Privilege Escalation - 7823 CVEs (Page 44/66)

About “Privilege Escalation”

A curated feed of “Privilege Escalation”-related CVEs appears below. We currently track 7823 CVEs for this tag (all time). In the last 365 days, 1227 were published. Average CVSS is 7.7 (all time; 7.9 over 365d), and 84% are rated High/Critical (all time). Top CWEs (last 365 days): CWE-269 - Improper Privilege Management, CWE-266 - Incorrect Privilege Assignment, CWE-862 - Missing Authorization.

In our taxonomy this topic maps to a LOW impact class. Vendor advisories and release notes are key. Verify compatibility matrices, prefer supported long term versions, and stage rollouts with monitoring. Use the filters below to sort by CVSS, risk and CWE. Each detail page highlights vendor advisories and mitigation tips.

CVEs tagged with this topic. Filters apply to the whole list (loaded from JSON).

CVSS ≥ 0.0

2020-07-14

High

CVE-2020-1249

An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka 'Windows Runtime Elevation of Privilege Vulnerability'. This CVE ID is unique from CV…

CVSS: 7.8 CWE: N/A View on NVD

High

CVE-2020-1085

An elevation of privilege vulnerability exists in the way that the Windows Function Discovery Service handles objects in memory, aka 'Windows Function Discovery Service Elevation of Privilege Vulnera…

CVSS: 7.8 CWE: N/A View on NVD

Critical

CVE-2020-1025

An elevation of privilege vulnerability exists when Microsoft SharePoint Server and Skype for Business Server improperly handle OAuth token validation. An attacker who successfully exploited the vuln…

CVSS: 9.8 CWE: CWE-20 - Improper Input Validation View on NVD

2020-07-10

Medium

CVE-2020-11081

osquery before version 4.4.0 enables a privilege escalation vulnerability. If a Window system is configured with a PATH that contains a user-writable directory then a local user may write a zlib1.dll…

CVSS: 5.3 CWE: CWE-114 - Process Control View on NVD

High

CVE-2020-8199

Improper access control in Citrix ADC Gateway Linux client versions before 1.0.0.137 results in local privilege escalation to root.

CVSS: 7.8 CWE: N/A View on NVD

High

CVE-2020-8197

Privilege escalation vulnerability on Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 allows a low privileged user with management access t…

CVSS: 8.8 CWE: N/A View on NVD

High

CVE-2020-8190

Incorrect file permissions in Citrix ADC and Citrix Gateway before versions 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 allows privilege escalation.

CVSS: 7.5 CWE: CWE-281 - Improper Preservation of Permissions View on NVD

High

CVE-2020-3974

VMware Fusion (11.x before 11.5.5), VMware Remote Console for Mac (11.x and prior before 11.2.0 ) and Horizon Client for Mac (5.x and prior before 5.4.3) contain a privilege escalation vulnerability…

CVSS: 7.8 CWE: N/A View on NVD

2020-07-08

Critical

CVE-2020-11849

Elevation of privilege and/or unauthorized access vulnerability in Micro Focus Identity Manager. Affecting versions prior to 4.7.3 and 4.8.1 hot fix 1. The vulnerability could allow information expos…

CVSS: 9.8 CWE: N/A View on NVD

2020-07-07

High

CVE-2020-15567

An issue was discovered in Xen through 4.13.x, allowing Intel guest OS users to gain privileges or cause a denial of service because of non-atomic modification of a live EPT PTE. When mapping guest E…

CVSS: 7.8 CWE: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') View on NVD

High

CVE-2020-15565

An issue was discovered in Xen through 4.13.x, allowing x86 Intel HVM guest OS users to cause a host OS denial of service or possibly gain privileges because of insufficient cache write-back under VT…

CVSS: 8.8 CWE: CWE-400 - Uncontrolled Resource Consumption View on NVD

2020-07-03

High

CVE-2020-7283

Privilege Escalation vulnerability in McAfee Total Protection (MTP) before 16.0.R26 allows local users to create and edit files via symbolic link manipulation in a location they would otherwise not h…

CVSS: 7.5 CWE: CWE-274 - Improper Handling of Insufficient Privileges View on NVD

High

CVE-2020-7282

Privilege Escalation vulnerability in McAfee Total Protection (MTP) before 16.0.R26 allows local users to delete files the user would otherwise not have access to via manipulating symbolic links to r…

