CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In June 2020

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1301 CVE-2020-1258 269 2020-06-09 2021-07-21
7.2
None Local Low Not required Complete Complete Complete
An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory, aka 'DirectX Elevation of Privilege Vulnerability'.
1302 CVE-2020-1257 269 2020-06-09 2021-07-21
4.6
None Local Low Not required Partial Partial Partial
An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector Service improperly handles file operations, aka 'Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1278, CVE-2020-1293.
1303 CVE-2020-1255 434 2020-06-09 2021-07-21
6.5
None Remote Low ??? Partial Partial Partial
An elevation of privilege vulnerability exists when the Windows Background Intelligent Transfer Service (BITS) IIS module improperly handles uploaded content, aka 'Windows Background Intelligent Transfer Service Elevation of Privilege Vulnerability'.
1304 CVE-2020-1254 269 2020-06-09 2021-07-21
7.2
None Local Low Not required Complete Complete Complete
An elevation of privilege vulnerability exists when Windows Modules Installer Service improperly handles class object members.A locally authenticated attacker could run arbitrary code with elevated system privileges, aka 'Windows Modules Installer Service Elevation of Privilege Vulnerability'.
1305 CVE-2020-1253 269 2020-06-09 2021-07-21
7.2
None Local Low Not required Complete Complete Complete
An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1207, CVE-2020-1247, CVE-2020-1251, CVE-2020-1310.
1306 CVE-2020-1251 269 2020-06-09 2021-07-21
7.2
None Local Low Not required Complete Complete Complete
An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1207, CVE-2020-1247, CVE-2020-1253, CVE-2020-1310.
1307 CVE-2020-1248 119 Exec Code Overflow 2020-06-09 2021-07-21
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory, aka 'GDI+ Remote Code Execution Vulnerability'.
1308 CVE-2020-1247 269 2020-06-09 2021-07-21
7.2
None Local Low Not required Complete Complete Complete
An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1207, CVE-2020-1251, CVE-2020-1253, CVE-2020-1310.
1309 CVE-2020-1246 269 2020-06-09 2021-07-21
7.2
None Local Low Not required Complete Complete Complete
An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0986, CVE-2020-1237, CVE-2020-1262, CVE-2020-1264, CVE-2020-1266, CVE-2020-1269, CVE-2020-1273, CVE-2020-1274, CVE-2020-1275, CVE-2020-1276, CVE-2020-1307, CVE-2020-1316.
1310 CVE-2020-1244 DoS 2020-06-09 2020-06-12
5.8
None Remote Medium Not required None Partial Partial
A denial of service vulnerability exists when Connected User Experiences and Telemetry Service improperly handles file operations, aka 'Connected User Experiences and Telemetry Service Denial of Service Vulnerability'. This CVE ID is unique from CVE-2020-1120.
1311 CVE-2020-1242 200 +Info 2020-06-09 2021-07-21
2.6
None Remote High Not required Partial None None
An information disclosure vulnerability exists in the way that Microsoft Edge handles cross-origin requests, aka 'Microsoft Edge Information Disclosure Vulnerability'.
1312 CVE-2020-1241 20 Bypass 2020-06-09 2021-07-21
6.8
None Remote Medium Not required Partial Partial Partial
A security feature bypass vulnerability exists when Windows Kernel fails to properly sanitize certain parameters.To exploit the vulnerability, a locally-authenticated attacker could attempt to run a specially crafted application on a targeted system.The update addresses the vulnerability by correcting how Windows Kernel handles parameter sanitization., aka 'Windows Kernel Security Feature Bypass Vulnerability'.
1313 CVE-2020-1239 119 Overflow Mem. Corr. 2020-06-09 2021-07-21
6.8
None Remote Medium Not required Partial Partial Partial
A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory, aka 'Media Foundation Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-1238.
1314 CVE-2020-1238 119 Overflow Mem. Corr. 2020-06-09 2021-07-21
6.8
None Remote Medium Not required Partial Partial Partial
A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory, aka 'Media Foundation Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-1239.
1315 CVE-2020-1237 269 2020-06-09 2021-07-21
6.8
None Remote Medium Not required Partial Partial Partial
An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0986, CVE-2020-1246, CVE-2020-1262, CVE-2020-1264, CVE-2020-1266, CVE-2020-1269, CVE-2020-1273, CVE-2020-1274, CVE-2020-1275, CVE-2020-1276, CVE-2020-1307, CVE-2020-1316.
1316 CVE-2020-1236 119 Exec Code Overflow 2020-06-09 2021-07-21
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1208.
1317 CVE-2020-1235 269 2020-06-09 2021-07-21
6.8
None Remote Medium Not required Partial Partial Partial
An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka 'Windows Runtime Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1231, CVE-2020-1233, CVE-2020-1265, CVE-2020-1282, CVE-2020-1304, CVE-2020-1306, CVE-2020-1334.
