Vulnerabilidades CVE
Base de dados CVE enriquecida com CISA KEV e NVD
| CVE ID | CVSS | Severidade | KEV | Avistamentos |
|---|---|---|---|---|
| CVE-2020-16900 <p>An elevation of privilege vulnerability exists when the Windows Event System improperly handles objects in memory.</p> <p>To exploit this vulnerability, an attacker would first have to gain executi... | 7.0 | HIGH | — | 0 |
| CVE-2020-16901 <p>An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory.</p> <p>To exploit this vulnerability, an authenticated attacker could run a speciall... | 5.0 | MEDIUM | — | 0 |
| CVE-2020-16902 <p>An elevation of privilege vulnerability exists in the Windows Installer when the Windows Installer fails to properly sanitize input leading to an insecure library loading behavior.</p> <p>A locally... | 7.8 | HIGH | — | 0 |
| CVE-2020-16904 <p>An elevation of privilege vulnerability exists in the way Azure Functions validate access keys.</p> <p>An unauthenticated attacker who successfully exploited this vulnerability could invoke an HTTP... | 5.3 | MEDIUM | — | 0 |
| CVE-2020-16905 <p>An elevation of privilege vulnerability exists in Windows Error Reporting (WER) when WER handles and executes files. The vulnerability could allow elevation of privilege if an attacker can successf... | 6.8 | MEDIUM | — | 0 |
| CVE-2020-16907 <p>An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability c... | 7.8 | HIGH | — | 0 |
| CVE-2020-16908 <p>An elevation of privilege vulnerability exists in Windows Setup in the way it handles directories.</p> <p>A locally authenticated attacker could run arbitrary code with elevated system privileges. ... | 7.8 | HIGH | — | 0 |
| CVE-2020-16923 <p>A remote code execution vulnerability exists in the way that Microsoft Graphics Components handle objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary... | 7.8 | HIGH | — | 0 |
| CVE-2020-16909 <p>An elevation of privilege vulnerability exists in Windows Error Reporting (WER) when WER handles and executes files. The vulnerability could allow elevation of privilege if an attacker can successf... | 7.8 | HIGH | — | 0 |
| CVE-2020-16910 <p>A security feature bypass vulnerability exists when Microsoft Windows fails to handle file creation permissions, which could allow an attacker to create files in a protected Unified Extensible Firm... | 6.2 | MEDIUM | — | 0 |
| CVE-2020-16911 <p>A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory. An attacker who successfully exploited this vulnerability cou... | 8.8 | HIGH | — | 0 |
| CVE-2020-16912 <p>An elevation of privilege vulnerability exists when the Windows Backup Service improperly handles file operations.</p> <p>To exploit this vulnerability, an attacker would first have to gain executi... | 7.8 | HIGH | — | 0 |
| CVE-2023-53232 In the Linux kernel, the following vulnerability has been resolved: mt76: mt7921: fix kernel panic by accessing unallocated eeprom.data The MT7921 driver no longer uses eeprom.data, but the relevant... | 7.1 | HIGH | — | 0 |
| CVE-2020-16913 <p>An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability c... | 7.8 | HIGH | — | 0 |
| CVE-2020-16914 <p>An information disclosure vulnerability exists in the way that the Windows Graphics Device Interface Plus (GDI+) handles objects in memory, allowing an attacker to retrieve information from a targe... | 5.5 | MEDIUM | — | 0 |
| CVE-2020-16915 <p>A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory. An attacker who successfully exploited the vulnerability could install programs; view, c... | 7.8 | HIGH | — | 0 |
| CVE-2020-16916 <p>An elevation of privilege vulnerability exists when Windows improperly handles COM object creation. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated p... | 7.8 | HIGH | — | 0 |
| CVE-2020-16918 <p>A remote code execution vulnerability exists when the Base3D rendering engine improperly handles memory.</p> <p>An attacker who successfully exploited the vulnerability would gain execution on a vi... | 7.8 | HIGH | — | 0 |
| CVE-2021-3522 GStreamer before 1.18.4 may perform an out-of-bounds read when handling certain ID3v2 tags. | 5.5 | MEDIUM | — | 0 |
| CVE-2020-16919 <p>An information disclosure vulnerability exists when the Windows Enterprise App Management Service improperly handles certain file operations. An attacker who successfully exploited this vulnerabili... | 5.5 | MEDIUM | — | 0 |
| CVE-2020-16920 <p>An elevation of privilege vulnerability exists when the Windows Application Compatibility Client Library improperly handles registry operations. An attacker who successfully exploited this vulnerab... | 7.8 | HIGH | — | 0 |
| CVE-2020-16921 <p>An information disclosure vulnerability exists in Text Services Framework when it fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could potenti... | 5.5 | MEDIUM | — | 0 |
| CVE-2020-16922 <p>A spoofing vulnerability exists when Windows incorrectly validates file signatures. An attacker who successfully exploited this vulnerability could bypass security features and load improperly sign... | 5.3 | MEDIUM | — | 0 |
| CVE-2020-16924 <p>A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbit... | 7.8 | HIGH | — | 0 |
