Windows
by Microsoft
CVEs (2,396)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2019-0727 | 0.00 | — | 0.01 | May 16, 2019 | An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector or the Visual Studio Standard Collector allows file deletion in arbitrary locations.To exploit the vulnerability, an attacker would first have to log on to the system, aka 'Diagnostic Hub… | |||
| CVE-2019-0733 | 0.00 | — | 0.01 | May 16, 2019 | A security feature bypass vulnerability exists in Windows Defender Application Control (WDAC) which could allow an attacker to bypass WDAC enforcement, aka 'Windows Defender Application Control Security Feature Bypass Vulnerability'. | |||
| CVE-2019-0707 | 0.00 | — | 0.01 | May 16, 2019 | An elevation of privilege vulnerability exists in the Network Driver Interface Specification (NDIS) when ndis.sys fails to check the length of a buffer prior to copying memory to it.To exploit the vulnerability, in a local attack scenario, an attacker could run a specially… | |||
| CVE-2018-6634 | 0.00 | — | 0.01 | May 7, 2019 | A vulnerability in Parsec Windows 142-0 and Parsec 'Linux Ubuntu 16.04 LTS Desktop' Build 142-1 allows unauthorized users to maintain access to an account. | |||
| CVE-2019-0877 | 0.00 | — | 0.05 | Apr 9, 2019 | A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0846, CVE-2019-0847, CVE-2019-0851, CVE-2019-0879. | |||
| CVE-2019-0879 | 0.00 | — | 0.10 | Apr 9, 2019 | A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0846, CVE-2019-0847, CVE-2019-0851, CVE-2019-0877. | |||
| CVE-2019-0844 | 0.00 | — | 0.02 | Apr 9, 2019 | An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0840. | |||
| CVE-2019-0839 | 0.00 | — | 0.02 | Apr 9, 2019 | An information disclosure vulnerability exists when the Terminal Services component improperly discloses the contents of its memory, aka 'Windows Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0838. | |||
| CVE-2019-0848 | 0.00 | — | 0.02 | Apr 9, 2019 | An information disclosure vulnerability exists when the win32k component improperly provides kernel information, aka 'Win32k Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0814. | |||
| CVE-2019-0840 | 0.00 | — | 0.02 | Apr 9, 2019 | An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0844. | |||
| CVE-2019-0838 | 0.00 | — | 0.02 | Apr 9, 2019 | An information disclosure vulnerability exists when Windows Task Scheduler improperly discloses credentials to Windows Credential Manager, aka 'Windows Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0839. | |||
| CVE-2019-0837 | 0.00 | — | 0.02 | Apr 9, 2019 | An information disclosure vulnerability exists when DirectX improperly handles objects in memory, aka 'DirectX Information Disclosure Vulnerability'. | |||
| CVE-2019-0814 | 0.00 | — | 0.02 | Apr 9, 2019 | An information disclosure vulnerability exists when the win32k component improperly provides kernel information, aka 'Win32k Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0848. | |||
| CVE-2019-0685 | 0.00 | — | 0.02 | Apr 9, 2019 | An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0803, CVE-2019-0859. | |||
| CVE-2019-0782 | 0.00 | — | 0.02 | Apr 9, 2019 | An information disclosure vulnerability exists when the Windows kernel fails to properly initialize a memory address, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0702, CVE-2019-0755, CVE-2019-0767, CVE-2019-0775. | |||
| CVE-2019-0784 | 0.00 | — | 0.08 | Apr 9, 2019 | A remote code execution vulnerability exists in the way that the ActiveX Data objects (ADO) handles objects in memory, aka 'Windows ActiveX Remote Code Execution Vulnerability'. | |||
| CVE-2019-0775 | 0.00 | — | 0.01 | Apr 9, 2019 | An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0702, CVE-2019-0755, CVE-2019-0767, CVE-2019-0782. | |||
| CVE-2019-0776 | 0.00 | — | 0.02 | Apr 9, 2019 | An information disclosure vulnerability exists when the win32k component improperly provides kernel information, aka 'Win32k Information Disclosure Vulnerability'. | |||
| CVE-2019-0759 | 0.00 | — | 0.02 | Apr 9, 2019 | An information disclosure vulnerability exists when the Windows Print Spooler does not properly handle objects in memory, aka 'Windows Print Spooler Information Disclosure Vulnerability'. | |||
| CVE-2019-0766 | 0.00 | — | 0.01 | Apr 9, 2019 | An elevation of privilege vulnerability exists in Windows AppX Deployment Server that allows file creation in arbitrary locations. To exploit the vulnerability, an attacker would first have to log on to the system, aka 'Microsoft Windows Elevation of Privilege Vulnerability'. |
- CVE-2019-0727May 16, 2019risk 0.00cvss —epss 0.01
An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector or the Visual Studio Standard Collector allows file deletion in arbitrary locations.To exploit the vulnerability, an attacker would first have to log on to the system, aka 'Diagnostic Hub…
- CVE-2019-0733May 16, 2019risk 0.00cvss —epss 0.01
A security feature bypass vulnerability exists in Windows Defender Application Control (WDAC) which could allow an attacker to bypass WDAC enforcement, aka 'Windows Defender Application Control Security Feature Bypass Vulnerability'.
