Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In May 2020
CVE-2020-1054
Known exploited
An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1143.
CVSS Score
7.8
EPSS Score
0.804
Published
2020-05-21
CVE-2020-1055
A cross-site-scripting (XSS) vulnerability exists when Active Directory Federation Services (ADFS) does not properly sanitize user inputs, aka 'Microsoft Active Directory Federation Services Cross-Site Scripting Vulnerability'.
CVSS Score
6.1
EPSS Score
0.007
Published
2020-05-21
CVE-2020-1056
An elevation of privilege vulnerability exists when Microsoft Edge does not properly enforce cross-domain policies, which could allow an attacker to access information from one domain and inject it into another domain.In a web-based attack scenario, an attacker could host a website that is used to attempt to exploit the vulnerability, aka 'Microsoft Edge Elevation of Privilege Vulnerability'.
CVSS Score
8.1
EPSS Score
0.148
Published
2020-05-21
CVE-2020-1058
A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'VBScript Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1035, CVE-2020-1060, CVE-2020-1093.
CVSS Score
7.5
EPSS Score
0.034
Published
2020-05-21
CVE-2020-1059
A spoofing vulnerability exists when Microsoft Edge does not properly parse HTTP content, aka 'Microsoft Edge Spoofing Vulnerability'.
CVSS Score
4.3
EPSS Score
0.023
Published
2020-05-21
CVE-2020-1060
A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'VBScript Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1035, CVE-2020-1058, CVE-2020-1093.
CVSS Score
7.5
EPSS Score
0.034
Published
2020-05-21
CVE-2020-1061
A remote code execution vulnerability exists in the way that the Microsoft Script Runtime handles objects in memory, aka 'Microsoft Script Runtime Remote Code Execution Vulnerability'.
CVSS Score
8.8
EPSS Score
0.187
Published
2020-05-21
CVE-2020-1062
A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory, aka 'Internet Explorer Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-1092.
CVSS Score
7.5
EPSS Score
0.54
Published
2020-05-21
CVE-2020-1063
A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server, aka 'Microsoft Dynamics 365 (On-Premise) Cross Site Scripting Vulnerability'.
CVSS Score
5.4
EPSS Score
0.011
Published
2020-05-21
CVE-2020-1064
A remote code execution vulnerability exists in the way that the MSHTML engine improperly validates input.An attacker could execute arbitrary code in the context of the current user, aka 'MSHTML Engine Remote Code Execution Vulnerability'.
CVSS Score
7.5
EPSS Score
0.062
Published
2020-05-21


Products
Pricing
Contact Us

Shodan ® - All rights reserved