Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In June 2020
CVE-2020-1255
An elevation of privilege vulnerability exists when the Windows Background Intelligent Transfer Service (BITS) IIS module improperly handles uploaded content, aka 'Windows Background Intelligent Transfer Service Elevation of Privilege Vulnerability'.
CVSS Score
8.8
EPSS Score
0.12
Published
2020-06-09
CVE-2020-1257
An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector Service improperly handles file operations, aka 'Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1278, CVE-2020-1293.
CVSS Score
7.8
EPSS Score
0.005
Published
2020-06-09
CVE-2020-1258
An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory, aka 'DirectX Elevation of Privilege Vulnerability'.
CVSS Score
6.7
EPSS Score
0.006
Published
2020-06-09
CVE-2020-1259
A security feature bypass vulnerability exists when Windows Host Guardian Service improperly handles hashes recorded and logged, aka 'Windows Host Guardian Service Security Feature Bypass Vulnerability'.
CVSS Score
4.3
EPSS Score
0.057
Published
2020-06-09
CVE-2020-1220
A spoofing vulnerability exists when theMicrosoft Edge (Chromium-based) in IE Mode improperly handles specific redirects, aka 'Microsoft Edge (Chromium-based) in IE Mode Spoofing Vulnerability'.
CVSS Score
6.1
EPSS Score
0.003
Published
2020-06-09
CVE-2020-1222
An elevation of privilege vulnerability exists when the Microsoft Store Runtime improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Microsoft Store Runtime Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1309.
CVSS Score
7.8
EPSS Score
0.007
Published
2020-06-09
CVE-2020-1223
A remote code execution vulnerability exists when Microsoft Word for Android fails to properly handle certain files.To exploit the vulnerability, an attacker would have to convince a user to open a specially crafted URL file.The update addresses the vulnerability by correcting how Microsoft Word for Android handles specially crafted URL files., aka 'Word for Android Remote Code Execution Vulnerability'.
CVSS Score
8.8
EPSS Score
0.368
Published
2020-06-09
CVE-2020-1225
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1226.
CVSS Score
8.8
EPSS Score
0.206
Published
2020-06-09
CVE-2020-1226
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1225.
CVSS Score
8.8
EPSS Score
0.206
Published
2020-06-09
CVE-2020-1229
A security feature bypass vulnerability exists in Microsoft Outlook when Office fails to enforce security settings configured on a system, aka 'Microsoft Outlook Security Feature Bypass Vulnerability'.
CVSS Score
4.3
EPSS Score
0.07
Published
2020-06-09


Products
Pricing
Contact Us

Shodan ® - All rights reserved