CVE-2020-16918

<p>A remote code execution vulnerability exists when the Base3D rendering engine improperly handles memory.</p> <p>An attacker who successfully exploited the vulnerability would gain execution on a victim system.</p> <p>The security update addresses the vulnerability by correcting how the Base3D ren...

high 7.8 CVSS 3.1
Published: Oct 16, 2020
Modified: May 29, 2026
Vendor: Microsoft
Product: 365 Apps

Description

<p>A remote code execution vulnerability exists when the Base3D rendering engine improperly handles memory.</p>
<p>An attacker who successfully exploited the vulnerability would gain execution on a victim system.</p>
<p>The security update addresses the vulnerability by correcting how the Base3D rendering engine handles memory.</p>

References

Related CVEs

CVE-2026-45584 high · 8.1
Heap-based buffer overflow in Microsoft Defender allows an unauthorized attacker to execute code over a network.
CVE-2026-45498 medium · 4.0
Microsoft Defender Denial of Service Vulnerability
CVE-2026-42834 high · 7.8
Improper link resolution before file access ('link following') in Azure Portal Windows Admin Center allows an authorized attacker to elevate privileges locally.
CVE-2026-41091 high · 7.8
Improper link resolution before file access ('link following') in Microsoft Defender allows an authorized attacker to elevate privileges locally.
CVE-2026-45585 medium · 6.8
Microsoft is aware of a security feature bypass vulnerability in Windows publicly referred to as &quot;YellowKey&quot;. The proof of concept for this vulnerability has been made pu
CVE-2026-45495 high · 8.8
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability