|
210681
|
6.5 |
MEDIUM
Network
|
microsoft
|
windows_server_2008
windows_server_2012
windows_10
windows_8.1
windows_server_2016
windows_7
windows_rt_8.1
windows_server_2019
|
An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is u…
|
NVD-CWE-noinfo
|
CVE-2020-0963
|
2024-11-21 13:54 |
2020-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210682
|
7.5 |
HIGH
Network
|
microsoft
|
windows_10
windows_server_2008
windows_server_2012
windows_server_2016
windows_7
windows_8.1
windows_server_2019
|
A denial of service vulnerability exists when Hyper-V on a Windows Server fails to properly handle specially crafted network packets.To exploit the vulnerability, an attacker would send specially cra…
|
NVD-CWE-noinfo
|
CVE-2020-0909
|
2024-11-21 13:54 |
2020-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210683
|
9.8 |
CRITICAL
Network
|
microsoft
|
office
365_apps
|
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'.
|
NVD-CWE-noinfo
|
CVE-2020-0901
|
2024-11-21 13:54 |
2020-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210684
|
5.4 |
MEDIUM
Adjacent
|
bluetooth
opensuse
|
bluetooth_core
leap
|
Legacy pairing and secure-connections pairing authentication in Bluetooth BR/EDR Core Specification v5.2 and earlier may allow an unauthenticated user to complete authentication without pairing crede…
|
CWE-290
Authentication Bypass by Spoofing
|
CVE-2020-10135
|
2024-11-21 13:54 |
2020-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210685
|
6.3 |
MEDIUM
Adjacent
|
bluetooth
|
bluetooth_core
|
Pairing in Bluetooth® Core v5.2 and earlier may permit an unauthenticated attacker to acquire credentials with two pairing devices via adjacent access when the unauthenticated user initiates differen…
|
CWE-436
Interpretation Conflict
|
CVE-2020-10134
|
2024-11-21 13:54 |
2020-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210686
|
8.8 |
HIGH
Network
|
powerdns
|
recursor
|
An issue has been found in PowerDNS Recursor 4.1.0 up to and including 4.3.0. It allows an attacker (with enough privileges to change the system's hostname) to cause disclosure of uninitialized memor…
|
CWE-125
Out-of-bounds Read
|
CVE-2020-10030
|
2024-11-21 13:54 |
2020-05-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210687
|
7.8 |
HIGH
Local
|
zephyrproject
|
zephyr
|
A malicious userspace application can cause a integer overflow and bypass security checks performed by system call handlers. The impact would depend on the underlying system call and can range from d…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2020-10067
|
2024-11-21 13:54 |
2020-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210688
|
6.5 |
MEDIUM
Network
|
zephyrproject
|
zephyr
|
In updatehub_probe, right after JSON parsing is complete, objects\[1] is accessed from the output structure in two different places. If the JSON contained less than two elements, this access would re…
|
CWE-824
Access of Uninitialized Pointer
|
CVE-2020-10060
|
2024-11-21 13:54 |
2020-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210689
|
4.8 |
MEDIUM
Network
|
zephyrproject
|
zephyr
|
The UpdateHub module disables DTLS peer checking, which allows for a man in the middle attack. This is mitigated by firmware images requiring valid signatures. However, there is no benefit to using D…
|
CWE-295
Improper Certificate Validation
|
CVE-2020-10059
|
2024-11-21 13:54 |
2020-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210690
|
7.8 |
HIGH
Local
|
zephyrproject
|
zephyr
|
Multiple syscalls in the Kscan subsystem perform insufficient argument validation, allowing code executing in userspace to potentially gain elevated privileges. See NCC-ZEP-006 This issue affects: ze…
|
CWE-20
Improper Input Validation
|
CVE-2020-10058
|
2024-11-21 13:54 |
2020-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