1318 CVE-2020-1234 269 +Priv 2020-06-09 2021-07-21
6.8
None Remote Medium Not required Partial Partial Partial
An elevation of privilege vulnerability exists when Windows Error Reporting improperly handles objects in memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows Error Reporting Elevation of Privilege Vulnerability'.
1319 CVE-2020-1233 269 2020-06-09 2021-07-21
6.8
None Remote Medium Not required Partial Partial Partial
An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka 'Windows Runtime Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1231, CVE-2020-1235, CVE-2020-1265, CVE-2020-1282, CVE-2020-1304, CVE-2020-1306, CVE-2020-1334.
1320 CVE-2020-1232 125 2020-06-09 2020-06-14
4.3
None Remote Medium Not required Partial None None
An information disclosure vulnerability exists when Media Foundation improperly handles objects in memory, aka 'Media Foundation Information Disclosure Vulnerability'.
1321 CVE-2020-1231 269 2020-06-09 2021-07-21
6.8
None Remote Medium Not required Partial Partial Partial
An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka 'Windows Runtime Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1233, CVE-2020-1235, CVE-2020-1265, CVE-2020-1282, CVE-2020-1304, CVE-2020-1306, CVE-2020-1334.
1322 CVE-2020-1230 Exec Code 2020-06-09 2020-06-14
7.6
None Remote High Not required Complete Complete Complete
A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'VBScript Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1213, CVE-2020-1214, CVE-2020-1215, CVE-2020-1216, CVE-2020-1260.
1323 CVE-2020-1229 200 Bypass +Info 2020-06-09 2021-07-21
4.3
None Remote Medium Not required Partial None None
A security feature bypass vulnerability exists in Microsoft Outlook when Office fails to enforce security settings configured on a system, aka 'Microsoft Outlook Security Feature Bypass Vulnerability'.
1324 CVE-2020-1226 119 Exec Code Overflow 2020-06-09 2021-07-21
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1225.
1325 CVE-2020-1225 119 Exec Code Overflow 2020-06-09 2021-07-21
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1226.
1326 CVE-2020-1223 20 Exec Code 2020-06-09 2021-07-21
6.8
None Remote Medium Not required Partial Partial Partial
A remote code execution vulnerability exists when Microsoft Word for Android fails to properly handle certain files.To exploit the vulnerability, an attacker would have to convince a user to open a specially crafted URL file.The update addresses the vulnerability by correcting how Microsoft Word for Android handles specially crafted URL files., aka 'Word for Android Remote Code Execution Vulnerability'.
1327 CVE-2020-1222 269 +Priv 2020-06-09 2021-07-21
4.6
None Local Low Not required Partial Partial Partial
An elevation of privilege vulnerability exists when the Microsoft Store Runtime improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Microsoft Store Runtime Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1309.
1328 CVE-2020-1220 601 2020-06-09 2020-06-16
5.8
None Remote Medium Not required Partial Partial None
A spoofing vulnerability exists when theMicrosoft Edge (Chromium-based) in IE Mode improperly handles specific redirects, aka 'Microsoft Edge (Chromium-based) in IE Mode Spoofing Vulnerability'.
1329 CVE-2020-1219 119 Exec Code Overflow Mem. Corr. 2020-06-09 2021-07-21
7.6
None Remote High Not required Complete Complete Complete
A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory, aka 'Microsoft Browser Memory Corruption Vulnerability'.
1330 CVE-2020-1217 200 +Info 2020-06-09 2021-07-21
6.8
None Remote Medium Not required Partial Partial Partial
An information disclosure vulnerability exists when the Windows Runtime improperly handles objects in memory, aka 'Windows Runtime Information Disclosure Vulnerability'.
1331 CVE-2020-1216 Exec Code 2020-06-09 2020-06-12
7.6
None Remote High Not required Complete Complete Complete
A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'VBScript Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1213, CVE-2020-1214, CVE-2020-1215, CVE-2020-1230, CVE-2020-1260.
1332 CVE-2020-1215 Exec Code 2020-06-09 2020-06-12
7.6
None Remote High Not required Complete Complete Complete
A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'VBScript Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1213, CVE-2020-1214, CVE-2020-1216, CVE-2020-1230, CVE-2020-1260.
1333 CVE-2020-1214 Exec Code 2020-06-09 2020-06-12
7.6
None Remote High Not required Complete Complete Complete
A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'VBScript Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1213, CVE-2020-1215, CVE-2020-1216, CVE-2020-1230, CVE-2020-1260.
