VYPR

Vendor CVEs

Microsoft

All CVEs

14,175 total · sorted by risk
  • CVE-2019-0766Apr 9, 2019
    risk 0.00cvss epss 0.01

    An elevation of privilege vulnerability exists in Windows AppX Deployment Server that allows file creation in arbitrary locations. To exploit the vulnerability, an attacker would first have to log on to the system, aka 'Microsoft Windows Elevation of Privilege Vulnerability'.

  • CVE-2019-0767Apr 9, 2019
    risk 0.00cvss epss 0.02

    An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory.To exploit this vulnerability, an authenticated attacker could run a specially crafted application, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE…

  • CVE-2019-0701Apr 8, 2019
    risk 0.00cvss epss 0.02

    A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate input from a privileged user on a guest operating system, aka 'Windows Hyper-V Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-0690, CVE-2019-0695.

  • CVE-2019-0702Apr 8, 2019
    risk 0.00cvss epss 0.02

    An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0755, CVE-2019-0767, CVE-2019-0775, CVE-2019-0782.

  • CVE-2019-0754Apr 8, 2019
    risk 0.00cvss epss 0.02

    A denial of service vulnerability exists when Windows improperly handles objects in memory, aka 'Windows Denial of Service Vulnerability'.

  • CVE-2019-0755Apr 8, 2019
    risk 0.00cvss epss 0.02

    An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0702, CVE-2019-0767, CVE-2019-0775, CVE-2019-0782.

  • CVE-2019-0678Apr 8, 2019
    risk 0.00cvss epss 0.06

    An elevation of privilege vulnerability exists when Microsoft Edge does not properly enforce cross-domain policies, which could allow an attacker to access information from one domain and inject it into another domain.In a web-based attack scenario, an attacker could host a…

  • CVE-2019-0682Apr 8, 2019
    risk 0.00cvss epss 0.01

    An elevation of privilege vulnerability exists due to an integer overflow in Windows Subsystem for Linux, aka 'Windows Subsystem for Linux Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0689, CVE-2019-0692, CVE-2019-0693, CVE-2019-0694.

  • CVE-2019-0689Apr 8, 2019
    risk 0.00cvss epss 0.01

    An elevation of privilege vulnerability exists due to an integer overflow in Windows Subsystem for Linux, aka 'Windows Subsystem for Linux Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0682, CVE-2019-0692, CVE-2019-0693, CVE-2019-0694.

  • CVE-2019-0690Apr 8, 2019
    risk 0.00cvss epss 0.02

    A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system, aka 'Windows Hyper-V Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-0695,…

  • CVE-2019-0692Apr 8, 2019
    risk 0.00cvss epss 0.01

    An elevation of privilege vulnerability exists due to an integer overflow in Windows Subsystem for Linux, aka 'Windows Subsystem for Linux Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0682, CVE-2019-0689, CVE-2019-0693, CVE-2019-0694.

  • CVE-2019-0693Apr 8, 2019
    risk 0.00cvss epss 0.01

    An elevation of privilege vulnerability exists due to an integer overflow in Windows Subsystem for Linux, aka 'Windows Subsystem for Linux Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0682, CVE-2019-0689, CVE-2019-0692, CVE-2019-0694.

  • CVE-2019-0694Apr 8, 2019
    risk 0.00cvss epss 0.01

    An elevation of privilege vulnerability exists due to an integer overflow in Windows Subsystem for Linux, aka 'Windows Subsystem for Linux Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0682, CVE-2019-0689, CVE-2019-0692, CVE-2019-0693.

  • CVE-2019-0695Apr 8, 2019
    risk 0.00cvss epss 0.02

    A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate input from a privileged user on a guest operating system, aka 'Windows Hyper-V Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-0690, CVE-2019-0701.

  • CVE-2019-0696Apr 8, 2019
    risk 0.00cvss epss 0.01

    An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'.