CVSS: 7.5 CWE: CWE-59 - Improper Link Resolution Before File Access ('Link Following') View on NVD

High

CVE-2020-7281

Privilege Escalation vulnerability in McAfee Total Protection (MTP) prior to 16.0.R26 allows local users to delete files the user would otherwise not have access to via manipulating symbolic links to…

CVSS: 7.5 CWE: CWE-269 - Improper Privilege Management View on NVD

2020-06-29

Medium

CVE-2020-13657

An elevation of privilege vulnerability exists in Avast Free Antivirus and AVG AntiVirus Free before 20.4 due to improperly handling hard links. The vulnerability allows local users to take control o…

CVSS: 5.5 CWE: N/A View on NVD

2020-06-27

High

CVE-2020-15360

com.docker.vmnetd in Docker Desktop 2.3.0.3 allows privilege escalation because of a lack of client verification.

CVSS: 7.8 CWE: CWE-862 - Missing Authorization View on NVD

2020-06-26

Critical

CVE-2020-9630

Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a business logic error vulnerability. Successful exploitation could lead to privi…

CVSS: 9.8 CWE: N/A View on NVD

High

CVE-2020-3768

ColdFusion versions ColdFusion 2016, and ColdFusion 2018 have a dll search-order hijacking vulnerability. Successful exploitation could lead to privilege escalation.

CVSS: 7.8 CWE: CWE-426 - Untrusted Search Path View on NVD

2020-06-24

Medium

CVE-2020-10277

There is no mechanism in place to prevent a bad operator to boot from a live OS image, this can lead to extraction of sensible files (such as the shadow file) or privilege escalation by manually addi…

CVSS: 6.4 CWE: CWE-656 - Reliance on Security Through Obscurity View on NVD

2020-06-22

High

CVE-2020-14945

A privilege escalation vulnerability exists within Global RADAR BSA Radar 1.6.7234.24750 and earlier that allows an authenticated, low-privileged user to escalate their privileges to administrator ri…

CVSS: 8.8 CWE: N/A View on NVD

2020-06-17

High

CVE-2020-9332

ftusbbus2.sys in FabulaTech USB for Remote Desktop through 2020-02-19 allows privilege escalation via crafted IoCtl code related to a USB HID device.

CVSS: 7.8 CWE: N/A View on NVD

2020-06-15

Medium

CVE-2020-5358

Dell Encryption versions prior to 10.7 and Dell Endpoint Security Suite versions prior to 2.7 contain a privilege escalation vulnerability due to incorrect permissions. A local malicious user with lo…

CVSS: 6.7 CWE: CWE-732 - Incorrect Permission Assignment for Critical Resource View on NVD

High

CVE-2020-5755

Webroot endpoint agents prior to version v9.0.28.48 did not protect the "%PROGRAMDATA%\WrData\PKG" directory against renaming. This could allow attackers to trigger a crash or wait upon Webroot servi…

CVSS: 7.8 CWE: CWE-732 - Incorrect Permission Assignment for Critical Resource View on NVD

High

CVE-2020-3961

VMware Horizon Client for Windows (prior to 5.4.3) contains a privilege escalation vulnerability due to folder permission configuration and unsafe loading of libraries. A local user on the system whe…

CVSS: 7.8 CWE: CWE-732 - Incorrect Permission Assignment for Critical Resource View on NVD

2020-06-12

Medium

CVE-2020-11980

In Karaf, JMX authentication takes place using JAAS and authorization takes place using ACL files. By default, only an "admin" can actually invoke on an MBean. However there is a vulnerability there…

CVSS: 6.3 CWE: CWE-918 - Server-Side Request Forgery (SSRF) View on NVD

2020-06-11

High

CVE-2020-11613

Mids' Reborn Hero Designer 2.6.0.7 has an elevation of privilege vulnerability due to default and insecure permissions being set for the installation folder. By default, the Authenticated Users group…

CVSS: 7.8 CWE: CWE-427 - Uncontrolled Search Path Element View on NVD

High

CVE-2020-0219

In onCreate of SliceDeepLinkSpringBoard.java there is a possible insecure Intent. This could lead to local elevation of privilege with no additional execution privileges needed. User interaction is n…

CVSS: 7.8 CWE: CWE-476 - NULL Pointer Dereference View on NVD

Critical

CVE-2020-13854

Artica Pandora FMS 7.44 allows privilege escalation.

