Total
4066 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-16876 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2024-11-21 | 4.6 MEDIUM | 7.1 HIGH |
| <p>An elevation of privilege vulnerability exists when the Windows Application Compatibility Client Library improperly handles registry operations. An attacker who successfully exploited this vulnerability could gain elevated privileges.</p> <p>To exploit the vulnerability, an attacker would first need code execution on a victim system. An attacker could then run a specially crafted application.</p> <p>The security update addresses the vulnerability by ensuring the Windows Application Compatibility Client Library properly handles registry operations.</p> | |||||
| CVE-2020-16854 | 1 Microsoft | 6 Windows 10, Windows 8.1, Windows Rt 8.1 and 3 more | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| <p>An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.</p> <p>To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application. The vulnerability would not allow an attacker to execute code or to elevate user rights directly, but it could be used to obtain information that could be used to try to further compromise the affected system.</p> <p>The update addresses the vulnerability by correcting how the Windows kernel handles objects in memory.</p> | |||||
| CVE-2020-15707 | 8 Canonical, Debian, Gnu and 5 more | 15 Ubuntu Linux, Debian Linux, Grub2 and 12 more | 2024-11-21 | 4.4 MEDIUM | 5.7 MEDIUM |
| Integer overflows were discovered in the functions grub_cmd_initrd and grub_initrd_init in the efilinux component of GRUB2, as shipped in Debian, Red Hat, and Ubuntu (the functionality is not included in GRUB2 upstream), leading to a heap-based buffer overflow. These could be triggered by an extremely large number of arguments to the initrd command on 32-bit architectures, or a crafted filesystem with very large files on any architecture. An attacker could use this to execute arbitrary code and bypass UEFI Secure Boot restrictions. This issue affects GRUB2 version 2.04 and prior versions. | |||||
| CVE-2020-15706 | 7 Canonical, Debian, Gnu and 4 more | 14 Ubuntu Linux, Debian Linux, Grub2 and 11 more | 2024-11-21 | 4.4 MEDIUM | 6.4 MEDIUM |
| GRUB2 contains a race condition in grub_script_function_create() leading to a use-after-free vulnerability which can be triggered by redefining a function whilst the same function is already executing, leading to arbitrary code execution and secure boot restriction bypass. This issue affects GRUB2 version 2.04 and prior versions. | |||||
| CVE-2020-15705 | 7 Canonical, Debian, Gnu and 4 more | 14 Ubuntu Linux, Debian Linux, Grub2 and 11 more | 2024-11-21 | 4.4 MEDIUM | 6.4 MEDIUM |
| GRUB2 fails to validate kernel signature when booted directly without shim, allowing secure boot to be bypassed. This only affects systems where the kernel signing certificate has been imported directly into the secure boot database and the GRUB image is booted directly without the use of shim. This issue affects GRUB2 version 2.04 and prior versions. | |||||
| CVE-2020-12987 | 2 Amd, Microsoft | 3 Radeon Pro Software, Radeon Software, Windows 10 | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| A heap information leak/kernel pool address disclosure vulnerability in the AMD Graphics Driver for Windows 10 may lead to KASLR bypass. | |||||
| CVE-2020-12986 | 2 Amd, Microsoft | 3 Radeon Pro Software, Radeon Software, Windows 10 | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| An insufficient pointer validation vulnerability in the AMD Graphics Driver for Windows 10 may cause arbitrary code execution in the kernel, leading to escalation of privilege or denial of service. | |||||
| CVE-2020-12985 | 2 Amd, Microsoft | 3 Radeon Pro Software, Radeon Software, Windows 10 | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| An insufficient pointer validation vulnerability in the AMD Graphics Driver for Windows 10 may lead to escalation of privilege or denial of service. | |||||
| CVE-2020-12983 | 2 Amd, Microsoft | 3 Radeon Pro Software, Radeon Software, Windows 10 | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| An out of bounds write vulnerability in the AMD Graphics Driver for Windows 10 may lead to escalation of privileges or denial of service. | |||||
| CVE-2020-12982 | 2 Amd, Microsoft | 3 Radeon Pro Software, Radeon Software, Windows 10 | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| An invalid object pointer free vulnerability in the AMD Graphics Driver for Windows 10 may lead to escalation of privilege or denial of service. | |||||
| CVE-2020-12981 | 2 Amd, Microsoft | 3 Radeon Pro Software, Radeon Software, Windows 10 | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| An insufficient input validation in the AMD Graphics Driver for Windows 10 may allow unprivileged users to unload the driver, potentially causing memory corruptions in high privileged processes, which can lead to escalation of privileges or denial of service. | |||||
| CVE-2020-12980 | 2 Amd, Microsoft | 3 Radeon Pro Software, Radeon Software, Windows 10 | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| An out of bounds write and read vulnerability in the AMD Graphics Driver for Windows 10 may lead to escalation of privilege or denial of service. | |||||
| CVE-2020-12963 | 2 Amd, Microsoft | 2 Radeon Software, Windows 10 | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| An insufficient pointer validation vulnerability in the AMD Graphics Driver for Windows may allow unprivileged users to compromise the system. | |||||
| CVE-2020-12960 | 2 Amd, Microsoft | 2 Radeon Software, Windows 10 | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| AMD Graphics Driver for Windows 10, amdfender.sys may improperly handle input validation on InputBuffer which may result in a denial of service (DoS). | |||||
| CVE-2020-12929 | 2 Amd, Microsoft | 2 Radeon Software, Windows 10 | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| Improper parameters validation in some trusted applications of the PSP contained in the AMD Graphics Driver may allow a local attacker to bypass security restrictions and achieve arbitrary code execution . | |||||
| CVE-2020-12905 | 2 Amd, Microsoft | 2 Radeon Software, Windows 10 | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| Out of Bounds Read in AMD Graphics Driver for Windows 10 in Escape 0x3004403 may lead to arbitrary information disclosure. | |||||
| CVE-2020-12904 | 2 Amd, Microsoft | 2 Radeon Software, Windows 10 | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| Out of Bounds Read in AMD Graphics Driver for Windows 10 in Escape 0x3004203 may lead to arbitrary information disclosure. | |||||
| CVE-2020-12903 | 2 Amd, Microsoft | 2 Radeon Software, Windows 10 | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| Out of Bounds Write and Read in AMD Graphics Driver for Windows 10 in Escape 0x6002d03 may lead to escalation of privilege or denial of service. | |||||
| CVE-2020-12902 | 2 Amd, Microsoft | 2 Radeon Software, Windows 10 | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| Arbitrary Decrement Privilege Escalation in AMD Graphics Driver for Windows 10 may lead to escalation of privilege or denial of service. | |||||
| CVE-2020-12901 | 2 Amd, Microsoft | 2 Radeon Software, Windows 10 | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| Arbitrary Free After Use in AMD Graphics Driver for Windows 10 may lead to KASLR bypass or information disclosure. | |||||