Improper authentication in Windows NTLM allows an authorized attacker to elevate privileges over a network.
An elevation of privilege vulnerability exists when the Windows Background Intelligent Transfer Service (BITS) IIS module improperly handles uploaded content, aka 'Windows Background Intelligent Transfer Service Elevation of Privilege Vulnerability'.
<p>A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoint server farm account.</p> <p>Exploitation of this vulnerability requires that a user uploads a specially crafted SharePoint application package to an affected version of SharePoint.</p> <p>The security update addresses the vulnerability by correcting how SharePoint checks the source markup of application packages.</p>
A remote code execution vulnerability exists in Microsoft SharePoint Server when it fails to properly identify and filter unsafe ASP.Net web controls, aka 'Microsoft SharePoint Server Remote Code Execution Vulnerability'.
Improper neutralization of special elements used in an sql command ('sql injection') in SQL Server allows an authorized attacker to elevate privileges over a network.
An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted authentication request to an affected SharePoint server, aka 'Microsoft SharePoint Server Elevation of Privilege Vulnerability'.
Improper authentication in Windows NTLM allows an authorized attacker to elevate privileges over a network.
A remote code execution vulnerability exists in Microsoft SharePoint Server when it fails to properly identify and filter unsafe ASP.Net web controls, aka 'Microsoft SharePoint Server Remote Code Execution Vulnerability'.
Deserialization of untrusted data in Web Deploy allows an authorized attacker to execute code over a network.
Windows Deployment Services Remote Code Execution Vulnerability
Remote Procedure Call Runtime Remote Code Execution Vulnerability
MediaWiki PandocUpload Extension Remote Code Execution Vulnerability
A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1023, CVE-2020-1024.
A remote code execution vulnerability exists in the way that Windows handles objects in memory, aka 'Windows Remote Code Execution Vulnerability'.
Access of resource using incompatible type ('type confusion') in Windows Message Queuing allows an authorized attacker to execute code over a network.
A remote code execution vulnerability exists in the way that Windows handles objects in memory, aka 'Windows Remote Code Execution Vulnerability'.
Azure DevOps Server Remote Code Execution Vulnerability
Microsoft SharePoint Server Remote Code Execution Vulnerability
A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1023, CVE-2020-1102.
Access of resource using incompatible type ('type confusion') in Windows Message Queuing allows an authorized attacker to execute code over a network.
A remote code execution vulnerability exists in Microsoft SQL Server Reporting Services when it incorrectly handles page requests, aka 'Microsoft SQL Server Reporting Services Remote Code Execution Vulnerability'.
A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0920, CVE-2020-0931, CVE-2020-0932, CVE-2020-0971, CVE-2020-0974.
Microsoft SharePoint Remote Code Execution Vulnerability
Microsoft Exchange Server Remote Code Execution Vulnerability
Improper neutralization of special elements used in an sql command ('sql injection') in SQL Server allows an authorized attacker to elevate privileges over a network.
Improper neutralization of special elements used in an sql command ('sql injection') in SQL Server allows an authorized attacker to elevate privileges over a network.
Missing authorization in Azure Machine Learning allows an authorized attacker to elevate privileges over a network.
Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability
Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability
Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability
Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability
Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability
Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability
Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability
Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability
Active Directory Domain Services Elevation of Privilege Vulnerability
Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability
Improper neutralization of special elements used in an sql command ('sql injection') in SQL Server allows an authorized attacker to elevate privileges over a network.
Weak authentication in Azure Machine Learning allows an authorized attacker to elevate privileges over a network.
Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability
Microsoft Exchange Server Remote Code Execution Vulnerability
Microsoft SharePoint Server Remote Code Execution Vulnerability
Microsoft Exchange Server Remote Code Execution Vulnerability
Microsoft SQL Server Remote Code Execution Vulnerability
Microsoft SharePoint Server Remote Code Execution Vulnerability
Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability
Windows SMB Witness Service Elevation of Privilege Vulnerability
Microsoft SharePoint Server Elevation of Privilege Vulnerability
Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.
Improper neutralization of special elements used in an sql command ('sql injection') in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.