| CVE-2020-16927 <p>A denial of service vulnerability exists in Remote Desktop Protocol (RDP) when an attacker connects to the target system using RDP and sends specially crafted requests. An attacker who successfully... | 7.5 | HIGH | — | 0 |
| CVE-2020-16928 <p>An elevation of privilege vulnerability exists in the way that Microsoft Office Click-to-Run (C2R) AppVLP handles certain files. An attacker who successfully exploited the vulnerability could eleva... | 7.8 | HIGH | — | 0 |
| CVE-2020-16929 <p>A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could... | 7.8 | HIGH | — | 0 |
| CVE-2022-0410 The WP Visitor Statistics (Real Time Traffic) WordPress plugin before 5.6 does not sanitise and escape the id parameter before using it in a SQL statement via the refUrlDetails AJAX action, available ... | 8.8 | HIGH | — | 0 |
| CVE-2020-16930 <p>A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could... | 7.8 | HIGH | — | 0 |
| CVE-2020-16931 <p>A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could... | 7.8 | HIGH | — | 0 |
| CVE-2020-16932 <p>A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could... | 7.8 | HIGH | — | 0 |
| CVE-2020-16933 <p>A security feature bypass vulnerability exists in Microsoft Word software when it fails to properly handle .LNK files. An attacker who successfully exploited the vulnerability could use a specially... | 7.0 | HIGH | — | 0 |
| CVE-2020-16934 <p>An elevation of privilege vulnerability exists in the way that Microsoft Office Click-to-Run (C2R) AppVLP handles certain files. An attacker who successfully exploited the vulnerability could eleva... | 7.0 | HIGH | — | 0 |
| CVE-2020-16935 <p>An elevation of privilege vulnerability exists when Windows improperly handles COM object creation. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated p... | 7.8 | HIGH | — | 0 |
| CVE-2020-16936 <p>An elevation of privilege vulnerability exists when the Windows Backup Service improperly handles file operations.</p> <p>To exploit this vulnerability, an attacker would first have to gain executi... | 7.8 | HIGH | — | 0 |
| CVE-2020-16937 <p>An information disclosure vulnerability exists when the .NET Framework improperly handles objects in memory. An attacker who successfully exploited the vulnerability could disclose contents of an a... | 4.7 | MEDIUM | — | 0 |
| CVE-2020-16938 <p>An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to fu... | 5.5 | MEDIUM | — | 0 |
| CVE-2020-16939 <p>An elevation of privilege vulnerability exists when Group Policy improperly checks access. An attacker who successfully exploited this vulnerability could run processes in an elevated context.</p> ... | 7.8 | HIGH | — | 0 |
| CVE-2020-16940 <p>An elevation of privilege vulnerability exists when the Windows User Profile Service (ProfSvc) improperly handles junction points. An attacker who successfully exploited this vulnerability could de... | 7.8 | HIGH | — | 0 |
| CVE-2020-16950 <p>An information disclosure vulnerability exists when Microsoft SharePoint Server fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could obtain in... | 5.0 | MEDIUM | — | 0 |
| CVE-2020-16941 <p>An information disclosure vulnerability exists when Microsoft SharePoint Server improperly discloses its folder structure when rendering specific web pages. An attacker who took advantage of this i... | 4.1 | MEDIUM | — | 0 |
| CVE-2020-16942 <p>An information disclosure vulnerability exists when Microsoft SharePoint Server improperly discloses its folder structure when rendering specific web pages. An attacker who took advantage of this i... | 4.1 | MEDIUM | — | 0 |
| CVE-2020-16943 <p>An elevation of privilege vulnerability exists in Microsoft Dynamics 365 Commerce. An unauthenticated attacker who successfully exploited this vulnerability could update data without proper authori... | 6.5 | MEDIUM | — | 0 |
| CVE-2020-16944 <p>This vulnerability is caused when SharePoint Server does not properly sanitize a specially crafted request to an affected SharePoint server.</p> <p>An authenticated attacker could exploit this vuln... | 8.7 | HIGH | — | 0 |
| CVE-2021-1730 <p>A spoofing vulnerability exists in Microsoft Exchange Server which could result in an attack that would allow a malicious actor to impersonate the user.</p> <p>This update addresses this vulnerabil... | 5.4 | MEDIUM | — | 0 |
| CVE-2020-16945 <p>A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated atta... | 8.7 | HIGH | — | 0 |
| CVE-2020-16946 <p>A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated atta... | 8.7 | HIGH | — | 0 |
| CVE-2020-16947 <p>A remote code execution vulnerability exists in Microsoft Outlook software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability cou... | 7.5 | HIGH | — | 0 |
| CVE-2020-16948 <p>An information disclosure vulnerability exists when Microsoft SharePoint Server fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could obtain in... | 6.5 | MEDIUM | — | 0 |
| CVE-2020-16949 <p>A denial of service vulnerability exists in Microsoft Outlook software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could c... | 4.7 | MEDIUM | — | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.