CVSS: 9.8 CWE: CWE-269 - Improper Privilege Management View on NVD

2020-06-10

High

CVE-2020-7280

Privilege Escalation vulnerability during daily DAT updates when using McAfee Virus Scan Enterprise (VSE) prior to 8.8 Patch 15 allows local users to cause the deletion and creation of files they wou…

CVSS: 7.8 CWE: CWE-269 - Improper Privilege Management View on NVD

Medium

CVE-2019-3588

Privilege Escalation vulnerability in Microsoft Windows client (McTray.exe) in McAfee VirusScan Enterprise (VSE) 8.8 prior to Patch 14 may allow unauthorized users to interact with the On-Access Scan…

CVSS: 6.3 CWE: CWE-269 - Improper Privilege Management View on NVD

High

CVE-2019-3585

Privilege Escalation vulnerability in Microsoft Windows client (McTray.exe) in McAfee VirusScan Enterprise (VSE) 8.8 prior to Patch 14 may allow local users to interact with the On-Access Scan Messag…

CVSS: 7.0 CWE: CWE-269 - Improper Privilege Management View on NVD

High

CVE-2019-3617

Privilege escalation vulnerability in McAfee Total Protection (ToPS) for Mac OS prior to 4.6 allows local users to gain root privileges via incorrect protection of temporary files.

CVSS: 7.5 CWE: CWE-269 - Improper Privilege Management View on NVD

2020-06-09

High

CVE-2020-1334

CVSS: 7.8 CWE: N/A View on NVD

High

CVE-2020-1324

An elevation of privilege (user to user) vulnerability exists in Windows Security Health Service when handling certain objects in memory.To exploit the vulnerability, an attacker would first have to…

CVSS: 7.8 CWE: N/A View on NVD

High

CVE-2020-1317

An elevation of privilege vulnerability exists when Group Policy improperly checks access, aka 'Group Policy Elevation of Privilege Vulnerability'.

CVSS: 8.8 CWE: N/A View on NVD

High

CVE-2020-1316

An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique fro…

CVSS: 7.8 CWE: N/A View on NVD

High

CVE-2020-1314

An elevation of privilege vulnerability exists in Windows Text Service Framework (TSF) when the TSF server fails to properly handle messages sent from TSF clients, aka 'Windows Text Service Framework…

CVSS: 7.8 CWE: N/A View on NVD

High

CVE-2020-1313

An elevation of privilege vulnerability exists when the Windows Update Orchestrator Service improperly handles file operations, aka 'Windows Update Orchestrator Service Elevation of Privilege Vulnera…

CVSS: 7.8 CWE: N/A View on NVD

High

CVE-2020-1312

An elevation of privilege vulnerability exists in Windows Installer because of the way Windows Installer handles certain filesystem operations.To exploit the vulnerability, an attacker would require…

CVSS: 7.8 CWE: N/A View on NVD

High

CVE-2020-1311

An elevation of privilege vulnerability exists when Component Object Model (COM) client uses special case IIDs, aka 'Component Object Model Elevation of Privilege Vulnerability'.

CVSS: 7.8 CWE: N/A View on NVD

Medium

CVE-2020-1310

An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE I…

CVSS: 6.7 CWE: N/A View on NVD

High

CVE-2020-1309

An elevation of privilege vulnerability exists when the Microsoft Store Runtime improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim s…

CVSS: 7.8 CWE: N/A View on NVD

High

CVE-2020-1307

CVSS: 7.8 CWE: N/A View on NVD

High

CVE-2020-1306

CVSS: 7.8 CWE: N/A View on NVD

High

CVE-2020-1305

An elevation of privilege vulnerability exists when the Windows State Repository Service improperly handles objects in memory, aka 'Windows State Repository Service Elevation of Privilege Vulnerabili…

CVSS: 7.8 CWE: N/A View on NVD

High

CVE-2020-1304

CVSS: 7.8 CWE: N/A View on NVD

High

CVE-2020-1302

CVSS: 7.8 CWE: N/A View on NVD

High

CVE-2020-1295

An elevation of privilege vulnerability exists in Microsoft SharePoint, aka 'Microsoft SharePoint Elevation of Privilege Vulnerability'.

