Filtered by vendor Microsoft
Subscriptions
Total
23177 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-9589 | 2 Adobe, Microsoft | 2 Digital Negative Software Development Kit, Windows | 2024-11-21 | 7.8 High |
| Adobe DNG Software Development Kit (SDK) 1.5 and earlier versions have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution. | ||||
| CVE-2020-9586 | 2 Adobe, Microsoft | 2 Character Animator, Windows | 2024-11-21 | 7.8 High |
| Adobe Character Animator versions 3.2 and earlier have a buffer overflow vulnerability. Successful exploitation could lead to arbitrary code execution. | ||||
| CVE-2020-9575 | 2 Adobe, Microsoft | 2 Illustrator, Windows | 2024-11-21 | 7.8 High |
| Adobe Illustrator versions 24.1.2 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution . | ||||
| CVE-2020-9574 | 2 Adobe, Microsoft | 2 Illustrator, Windows | 2024-11-21 | 7.8 High |
| Adobe Illustrator versions 24.0.2 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution . | ||||
| CVE-2020-9573 | 2 Adobe, Microsoft | 2 Illustrator, Windows | 2024-11-21 | 7.8 High |
| Adobe Illustrator versions 24.0.2 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution. | ||||
| CVE-2020-9572 | 2 Adobe, Microsoft | 2 Illustrator, Windows | 2024-11-21 | 7.8 High |
| Adobe Illustrator versions 24.0.2 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution. | ||||
| CVE-2020-9571 | 2 Adobe, Microsoft | 2 Illustrator, Windows | 2024-11-21 | 7.8 High |
| Adobe Illustrator versions 24.0.2 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution. | ||||
| CVE-2020-9570 | 2 Adobe, Microsoft | 2 Illustrator, Windows | 2024-11-21 | 7.8 High |
| Adobe Illustrator versions 24.0.2 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution . | ||||
| CVE-2020-9558 | 2 Adobe, Microsoft | 2 Bridge, Windows | 2024-11-21 | 3.3 Low |
| Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. | ||||
| CVE-2020-9557 | 2 Adobe, Microsoft | 2 Bridge, Windows | 2024-11-21 | 5.5 Medium |
| Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. | ||||
| CVE-2020-9553 | 2 Adobe, Microsoft | 2 Bridge, Windows | 2024-11-21 | 3.3 Low |
| Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. | ||||
| CVE-2020-9552 | 2 Adobe, Microsoft | 2 Bridge, Windows | 2024-11-21 | 7.8 High |
| Adobe Bridge versions 10.0 have a heap-based buffer overflow vulnerability. Successful exploitation could lead to arbitrary code execution. | ||||
| CVE-2020-9551 | 2 Adobe, Microsoft | 2 Bridge, Windows | 2024-11-21 | 7.8 High |
| Adobe Bridge versions 10.0 have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution. | ||||
| CVE-2020-9442 | 2 Microsoft, Openvpn | 2 Windows, Connect | 2024-11-21 | 7.8 High |
| OpenVPN Connect 3.1.0.361 on Windows has Insecure Permissions for %PROGRAMDATA%\OpenVPN Connect\drivers\tap\amd64\win10, which allows local users to gain privileges by copying a malicious drvstore.dll there. | ||||
| CVE-2020-9418 | 2 Microsoft, Redsoftware | 2 Windows, Pdfescape | 2024-11-21 | 7.8 High |
| An untrusted search path vulnerability in the installer of PDFescape Desktop version 4.0.22 and earlier allows an attacker to gain privileges and execute code via DLL hijacking. | ||||
| CVE-2020-9345 | 2 Microsoft, Signotec | 2 Windows, Signopad-api\/web | 2024-11-21 | 6.5 Medium |
| An issue was discovered in signotec signoPAD-API/Web (formerly Websocket Pad Server) before 3.1.1 on Windows. It is possible to perform a Denial of Service attack because the application doesn't limit the number of opened WebSocket sockets. If a victim visits an attacker-controlled website, this vulnerability can be exploited. | ||||
| CVE-2020-9343 | 2 Microsoft, Signotec | 2 Windows, Signopad-api\/web | 2024-11-21 | 6.5 Medium |
| An issue was discovered in signotec signoPAD-API/Web (formerly Websocket Pad Server) before 3.1.1 on Windows. It is possible to perform a Denial of Service attack because the implementation doesn't limit the parsing of nested JSON structures. If a victim visits an attacker-controlled website, this vulnerability can be exploited via WebSocket data with a deeply nested JSON array. | ||||
| CVE-2020-8956 | 2 Microsoft, Pulsesecure | 2 Windows, Pulse Secure Desktop | 2024-11-21 | 3.3 Low |
| Pulse Secure Desktop Client 9.0Rx before 9.0R5 and 9.1Rx before 9.1R4 on Windows reveals users' passwords if Save Settings is enabled. | ||||
| CVE-2020-8950 | 2 Amd, Microsoft | 2 User Experience Program, Windows | 2024-11-21 | 7.8 High |
| The AUEPLauncher service in Radeon AMD User Experience Program Launcher through 1.0.0.1 on Windows allows elevation of privilege by placing a crafted file in %PROGRAMDATA%\AMD\PPC\upload and then creating a symbolic link in %PROGRAMDATA%\AMD\PPC\temp that points to an arbitrary folder with an arbitrary file name. | ||||
| CVE-2020-8927 | 7 Canonical, Debian, Fedoraproject and 4 more | 12 Ubuntu Linux, Debian Linux, Fedora and 9 more | 2024-11-21 | 5.3 Medium |
| A buffer overflow exists in the Brotli library versions prior to 1.0.8 where an attacker controlling the input length of a "one-shot" decompression request to a script can trigger a crash, which happens when copying over chunks of data larger than 2 GiB. It is recommended to update your Brotli library to 1.0.8 or later. If one cannot update, we recommend to use the "streaming" API as opposed to the "one-shot" API, and impose chunk size limits. | ||||