CVE-2020-0938

CVE-2020-1020

Adobe Font Manager Library   Remote Code Execution   Vulnerability

Important

A remote code execution   vulnerability exists in   Microsoft Windows when the Windows Adobe Type Manager   Library improperly   handles a specially-crafted multi-master font - Adobe Type   1   PostScript format. For all systems except Windows 10, an attacker who     successfully exploited the vulnerability could execute code remotely. For     systems running Windows 10, an attacker who successfully exploited the     vulnerability could execute code in an AppContainer sandbox context   with   limited privileges and capabilities.

CVE-2020-1022

Dynamics Business Central   Remote Code Execution   Vulnerability

Important

A remote code execution   vulnerability exists in   Microsoft Dynamics Business Central. An attacker who   successfully   exploited this vulnerability could execute arbitrary shell   commands on   victim's server.

CVE-2020-0967

VBScript Remote Code   Execution Vulnerability

Important

A remote code execution   vulnerability exists in the way   that the VBScript engine handles objects in   memory. The vulnerability   could corrupt memory in such a way that an attacker   could execute   arbitrary code in the context of the current user. Unauthorized     attackers can use this vulnerability to obtain privileges as authorized     users.

CVE-2020-0910

Windows Hyper-V Remote Code   Execution Vulnerability

Important

A remote code execution   vulnerability exists when   Windows Hyper-V on a host server fails to properly   validate input from   an authenticated user on a guest operating system. To   exploit the   vulnerability, an attacker could run a specially crafted   application   on a guest operating system that could cause the Hyper-V host     operating system to execute arbitrary code.

CVE-2020-0687

Microsoft Graphics Remote   Code Execution Vulnerability

Important

A remote code execution vulnerability   exists when the   Windows font library improperly handles specially crafted   embedded   fonts. An attacker who successfully exploited this vulnerability   could   take control of the affected system.

CVE-2020-0907

Microsoft Graphics Components   Remote Code Execution   Vulnerability

Important

A remote code execution   vulnerability exists in the way   that Microsoft Graphics Components handle   objects in memory. An   attacker who successfully exploited this vulnerability   could execute   arbitrary code on the target system.

CVE-2020-0965

Microsoft Windows Codecs   Library Remote Code Execution   Vulnerability

Important

A remoted code execution   vulnerability exists in the   way that Microsoft Windows Codecs Library handles   objects in memory.   An attacker who successfully exploited the vulnerability   could execute   arbitrary code.

CVE-2020-0929

CVE-2020-0931

CVE-2020-0932

CVE-2020-0974

Microsoft SharePoint Code   Execution Vulnerability

Important

A remote code execution   vulnerability exists in   Microsoft SharePoint when the software fails to check   the source   markup of an application package. An attacker who successfully     exploited the vulnerability could run arbitrary code in the context of the     SharePoint application pool and the SharePoint server farm account.

CVE-2020-0949

CVE-2020-0948

CVE-2020-0950

Media Foundation Memory   Corruption Vulnerability

Important

A memory corruption   vulnerability exists when Windows   Media Foundation improperly handles objects   in memory. An attacker who   successfully exploited the vulnerability could   install programs; view,   change, or delete data; or create new accounts with   full user rights.

CVE-2020-0969

Chakra Scripting Engine   Memory Corruption Vulnerability

Important

A remote code execution   vulnerability exists in the way   that the Chakra scripting engine handles   objects in memory in   Microsoft Edge (based on HTML). The vulnerability could   corrupt memory   in such a way that an attacker could execute arbitrary code in   the   context of the current user. Unauthorized attackers can use this   vulnerability   to obtain privileges as authorized users.

CVE-2020-0968

Scripting Engine Memory   Corruption Vulnerability

Important

A remote code execution   vulnerability exists in the way   that the scripting engine handles objects in   memory in Internet   Explorer. The vulnerability could corrupt memory in such a   way that an   attacker could execute arbitrary code in the context of the   current   user. Unauthorized attackers can use this vulnerability to obtain     privileges as authorized users. This vulnerability affects Internet Explorer     11.

CVE-2020-0970

Scripting Engine Memory   Corruption Vulnerability

Important

A remote code execution   vulnerability exists in the way   that the ChakraCore script engine handles   objects in memory. The   vulnerability could corrupt memory in such a way that   an attacker   could execute arbitrary code in the context of the current user.     Unauthorized attackers can use this vulnerability to obtain privileges as     authorized users. The vulnerability affects Microsoft Edge   (EdgeHTML-based).