CVSS: 8.8 CWE: N/A View on NVD

High

CVE-2020-1294

An elevation of privilege vulnerability exists in the way that the Windows WalletService handles objects in memory, aka 'Windows WalletService Elevation of Privilege Vulnerability'. This CVE ID is un…

CVSS: 7.8 CWE: N/A View on NVD

High

CVE-2020-1293

An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector Service improperly handles file operations, aka 'Diagnostics Hub Standard Collector Elevation of Privilege V…

CVSS: 7.8 CWE: N/A View on NVD

High

CVE-2020-1292

An elevation of privilege vulnerability exists in OpenSSH for Windows when it does not properly restrict access to configuration settings, aka 'OpenSSH for Windows Elevation of Privilege Vulnerabilit…

CVSS: 7.8 CWE: N/A View on NVD

High

CVE-2020-1291

An elevation of privilege vulnerability exists in the way that the Windows Network Connections Service handles objects in memory, aka 'Windows Network Connections Service Elevation of Privilege Vulne…

CVSS: 7.8 CWE: N/A View on NVD

High

CVE-2020-1287

CVSS: 7.8 CWE: N/A View on NVD

High

CVE-2020-1282

CVSS: 7.8 CWE: N/A View on NVD

High

CVE-2020-1280

An elevation of privilege vulnerability exists in the way that the Windows Bluetooth Service handles objects in memory, aka 'Windows Bluetooth Service Elevation of Privilege Vulnerability'.

CVSS: 7.8 CWE: N/A View on NVD

High

CVE-2020-1279

An elevation of privilege vulnerability exists when Windows Lockscreen fails to properly load spotlight images from a secure location, aka 'Windows Lockscreen Elevation of Privilege Vulnerability'.

CVSS: 7.8 CWE: N/A View on NVD

High

CVE-2020-1278

CVSS: 7.8 CWE: N/A View on NVD

High

CVE-2020-1277

CVSS: 7.8 CWE: N/A View on NVD

High

CVE-2020-1276

CVSS: 7.8 CWE: N/A View on NVD

High

CVE-2020-1275

CVSS: 7.8 CWE: N/A View on NVD

High

CVE-2020-1274

CVSS: 7.8 CWE: N/A View on NVD

High

CVE-2020-1273

CVSS: 7.8 CWE: N/A View on NVD

High

CVE-2020-1272

An elevation of privilege vulnerability exists in the Windows Installer when the Windows Installer fails to properly sanitize input leading to an insecure library loading behavior.A locally authentic…

CVSS: 7.8 CWE: N/A View on NVD

High

CVE-2020-1271

An elevation of privilege vulnerability exists when the Windows Backup Service improperly handles file operations.To exploit this vulnerability, an attacker would first have to gain execution on the…

CVSS: 7.8 CWE: N/A View on NVD

High

CVE-2020-1270

An elevation of privilege vulnerability exists in the way that the wlansvc.dll handles objects in memory, aka 'Windows WLAN Service Elevation of Privilege Vulnerability'.

CVSS: 7.8 CWE: N/A View on NVD

High

CVE-2020-1269

CVSS: 7.8 CWE: N/A View on NVD

High

CVE-2020-1266

CVSS: 7.8 CWE: N/A View on NVD

High

CVE-2020-1265

CVSS: 7.8 CWE: N/A View on NVD

High

CVE-2020-1264

CVSS: 7.8 CWE: N/A View on NVD

High

CVE-2020-1262

CVSS: 7.8 CWE: N/A View on NVD

Medium

CVE-2020-1258

An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory, aka 'DirectX Elevation of Privilege Vulnerability'.

