Filtered by vendor Microsoft
Subscriptions
Filtered by product Windows
Subscriptions
Total
9034 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-3951 | 2 Microsoft, Vmware | 3 Windows, Horizon Client, Workstation | 2024-11-21 | 3.8 Low |
| VMware Workstation (15.x before 15.5.2) and Horizon Client for Windows (5.x and prior before 5.4.0) contain a denial-of-service vulnerability due to a heap-overflow issue in Cortado Thinprint. Attackers with non-administrative access to a guest VM with virtual printing enabled may exploit this issue to create a denial-of-service condition of the Thinprint service running on the system where Workstation or Horizon Client is installed. | ||||
| CVE-2020-3945 | 2 Microsoft, Vmware | 2 Windows, Vrealize Operations | 2024-11-21 | 7.5 High |
| vRealize Operations for Horizon Adapter (6.7.x prior to 6.7.1 and 6.6.x prior to 6.6.1) contains an information disclosure vulnerability due to incorrect pairing implementation between the vRealize Operations for Horizon Adapter and Horizon View. An unauthenticated remote attacker who has network access to vRealize Operations, with the Horizon Adapter running, may obtain sensitive information | ||||
| CVE-2020-3944 | 2 Microsoft, Vmware | 2 Windows, Vrealize Operations | 2024-11-21 | 8.6 High |
| vRealize Operations for Horizon Adapter (6.7.x prior to 6.7.1 and 6.6.x prior to 6.6.1) has an improper trust store configuration leading to authentication bypass. An unauthenticated remote attacker who has network access to vRealize Operations, with the Horizon Adapter running, may be able to bypass Adapter authentication. | ||||
| CVE-2020-3943 | 2 Microsoft, Vmware | 2 Windows, Vrealize Operations | 2024-11-21 | 9.8 Critical |
| vRealize Operations for Horizon Adapter (6.7.x prior to 6.7.1 and 6.6.x prior to 6.6.1) uses a JMX RMI service which is not securely configured. An unauthenticated remote attacker who has network access to vRealize Operations, with the Horizon Adapter running, may be able to execute arbitrary code in vRealize Operations. | ||||
| CVE-2020-3941 | 2 Microsoft, Vmware | 2 Windows, Tools | 2024-11-21 | 7.0 High |
| The repair operation of VMware Tools for Windows 10.x.y has a race condition which may allow for privilege escalation in the Virtual Machine where Tools is installed. This vulnerability is not present in VMware Tools 11.x.y since the affected functionality is not present in VMware Tools 11. | ||||
| CVE-2020-3927 | 2 Changingtec, Microsoft | 2 Servisign, Windows | 2024-11-21 | 8.3 High |
| An arbitrary-file-access vulnerability exists in ServiSign security plugin, as long as the attackers learn the specific API function, they may access arbitrary files on target system via crafted API parameter. | ||||
| CVE-2020-3926 | 2 Changingtec, Microsoft | 2 Servisign, Windows | 2024-11-21 | 6.1 Medium |
| An arbitrary-file-access vulnerability exists in ServiSign security plugin, as long as the attackers learn the specific API function, they may access arbitrary files on target system via crafted API parameter. | ||||
| CVE-2020-3925 | 2 Changingtec, Microsoft | 2 Servisign, Windows | 2024-11-21 | 8.3 High |
| A Remote Code Execution(RCE) vulnerability exists in some designated applications in ServiSign security plugin, as long as the interface is captured, attackers are able to launch RCE and executes arbitrary command on target system via malicious crafted scripts. | ||||
| CVE-2020-3809 | 2 Adobe, Microsoft | 2 After Effects, Windows | 2024-11-21 | 5.5 Medium |
| Adobe After Effects versions 17.0.1 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure . | ||||
| CVE-2020-3808 | 2 Adobe, Microsoft | 2 Creative Cloud, Windows | 2024-11-21 | 5.9 Medium |
| Creative Cloud Desktop Application versions 5.0 and earlier have a time-of-check to time-of-use (toctou) race condition vulnerability. Successful exploitation could lead to arbitrary file deletion. | ||||