  • CVE-2019-0609Apr 8, 2019
    risk 0.00cvss epss 0.10

    A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0639, CVE-2019-0680, CVE-2019-0769, CVE-2019-0770,…

  • CVE-2019-5922Mar 12, 2019
    risk 0.00cvss epss 0.05

    Untrusted search path vulnerability in The installer of Microsoft Teams allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

  • CVE-2019-5921Mar 12, 2019
    risk 0.00cvss epss 0.05

    Untrusted search path vulnerability in Windows 7 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

  • CVE-2019-0628Mar 6, 2019
    risk 0.00cvss epss 0.02

    An information disclosure vulnerability exists when the win32k component improperly provides kernel information, aka 'Win32k Information Disclosure Vulnerability'.

  • CVE-2019-0600Mar 6, 2019
    risk 0.00cvss epss 0.02

    An information disclosure vulnerability exists when the Human Interface Devices (HID) component improperly handles objects in memory, aka 'HID Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0601.

  • CVE-2019-0601Mar 6, 2019
    risk 0.00cvss epss 0.02

    An information disclosure vulnerability exists when the Human Interface Devices (HID) component improperly handles objects in memory, aka 'HID Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0600.

  • CVE-2019-0621Mar 6, 2019
    risk 0.00cvss epss 0.02

    An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0661, CVE-2019-0663.

  • CVE-2019-0743Mar 6, 2019
    risk 0.00cvss epss 0.02

    A Cross-site Scripting (XSS) vulnerability exists when Team Foundation Server does not properly sanitize user provided input, aka 'Team Foundation Server Cross-site Scripting Vulnerability'. This CVE ID is unique from CVE-2019-0742.

  • CVE-2019-0742Mar 6, 2019
    risk 0.00cvss epss 0.02

    A Cross-site Scripting (XSS) vulnerability exists when Team Foundation Server does not properly sanitize user provided input, aka 'Team Foundation Server Cross-site Scripting Vulnerability'. This CVE ID is unique from CVE-2019-0743.

  • CVE-2019-0741Mar 6, 2019
    risk 0.00cvss epss 0.07

    An information disclosure vulnerability exists in the way Azure IoT Java SDK logs sensitive information, aka 'Azure IoT Java SDK Information Disclosure Vulnerability'.

  • CVE-2019-0729Mar 6, 2019
    risk 0.00cvss epss 0.03

    An Elevation of Privilege vulnerability exists in the way Azure IoT Java SDK generates symmetric keys for encryption, allowing an attacker to predict the randomness of the key, aka 'Azure IoT Java SDK Elevation of Privilege Vulnerability'.

  • CVE-2019-0670Mar 6, 2019
    risk 0.00cvss epss 0.02

    A spoofing vulnerability exists in Microsoft SharePoint when the application does not properly parse HTTP content, aka 'Microsoft SharePoint Spoofing Vulnerability'.

  • CVE-2019-0663Mar 6, 2019
    risk 0.00cvss epss 0.02

    An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory.To exploit this vulnerability, an authenticated attacker could run a specially crafted application, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE…

  • CVE-2019-0661Mar 6, 2019
    risk 0.00cvss epss 0.02

    An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0621, CVE-2019-0663.

  • CVE-2019-0659Mar 6, 2019
    risk 0.00cvss epss 0.01

    An elevation of privilege vulnerability exists when the Storage Service improperly handles file operations, aka 'Windows Storage Service Elevation of Privilege Vulnerability'.

  • CVE-2019-0656Mar 6, 2019
    risk 0.00cvss epss 0.01

    An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'.

  • CVE-2019-0654Mar 6, 2019
    risk 0.00cvss epss 0.03

    A spoofing vulnerability exists when Microsoft browsers improperly handles specific redirects, aka 'Microsoft Browser Spoofing Vulnerability'.

  • CVE-2019-0649Mar 6, 2019
    risk 0.00cvss epss 0.04

    A vulnerability exists in Microsoft Chakra JIT server, aka 'Scripting Engine Elevation of Privileged Vulnerability'.

