Windows Server version 1709

CVEs (49)

CVE	Vendor / Product	Risk	CVSS	EPSS	Published	Description
CVE-2019-0974	Microsoft Jet Red Database Engine	0.01	—	0.13	Jun 12, 2019	A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by…
CVE-2019-0906	Microsoft Jet Red Database Engine	0.01	—	0.09	Jun 12, 2019	A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by…
CVE-2019-0908	Microsoft Jet Red Database Engine	0.01	—	0.07	Jun 12, 2019	A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by…
CVE-2019-0972	Microsoft Local Security Authority Subsystem Service	0.01	—	0.17	Jun 12, 2019	This security update corrects a denial of service in the Local Security Authority Subsystem Service (LSASS) caused when an authenticated attacker sends a specially crafted authentication request. A remote attacker who successfully exploited this vulnerability could cause a…
CVE-2019-0722	Python (programming language) Hyper	0.01	—	0.13	Jun 12, 2019	A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker could run a specially crafted application on a guest operating…
CVE-2019-0905	Microsoft Jet Red Database Engine	0.01	—	0.10	Jun 12, 2019	A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by…
CVE-2020-1560	Microsoft Windows Codecs Library	0.00	—	0.01	Aug 17, 2020	A remote code execution vulnerability exists in the way that Microsoft Windows Codecs Library handles objects in memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or…
CVE-2019-1053	Microsoft Windows Shell	0.00	—	0.00	Jun 12, 2019	An elevation of privilege vulnerability exists when the Windows Shell fails to validate folder shortcuts. An attacker who successfully exploited the vulnerability could elevate privileges by escaping a sandbox. To exploit this vulnerability, an attacker would require…
CVE-2019-1027	Microsoft Windows Audio Service	0.00	—	0.00	Jun 12, 2019	An elevation of privilege exists in Windows Audio Service. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges. To exploit the vulnerability, an attacker could run a specially crafted application that could exploit the…
CVE-2019-1039	Microsoft Windows	0.00	—	0.00	Jun 12, 2019	An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory. To exploit this vulnerability, an authenticated attacker could run a specially crafted application. An attacker who successfully exploited this vulnerability could…
CVE-2019-1028	Microsoft Windows Audio Service	0.00	—	0.00	Jun 12, 2019	An elevation of privilege exists in Windows Audio Service. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges. To exploit the vulnerability, an attacker could run a specially crafted application that could exploit the…
CVE-2019-1045	Microsoft Windows Network File System	0.00	—	0.00	Jun 12, 2019	An elevation of privilege vulnerability exists in the way that the Windows Network File System (NFS) handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. To exploit the vulnerability, a locally…
CVE-2019-1043	Microsoft Windows Server 2008	0.00	—	0.03	Jun 12, 2019	A remote code execution vulnerability exists in the way that comctl32.dll handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the…
CVE-2019-1021	Microsoft Windows	0.00	—	0.00	Jun 12, 2019	An elevation of privilege exists in Windows Audio Service. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges. To exploit the vulnerability, an attacker could run a specially crafted application that could exploit the…
CVE-2019-1007	Microsoft Windows Audio Service	0.00	—	0.00	Jun 12, 2019	An elevation of privilege exists in Windows Audio Service. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges. To exploit the vulnerability, an attacker could run a specially crafted application that could exploit the…
CVE-2019-1018	Microsoft Directx	0.00	—	0.00	Jun 12, 2019	An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create…
CVE-2019-1017	Microsoft Windows	0.00	—	0.00	Jun 12, 2019	An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view,…
CVE-2019-0998	Microsoft Storage Service	0.00	—	0.00	Jun 12, 2019	An elevation of privilege vulnerability exists when the Storage Service improperly handles file operations. An attacker who successfully exploited this vulnerability could gain elevated privileges on the victim system. To exploit the vulnerability, an attacker would first have…
CVE-2019-1014	Microsoft Windows	0.00	—	0.00	Jun 12, 2019	An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view,…
CVE-2019-0986	Microsoft Windows User Profile Service	0.00	—	0.02	Jun 12, 2019	An elevation of privilege vulnerability exists when the Windows User Profile Service (ProfSvc) improperly handles symlinks. An attacker who successfully exploited this vulnerability could delete files and folders in an elevated context. To exploit this vulnerability, an attacker…

CVE-2019-0974Jun 12, 2019
Microsoft
Jet Red Database Engine
risk 0.01cvss —epss 0.13
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by…
CVE-2019-0906Jun 12, 2019
Microsoft
Jet Red Database Engine
risk 0.01cvss —epss 0.09
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by…
CVE-2019-0908Jun 12, 2019
Microsoft
Jet Red Database Engine
risk 0.01cvss —epss 0.07
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by…
CVE-2019-0972Jun 12, 2019
Microsoft
Local Security Authority Subsystem Service
risk 0.01cvss —epss 0.17
This security update corrects a denial of service in the Local Security Authority Subsystem Service (LSASS) caused when an authenticated attacker sends a specially crafted authentication request. A remote attacker who successfully exploited this vulnerability could cause a…
CVE-2019-0722Jun 12, 2019
Python (programming language)
Hyper
risk 0.01cvss —epss 0.13
A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker could run a specially crafted application on a guest operating…
CVE-2019-0905Jun 12, 2019
Microsoft
Jet Red Database Engine
risk 0.01cvss —epss 0.10
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by…
CVE-2020-1560Aug 17, 2020
Microsoft
Windows Codecs Library
risk 0.00cvss —epss 0.01
A remote code execution vulnerability exists in the way that Microsoft Windows Codecs Library handles objects in memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or…
CVE-2019-1053Jun 12, 2019
Microsoft
Windows Shell
risk 0.00cvss —epss 0.00
An elevation of privilege vulnerability exists when the Windows Shell fails to validate folder shortcuts. An attacker who successfully exploited the vulnerability could elevate privileges by escaping a sandbox. To exploit this vulnerability, an attacker would require…
CVE-2019-1027Jun 12, 2019
Microsoft
Windows Audio Service
risk 0.00cvss —epss 0.00
An elevation of privilege exists in Windows Audio Service. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges. To exploit the vulnerability, an attacker could run a specially crafted application that could exploit the…
CVE-2019-1039Jun 12, 2019
Microsoft
Windows
risk 0.00cvss —epss 0.00
An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory. To exploit this vulnerability, an authenticated attacker could run a specially crafted application. An attacker who successfully exploited this vulnerability could…
CVE-2019-1028Jun 12, 2019
Microsoft
Windows Audio Service
risk 0.00cvss —epss 0.00
An elevation of privilege exists in Windows Audio Service. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges. To exploit the vulnerability, an attacker could run a specially crafted application that could exploit the…
CVE-2019-1045Jun 12, 2019
Microsoft
Windows Network File System
risk 0.00cvss —epss 0.00
An elevation of privilege vulnerability exists in the way that the Windows Network File System (NFS) handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. To exploit the vulnerability, a locally…
CVE-2019-1043Jun 12, 2019
Microsoft
Windows Server 2008
risk 0.00cvss —epss 0.03
A remote code execution vulnerability exists in the way that comctl32.dll handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the…
CVE-2019-1021Jun 12, 2019
Microsoft
Windows
risk 0.00cvss —epss 0.00
An elevation of privilege exists in Windows Audio Service. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges. To exploit the vulnerability, an attacker could run a specially crafted application that could exploit the…
CVE-2019-1007Jun 12, 2019
Microsoft
Windows Audio Service
risk 0.00cvss —epss 0.00
An elevation of privilege exists in Windows Audio Service. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges. To exploit the vulnerability, an attacker could run a specially crafted application that could exploit the…
CVE-2019-1018Jun 12, 2019
Microsoft
Directx
risk 0.00cvss —epss 0.00
An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create…
CVE-2019-1017Jun 12, 2019
Microsoft
Windows
risk 0.00cvss —epss 0.00
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view,…
CVE-2019-0998Jun 12, 2019
Microsoft
Storage Service
risk 0.00cvss —epss 0.00
An elevation of privilege vulnerability exists when the Storage Service improperly handles file operations. An attacker who successfully exploited this vulnerability could gain elevated privileges on the victim system. To exploit the vulnerability, an attacker would first have…
CVE-2019-1014Jun 12, 2019
Microsoft
Windows
risk 0.00cvss —epss 0.00
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view,…
CVE-2019-0986Jun 12, 2019
Microsoft
Windows User Profile Service
risk 0.00cvss —epss 0.02
An elevation of privilege vulnerability exists when the Windows User Profile Service (ProfSvc) improperly handles symlinks. An attacker who successfully exploited this vulnerability could delete files and folders in an elevated context. To exploit this vulnerability, an attacker…

Page 2 of 3