| CVE-2020-3807 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Macos and 1 more | 2024-11-21 | 9.8 Critical |
| Adobe Acrobat and Reader versions 2020.006.20034 and earlier, 2017.011.30158 and earlier, 2017.011.30158 and earlier, 2015.006.30510 and earlier, and 2015.006.30510 and earlier have a buffer overflow vulnerability. Successful exploitation could lead to arbitrary code execution . | ||||
| CVE-2020-3806 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Macos and 1 more | 2024-11-21 | 7.5 High |
| Adobe Acrobat and Reader versions 2020.006.20034 and earlier, 2017.011.30158 and earlier, 2017.011.30158 and earlier, 2015.006.30510 and earlier, and 2015.006.30510 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure . | ||||
| CVE-2020-3805 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Macos and 1 more | 2024-11-21 | 9.8 Critical |
| Adobe Acrobat and Reader versions 2020.006.20034 and earlier, 2017.011.30158 and earlier, 2017.011.30158 and earlier, 2015.006.30510 and earlier, and 2015.006.30510 and earlier have a use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution . | ||||
| CVE-2020-3804 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Macos and 1 more | 2024-11-21 | 7.5 High |
| Adobe Acrobat and Reader versions 2020.006.20034 and earlier, 2017.011.30158 and earlier, 2017.011.30158 and earlier, 2015.006.30510 and earlier, and 2015.006.30510 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure . | ||||
| CVE-2020-3803 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Macos and 1 more | 2024-11-21 | 7.8 High |
| Adobe Acrobat and Reader versions 2020.006.20034 and earlier, 2017.011.30158 and earlier, 2017.011.30158 and earlier, 2015.006.30510 and earlier, and 2015.006.30510 and earlier have an insecure library loading (dll hijacking) vulnerability. Successful exploitation could lead to privilege escalation. | ||||
| CVE-2020-3802 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Macos and 1 more | 2024-11-21 | 8.8 High |
| Adobe Acrobat and Reader versions 2020.006.20034 and earlier, 2017.011.30158 and earlier, 2017.011.30158 and earlier, 2015.006.30510 and earlier, and 2015.006.30510 and earlier have a use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution . | ||||
| CVE-2020-3801 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Macos and 1 more | 2024-11-21 | 9.8 Critical |
| Adobe Acrobat and Reader versions 2020.006.20034 and earlier, 2017.011.30158 and earlier, 2017.011.30158 and earlier, 2015.006.30510 and earlier, and 2015.006.30510 and earlier have a use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution . | ||||
| CVE-2020-3800 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Macos and 1 more | 2024-11-21 | 7.5 High |
| Adobe Acrobat and Reader versions 2020.006.20034 and earlier, 2017.011.30158 and earlier, 2017.011.30158 and earlier, 2015.006.30510 and earlier, and 2015.006.30510 and earlier have a memory address leak vulnerability. Successful exploitation could lead to information disclosure . | ||||
| CVE-2020-3799 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Macos and 1 more | 2024-11-21 | 9.8 Critical |
| Adobe Acrobat and Reader versions 2020.006.20034 and earlier, 2017.011.30158 and earlier, 2017.011.30158 and earlier, 2015.006.30510 and earlier, and 2015.006.30510 and earlier have a stack-based buffer overflow vulnerability. Successful exploitation could lead to arbitrary code execution . | ||||
| CVE-2020-3798 | 2 Adobe, Microsoft | 2 Digital Editions, Windows | 2024-11-21 | 6.5 Medium |
| Adobe Digital Editions versions 4.5.11.187212 and below have a file enumeration (host or local network) vulnerability. Successful exploitation could lead to information disclosure. | ||||