  • CVE-2019-0648Mar 6, 2019
    risk 0.00cvss epss 0.05

    An information disclosure vulnerability exists when Chakra improperly discloses the contents of its memory, which could provide an attacker with information to further compromise the user's computer or data.To exploit the vulnerability, an attacker must know the memory address…

  • CVE-2019-0636Mar 6, 2019
    risk 0.00cvss epss 0.02

    An information vulnerability exists when Windows improperly discloses file information, aka 'Windows Information Disclosure Vulnerability'.

  • CVE-2019-0635Mar 6, 2019
    risk 0.00cvss epss 0.02

    An information disclosure vulnerability exists when Windows Hyper-V on a host operating system fails to properly validate input from an authenticated user on a guest operating system, aka 'Windows Hyper-V Information Disclosure Vulnerability'.

  • CVE-2019-0632Mar 6, 2019
    risk 0.00cvss epss 0.01

    A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard, aka 'Windows Security Feature Bypass Vulnerability'. This CVE ID is unique from CVE-2019-0627, CVE-2019-0631.

  • CVE-2019-0631Mar 6, 2019
    risk 0.00cvss epss 0.01

    A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard, aka 'Windows Security Feature Bypass Vulnerability'. This CVE ID is unique from CVE-2019-0627, CVE-2019-0632.

  • CVE-2019-0627Mar 6, 2019
    risk 0.00cvss epss 0.01

    A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard, aka 'Windows Security Feature Bypass Vulnerability'. This CVE ID is unique from CVE-2019-0631, CVE-2019-0632.

  • CVE-2019-0624Jan 17, 2019
    risk 0.00cvss epss 0.01

    A spoofing vulnerability exists when a Skype for Business 2015 server does not properly sanitize a specially crafted request, aka "Skype for Business 2015 Spoofing Vulnerability." This affects Skype.

  • CVE-2019-0646Jan 17, 2019
    risk 0.00cvss epss 0.01

    A Cross-site Scripting (XSS) vulnerability exists when Team Foundation Server does not properly sanitize user provided input, aka "Team Foundation Server Cross-site Scripting Vulnerability." This affects Team.

  • CVE-2019-2538Jan 16, 2019
    risk 0.00cvss epss 0.01

    Vulnerability in the Oracle Managed File Transfer component of Oracle Fusion Middleware (subcomponent: MFT Runtime Server). Supported versions that are affected are 19.1.0.0.0 and 12.2.1.3.0. Easily exploitable vulnerability allows low privileged attacker with network access via…

  • CVE-2019-0556Jan 8, 2019
    risk 0.00cvss epss 0.02

    A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft Office SharePoint XSS Vulnerability." This affects Microsoft SharePoint. This CVE ID is…

  • CVE-2019-0549Jan 8, 2019
    risk 0.00cvss epss 0.02

    An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019,…

  • CVE-2019-0550Jan 8, 2019
    risk 0.00cvss epss 0.04

    A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system, aka "Windows Hyper-V Remote Code Execution Vulnerability." This affects Windows 10 Servers, Windows 10,…

  • CVE-2019-0551Jan 8, 2019
    risk 0.00cvss epss 0.04

    A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system, aka "Windows Hyper-V Remote Code Execution Vulnerability." This affects Windows Server 2016, Windows 10,…

  • CVE-2019-0557Jan 8, 2019
    risk 0.00cvss epss 0.02

    A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft Office SharePoint XSS Vulnerability." This affects Microsoft SharePoint. This CVE ID is…

  • CVE-2019-0622Jan 8, 2019
    risk 0.00cvss epss 0.02

    An elevation of privilege vulnerability exists when Skype for Andriod fails to properly handle specific authentication requests, aka "Skype for Android Elevation of Privilege Vulnerability." This affects Skype 8.35.

  • CVE-2019-0588Jan 8, 2019
    risk 0.00cvss epss 0.05

    An information disclosure vulnerability exists when the Microsoft Exchange PowerShell API grants calendar contributors more view permissions than intended, aka "Microsoft Exchange Information Disclosure Vulnerability." This affects Microsoft Exchange Server.

  • CVE-2019-0569Jan 8, 2019
    risk 0.00cvss epss 0.02

    An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019,…

Page 270 of 284