CWE-20

A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka “Microsoft SharePoint Remote Code Execution Vulnerability.” This affects Microsoft SharePoint.

A remote code execution vulnerability exists when Skype for Business and Microsoft Lync clients fail to properly sanitize specially crafted content, aka “Remote Code Execution Vulnerability in Skype For Business and Lync.” This affects Skype, Microsoft Lync.

A Remote Code Execution vulnerability exists in .NET software when the software fails to check the source markup of a file, aka “.NET Framework Remote Code Execution Vulnerability.” This affects .NET Framework 4.7.2, Microsoft .NET Framework 4.7.2.

A remote code execution vulnerability exists in the way Microsoft Exchange software parses specially crafted email messages, aka “Microsoft Exchange Remote Code Execution Vulnerability.” This affects Microsoft Exchange Server.

A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system, aka “Windows Hyper-V Denial of Service Vulnerability.” This affects Windows 10, Windows 10 Servers.

A Tampering vulnerability exists when Microsoft Macro Assembler improperly validates code, aka “Microsoft Macro Assembler Tampering Vulnerability.” This affects Microsoft Visual Studio.