Microsoft Windows Server vulnerabilities

CVE-2020-1016 [MEDIUM] CVE-2020-1016: An information disclosure vulnerability exists when the Windows Push Notification Service improperly An information disclosure vulnerability exists when the Windows Push Notification Service improperly handles objects in memory, aka 'Windows Push Notification Service Information Disclosure Vulnerability'.

CVE-2020-0993 [MEDIUM] CVE-2020-0993: A denial of service vulnerability exists in Windows DNS when it fails to properly handle queries, ak A denial of service vulnerability exists in Windows DNS when it fails to properly handle queries, aka 'Windows DNS Denial of Service Vulnerability'.

CVE-2020-0821 [MEDIUM] CVE-2020-0821: An information disclosure vulnerability exists when the Windows kernel improperly handles objects in An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-1007.

CVE-2020-0982 [MEDIUM] CVE-2020-0982: An information disclosure vulnerability exists when the Microsoft Windows Graphics Component imprope An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory, aka 'Microsoft Graphics Component Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-0987, CVE-2020-1005.

CVE-2020-0955 [MEDIUM] CVE-2020-0955: An information disclosure vulnerability exists when certain central processing units (CPU) speculati An information disclosure vulnerability exists when certain central processing units (CPU) speculatively access memory, aka 'Windows Kernel Information Disclosure in CPU Memory Access'.

CVE-2020-0794 [MEDIUM] CVE-2020-0794: A denial of service vulnerability exists when Windows improperly handles objects in memory, aka 'Win A denial of service vulnerability exists when Windows improperly handles objects in memory, aka 'Windows Denial of Service Vulnerability'.

CVE-2020-0699 [MEDIUM] CVE-2020-0699: An information disclosure vulnerability exists when the win32k component improperly provides kernel An information disclosure vulnerability exists when the win32k component improperly provides kernel information, aka 'Win32k Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-0962.

CVE-2020-0952 [MEDIUM] CVE-2020-0952: An information disclosure vulnerability exists when the Windows GDI component improperly discloses t An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'.

CVE-2020-0690 [CRITICAL] CVE-2020-0690: An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory, ak An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory, aka 'DirectX Elevation of Privilege Vulnerability'.

CVE-2020-0867 [HIGH] CVE-2020-0867: An elevation of privilege vulnerability exists when the Windows Update Orchestrator Service improper An elevation of privilege vulnerability exists when the Windows Update Orchestrator Service improperly handles file operations, aka 'Windows Update Orchestrator Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0868.

CVE-2020-0776 [HIGH] CVE-2020-0776: An elevation of privilege vulnerability exists when the Windows AppX Deployment Server improperly ha An elevation of privilege vulnerability exists when the Windows AppX Deployment Server improperly handles file operations.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0858.

CVE-2020-0645 [HIGH] CVE-2020-0645: A tampering vulnerability exists when Microsoft IIS Server improperly handles malformed request head A tampering vulnerability exists when Microsoft IIS Server improperly handles malformed request headers, aka 'Microsoft IIS Server Tampering Vulnerability'.

CVE-2020-0881 [HIGH] CVE-2020-0881: A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface ( A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory, aka 'GDI+ Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0883.

CVE-2020-0793 [HIGH] CVE-2020-0793: An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector Service i An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector Service improperly handles file operations, aka 'Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability'.

CVE-2020-0762 [HIGH] CVE-2020-0762: An elevation of privilege vulnerability exists when Windows Defender Security Center handles certain An elevation of privilege vulnerability exists when Windows Defender Security Center handles certain objects in memory.To exploit the vulnerability, an attacker would first have to log on to the system, aka 'Windows Defender Security Center Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0763.

CVE-2020-0787 [HIGH] CWE-59 CVE-2020-0787: An elevation of privilege vulnerability exists when the Windows Background Intelligent Transfer Serv An elevation of privilege vulnerability exists when the Windows Background Intelligent Transfer Service (BITS) improperly handles symbolic links, aka 'Windows Background Intelligent Transfer Service Elevation of Privilege Vulnerability'.

CVE-2020-0777 [HIGH] CVE-2020-0777: An elevation of privilege vulnerability exists when the Windows Work Folder Service improperly handl An elevation of privilege vulnerability exists when the Windows Work Folder Service improperly handles file operations, aka 'Windows Work Folder Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0797, CVE-2020-0800, CVE-2020-0864, CVE-2020-0865, CVE-2020-0866, CVE-2020-0897.

CVE-2020-0785 [HIGH] CWE-269 CVE-2020-0785: An elevation of privilege vulnerability exists when the Windows User Profile Service (ProfSvc) impro An elevation of privilege vulnerability exists when the Windows User Profile Service (ProfSvc) improperly handles symlinks, aka 'Windows User Profile Service Elevation of Privilege Vulnerability'.

CVE-2020-0791 [HIGH] CVE-2020-0791: An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handle An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handles objects in memory, aka 'Windows Graphics Component Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0898.

CVE-2020-0854 [HIGH] CVE-2020-0854: An elevation of privilege vulnerability exists when Windows Mobile Device Management (MDM) Diagnosti An elevation of privilege vulnerability exists when Windows Mobile Device Management (MDM) Diagnostics improperly handles junctions, aka 'Windows Mobile Device Management Diagnostics Elevation of Privilege Vulnerability'.