CVSS: 6.7 CWE: N/A View on NVD

High

CVE-2020-1257

CVSS: 7.8 CWE: N/A View on NVD

High

CVE-2020-1255

An elevation of privilege vulnerability exists when the Windows Background Intelligent Transfer Service (BITS) IIS module improperly handles uploaded content, aka 'Windows Background Intelligent Tran…

CVSS: 8.8 CWE: N/A View on NVD

High

CVE-2020-1254

An elevation of privilege vulnerability exists when Windows Modules Installer Service improperly handles class object members.A locally authenticated attacker could run arbitrary code with elevated s…

CVSS: 7.8 CWE: N/A View on NVD

Medium

CVE-2020-1253

CVSS: 6.7 CWE: N/A View on NVD

Medium

CVE-2020-1251

CVSS: 6.7 CWE: N/A View on NVD

High

CVE-2020-1247

CVSS: 7.8 CWE: N/A View on NVD

High

CVE-2020-1246

CVSS: 7.8 CWE: N/A View on NVD

High

CVE-2020-1237

An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-…

CVSS: 7.8 CWE: N/A View on NVD

High

CVE-2020-1235

CVSS: 7.8 CWE: N/A View on NVD

High

CVE-2020-1234

An elevation of privilege vulnerability exists when Windows Error Reporting improperly handles objects in memory.To exploit this vulnerability, an attacker would first have to gain execution on the v…

CVSS: 7.8 CWE: N/A View on NVD

High

CVE-2020-1233

CVSS: 7.8 CWE: N/A View on NVD

High

CVE-2020-1231

CVSS: 7.8 CWE: N/A View on NVD

High

CVE-2020-1222

CVSS: 7.8 CWE: N/A View on NVD

High

CVE-2020-1212

An elevation of privilege vulnerability exists when an OLE Automation component improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim s…

CVSS: 7.8 CWE: N/A View on NVD

High

CVE-2020-1211

An elevation of privilege vulnerability exists in the way that the Connected Devices Platform Service handles objects in memory, aka 'Connected Devices Platform Service Elevation of Privilege Vulnera…

CVSS: 7.8 CWE: N/A View on NVD

High

CVE-2020-1209

An elevation of privilege vulnerability exists in the way that the Windows Network List Service handles objects in memory, aka 'Windows Network List Service Elevation of Privilege Vulnerability'.

CVSS: 7.8 CWE: N/A View on NVD

High

CVE-2020-1207

CVSS: 7.8 CWE: CWE-416 - Use After Free View on NVD

High

CVE-2020-1204

An elevation of privilege vulnerability exists when Windows Mobile Device Management (MDM) Diagnostics improperly handles junctions, aka 'Windows Mobile Device Management Diagnostics Elevation of Pri…

CVSS: 7.1 CWE: N/A View on NVD

High

CVE-2020-1203

An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector or the Visual Studio Standard Collector fail to properly handle objects in memory, aka 'Diagnostic Hub Stand…

CVSS: 7.8 CWE: N/A View on NVD

High

CVE-2020-1202

CVSS: 7.8 CWE: N/A View on NVD

High

CVE-2020-1201

An elevation of privilege vulnerability exists in the way the Windows Now Playing Session Manager handles objects in memory, aka 'Windows Now Playing Session Manager Elevation of Privilege Vulnerabil…

CVSS: 7.8 CWE: N/A View on NVD

High

CVE-2020-1199

An elevation of privilege vulnerability exists when the Windows Feedback Hub improperly handles objects in memory, aka 'Windows Feedback Hub Elevation of Privilege Vulnerability'.

CVSS: 7.8 CWE: N/A View on NVD

High

CVE-2020-1197

An elevation of privilege vulnerability exists when Windows Error Reporting manager improperly handles a process crash, aka 'Windows Error Reporting Manager Elevation of Privilege Vulnerability'.

CVSS: 7.8 CWE: N/A View on NVD

High

CVE-2020-1196

An elevation of privilege vulnerability exists in the way that the printconfig.dll handles objects in memory, aka 'Windows Print Configuration Elevation of Privilege Vulnerability'.

CVSS: 7.8 CWE: N/A View on NVD

High

CVE-2020-1178

An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted authentication request to an affected SharePoint server, aka 'Microsoft…

CVSS: 8.8 CWE: N/A View on NVD

High

CVE-2020-1170

An elevation of privilege vulnerability exists in Windows Defender that leads arbitrary file deletion on the system.To exploit the vulnerability, an attacker would first have to log on to the system,…

CVSS: 7.8 CWE: CWE-732 - Incorrect Permission Assignment for Critical Resource View on NVD

