win32k Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-0962.

CVE-2020-0952 [MEDIUM] CVE-2020-0952: An information disclosure vulnerability exists when the Windows GDI component improperly discloses t An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'.

CVE-2020-0945 [MEDIUM] CVE-2020-0945: An information disclosure vulnerability exists when Media Foundation improperly handles objects in memory, aka 'Media Foundation Information Disclosur An information disclosure vulnerability exists when Media Foundation improperly handles objects in memory, aka 'Media Foundation Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-0937, CVE-2020-0939, CVE-2020-0946, CVE-2020-0947.

CVE-2020-0690 [CRITICAL] CVE-2020-0690: An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory, ak An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory, aka 'DirectX Elevation of Privilege Vulnerability'.

CVE-2020-0772 [HIGH] CVE-2020-0772: An elevation of privilege vulnerability exists when Windows Error Reporting improperly handles memor An elevation of privilege vulnerability exists when Windows Error Reporting improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows Error Reporting Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0806.

CVE-2020-0845 [HIGH] CVE-2020-0845: An elevation of privilege vulnerability exists in the way that the Windows Network Connections Service handles objects in memory, aka 'Windows Network An elevation of privilege vulnerability exists in the way that the Windows Network Connections Service handles objects in memory, aka 'Windows Network Connections Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0778, CVE-2020-0802, CVE-2020-0803, CVE-2020-0804.

CVE-2020-0810 [HIGH] CVE-2020-0810: An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector or the Vi An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector or the Visual Studio Standard Collector allows file creation in arbitrary locations.To exploit the vulnerability, an attacker would first have to log on to the system.An attacker could then run a specially crafted application that could exploit the vulnerability and take

CVE-2020-0785 [HIGH] CWE-269 CVE-2020-0785: An elevation of privilege vulnerability exists when the Windows User Profile Service (ProfSvc) impro An elevation of privilege vulnerability exists when the Windows User Profile Service (ProfSvc) improperly handles symlinks, aka 'Windows User Profile Service Elevation of Privilege Vulnerability'.

CVE-2020-0867 [HIGH] CVE-2020-0867: An elevation of privilege vulnerability exists when the Windows Update Orchestrator Service improper An elevation of privilege vulnerability exists when the Windows Update Orchestrator Service improperly handles file operations, aka 'Windows Update Orchestrator Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0868.

CVE-2020-0877 [HIGH] CVE-2020-0877: An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0788, CVE-2020-0887.

CVE-2020-0809 [HIGH] CVE-2020-0809: A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory, aka 'Media Foundation Memory Corruption V A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory, aka 'Media Foundation Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0801, CVE-2020-0807, CVE-2020-0869.

CVE-2020-0807 [HIGH] CVE-2020-0807: A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory, aka 'Media Foundation Memory Corruption V A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory, aka 'Media Foundation Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0801, CVE-2020-0809, CVE-2020-0869.

CVE-2020-0762 [HIGH] CVE-2020-0762: An elevation of privilege vulnerability exists when Windows Defender Security Center handles certain An elevation of privilege vulnerability exists when Windows Defender Security Center handles certain objects in memory.To exploit the vulnerability, an attacker would first have to log on to the system, aka 'Windows Defender Security Center Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0763.

CVE-2020-0776 [HIGH] CVE-2020-0776: An elevation of privilege vulnerability exists when the Windows AppX Deployment Server improperly ha An elevation of privilege vulnerability exists when the Windows AppX Deployment Server improperly handles file operations.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0858.

CVE-2020-0645 [HIGH] CVE-2020-0645: A tampering vulnerability exists when Microsoft IIS Server improperly handles malformed request head A tampering vulnerability exists when Microsoft IIS Server improperly handles malformed request headers, aka 'Microsoft IIS Server Tampering Vulnerability'.