- CVE-2019-0707May 16, 2019risk 0.00cvss —epss 0.01
An elevation of privilege vulnerability exists in the Network Driver Interface Specification (NDIS) when ndis.sys fails to check the length of a buffer prior to copying memory to it.To exploit the vulnerability, in a local attack scenario, an attacker could run a specially…
- CVE-2018-6634May 7, 2019risk 0.00cvss —epss 0.01
A vulnerability in Parsec Windows 142-0 and Parsec 'Linux Ubuntu 16.04 LTS Desktop' Build 142-1 allows unauthorized users to maintain access to an account.
- CVE-2019-0877Apr 9, 2019risk 0.00cvss —epss 0.05
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0846, CVE-2019-0847, CVE-2019-0851, CVE-2019-0879.
- CVE-2019-0879Apr 9, 2019risk 0.00cvss —epss 0.10
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0846, CVE-2019-0847, CVE-2019-0851, CVE-2019-0877.
- CVE-2019-0844Apr 9, 2019risk 0.00cvss —epss 0.02
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0840.
- CVE-2019-0839Apr 9, 2019risk 0.00cvss —epss 0.02
An information disclosure vulnerability exists when the Terminal Services component improperly discloses the contents of its memory, aka 'Windows Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0838.
- CVE-2019-0848Apr 9, 2019risk 0.00cvss —epss 0.02
An information disclosure vulnerability exists when the win32k component improperly provides kernel information, aka 'Win32k Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0814.
- CVE-2019-0840Apr 9, 2019risk 0.00cvss —epss 0.02
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0844.
- CVE-2019-0838Apr 9, 2019risk 0.00cvss —epss 0.02
An information disclosure vulnerability exists when Windows Task Scheduler improperly discloses credentials to Windows Credential Manager, aka 'Windows Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0839.
- CVE-2019-0837Apr 9, 2019risk 0.00cvss —epss 0.02
An information disclosure vulnerability exists when DirectX improperly handles objects in memory, aka 'DirectX Information Disclosure Vulnerability'.
- CVE-2019-0814Apr 9, 2019risk 0.00cvss —epss 0.02
An information disclosure vulnerability exists when the win32k component improperly provides kernel information, aka 'Win32k Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0848.
- CVE-2019-0685Apr 9, 2019risk 0.00cvss —epss 0.02
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0803, CVE-2019-0859.
- CVE-2019-0782Apr 9, 2019risk 0.00cvss —epss 0.02
An information disclosure vulnerability exists when the Windows kernel fails to properly initialize a memory address, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0702, CVE-2019-0755, CVE-2019-0767, CVE-2019-0775.
- CVE-2019-0784Apr 9, 2019risk 0.00cvss —epss 0.08
A remote code execution vulnerability exists in the way that the ActiveX Data objects (ADO) handles objects in memory, aka 'Windows ActiveX Remote Code Execution Vulnerability'.
- CVE-2019-0775Apr 9, 2019risk 0.00cvss —epss 0.01
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0702, CVE-2019-0755, CVE-2019-0767, CVE-2019-0782.
- CVE-2019-0776Apr 9, 2019risk 0.00cvss —epss 0.02
An information disclosure vulnerability exists when the win32k component improperly provides kernel information, aka 'Win32k Information Disclosure Vulnerability'.
- CVE-2019-0759Apr 9, 2019risk 0.00cvss —epss 0.02
An information disclosure vulnerability exists when the Windows Print Spooler does not properly handle objects in memory, aka 'Windows Print Spooler Information Disclosure Vulnerability'.
- CVE-2019-0766Apr 9, 2019risk 0.00cvss —epss 0.01
An elevation of privilege vulnerability exists in Windows AppX Deployment Server that allows file creation in arbitrary locations. To exploit the vulnerability, an attacker would first have to log on to the system, aka 'Microsoft Windows Elevation of Privilege Vulnerability'.
Page 106 of 120