High

CVE-2020-1163

CVSS: 7.8 CWE: N/A View on NVD

High

CVE-2020-1162

CVSS: 7.8 CWE: N/A View on NVD

High

CVE-2020-0986

CVSS: 7.8 CWE: CWE-787 - Out-of-bounds Write View on NVD

High

CVE-2020-0916

An elevation of privilege vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory, aka 'Windows GDI Elevation of Privilege Vulnerability'. This CVE…

CVSS: 7.8 CWE: N/A View on NVD

High

CVE-2020-0915

CVSS: 7.8 CWE: N/A View on NVD

Medium

CVE-2019-6173

A DLL search path vulnerability could allow privilege escalation in some Lenovo installation packages, prior to version 1.2.9.3, during installation if an attacker already has administrative privileg…

CVSS: 6.7 CWE: CWE-426 - Untrusted Search Path View on NVD

High

CVE-2020-9817

A permissions issue existed. This issue was addressed with improved permission validation. This issue is fixed in macOS Catalina 10.15.5. A malicious application may be able to gain root privileges.

CVSS: 7.8 CWE: CWE-276 - Incorrect Default Permissions View on NVD

2020-06-04

High

CVE-2020-11679

Castel NextGen DVR v1.0.0 is vulnerable to privilege escalation through the Adminstrator/Users/Edit/:UserId functionality. Adminstrator/Users/Edit/:UserId fails to check that the request was submitte…

CVSS: 8.8 CWE: CWE-862 - Missing Authorization View on NVD

2020-06-03

High

CVE-2020-7014

The fix for CVE-2020-7009 was found to be incomplete. Elasticsearch versions from 6.7.0 to 6.8.7 and 7.0.0 to 7.6.1 contain a privilege escalation flaw if an attacker is able to create API keys and a…

CVSS: 8.8 CWE: CWE-266 - Incorrect Privilege Assignment View on NVD

2020-05-29

High

CVE-2020-3957

VMware Fusion (11.x before 11.5.5), VMware Remote Console for Mac (11.x and prior) and VMware Horizon Client for Mac (5.x and prior) contain a local privilege escalation vulnerability due to a Time-o…

CVSS: 7.0 CWE: CWE-367 - Time-of-check Time-of-use (TOCTOU) Race Condition View on NVD

High

CVE-2020-4352

IBM MQ on HPE NonStop 8.0.4 and 8.1.0 is vulnerable to a privilege escalation attack when running in restricted mode. IBM X-Force ID: 178427.

CVSS: 7.0 CWE: N/A View on NVD

2020-05-27

High

CVE-2020-10936

Sympa before 6.2.56 allows privilege escalation.

CVSS: 7.8 CWE: CWE-269 - Improper Privilege Management View on NVD

2020-05-22

Critical

CVE-2020-13417

An Elevation of Privilege issue was discovered in Aviatrix VPN Client before 2.10.7, because of an incomplete fix for CVE-2020-7224. This affects Linux, macOS, and Windows installations for certain O…

CVSS: 9.8 CWE: N/A View on NVD

2020-05-21

Medium

CVE-2020-1195

An elevation of privilege vulnerability exists in Microsoft Edge (Chromium-based) when the Feedback extension improperly validates input, aka 'Microsoft Edge (Chromium-based) Elevation of Privilege V…

CVSS: 5.9 CWE: CWE-20 - Improper Input Validation View on NVD

High

CVE-2020-1191

CVSS: 7.8 CWE: N/A View on NVD

High

CVE-2020-1190

CVSS: 7.8 CWE: N/A View on NVD

High

CVE-2020-1189

CVSS: 7.8 CWE: N/A View on NVD

High

CVE-2020-1188

CVSS: 7.8 CWE: N/A View on NVD

High

CVE-2020-1187

CVSS: 7.8 CWE: N/A View on NVD

High

CVE-2020-1186

CVSS: 7.8 CWE: N/A View on NVD

High

CVE-2020-1185

CVSS: 7.8 CWE: N/A View on NVD

High

CVE-2020-1184

CVSS: 7.8 CWE: N/A View on NVD

High

CVE-2020-1166

An elevation of privilege vulnerability exists when Windows improperly handles calls to Clipboard Service, aka 'Windows Clipboard Service Elevation of Privilege Vulnerability'. This CVE ID is unique…

CVSS: 7.8 CWE: N/A View on NVD