1334 CVE-2020-1213 119 Exec Code Overflow 2020-06-09 2021-07-21
7.6
None Remote High Not required Complete Complete Complete
A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'VBScript Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1214, CVE-2020-1215, CVE-2020-1216, CVE-2020-1230, CVE-2020-1260.
1335 CVE-2020-1212 269 +Priv 2020-06-09 2021-07-21
6.8
None Remote Medium Not required Partial Partial Partial
An elevation of privilege vulnerability exists when an OLE Automation component improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'OLE Automation Elevation of Privilege Vulnerability'.
1336 CVE-2020-1211 269 2020-06-09 2021-07-21
6.8
None Remote Medium Not required Partial Partial Partial
An elevation of privilege vulnerability exists in the way that the Connected Devices Platform Service handles objects in memory, aka 'Connected Devices Platform Service Elevation of Privilege Vulnerability'.
1337 CVE-2020-1209 269 2020-06-09 2021-07-21
6.8
None Remote Medium Not required Partial Partial Partial
An elevation of privilege vulnerability exists in the way that the Windows Network List Service handles objects in memory, aka 'Windows Network List Service Elevation of Privilege Vulnerability'.
1338 CVE-2020-1208 119 Exec Code Overflow 2020-06-09 2021-07-21
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1236.
1339 CVE-2020-1207 269 2020-06-09 2021-07-21
7.2
None Local Low Not required Complete Complete Complete
An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1247, CVE-2020-1251, CVE-2020-1253, CVE-2020-1310.
1340 CVE-2020-1206 200 +Info 2020-06-09 2021-07-21
5.0
None Remote Low Not required Partial None None
An information disclosure vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requests, aka 'Windows SMBv3 Client/Server Information Disclosure Vulnerability'.
1341 CVE-2020-1204 269 2020-06-09 2021-07-21
3.6
None Local Low Not required None Partial Partial
An elevation of privilege vulnerability exists when Windows Mobile Device Management (MDM) Diagnostics improperly handles junctions, aka 'Windows Mobile Device Management Diagnostics Elevation of Privilege Vulnerability'.
1342 CVE-2020-1203 269 2020-06-09 2021-07-21
7.2
None Local Low Not required Complete Complete Complete
An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector or the Visual Studio Standard Collector fail to properly handle objects in memory, aka 'Diagnostic Hub Standard Collector Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1202.
1343 CVE-2020-1202 269 2020-06-09 2021-07-21
7.2
None Local Low Not required Complete Complete Complete
An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector or the Visual Studio Standard Collector fail to properly handle objects in memory, aka 'Diagnostic Hub Standard Collector Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1203.
1344 CVE-2020-1201 269 2020-06-09 2021-07-21
7.2
None Local Low Not required Complete Complete Complete
An elevation of privilege vulnerability exists in the way the Windows Now Playing Session Manager handles objects in memory, aka 'Windows Now Playing Session Manager Elevation of Privilege Vulnerability'.
1345 CVE-2020-1199 269 2020-06-09 2021-07-21
7.2
None Local Low Not required Complete Complete Complete
An elevation of privilege vulnerability exists when the Windows Feedback Hub improperly handles objects in memory, aka 'Windows Feedback Hub Elevation of Privilege Vulnerability'.
1346 CVE-2020-1197 269 2020-06-09 2021-07-21
7.2
None Local Low Not required Complete Complete Complete
An elevation of privilege vulnerability exists when Windows Error Reporting manager improperly handles a process crash, aka 'Windows Error Reporting Manager Elevation of Privilege Vulnerability'.
1347 CVE-2020-1196 269 2020-06-09 2021-07-21
4.6
None Local Low Not required Partial Partial Partial
An elevation of privilege vulnerability exists in the way that the printconfig.dll handles objects in memory, aka 'Windows Print Configuration Elevation of Privilege Vulnerability'.
1348 CVE-2020-1194 20 DoS 2020-06-09 2021-07-21
4.9
None Local Low Not required None None Complete
A denial of service vulnerability exists when Windows Registry improperly handles filesystem operations, aka 'Windows Registry Denial of Service Vulnerability'.
1349 CVE-2020-1183 79 XSS 2020-06-09 2020-06-12
3.5
None Remote Medium ??? None Partial None
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-1177, CVE-2020-1297, CVE-2020-1298, CVE-2020-1318, CVE-2020-1320.
1350 CVE-2020-1181 20 Exec Code 2020-06-09 2021-07-21
6.5
None Remote Low ??? Partial Partial Partial
A remote code execution vulnerability exists in Microsoft SharePoint Server when it fails to properly identify and filter unsafe ASP.Net web controls, aka 'Microsoft SharePoint Server Remote Code Execution Vulnerability'.
Total number of vulnerabilities : 1786   Page : 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 (This Page)28 29 30 31 32 33 34 35 36
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.