Vendor CVEs
Microsoft
All CVEs
14,175 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2019-0766 | 0.00 | — | 0.01 | Apr 9, 2019 | An elevation of privilege vulnerability exists in Windows AppX Deployment Server that allows file creation in arbitrary locations. To exploit the vulnerability, an attacker would first have to log on to the system, aka 'Microsoft Windows Elevation of Privilege Vulnerability'. | |||
| CVE-2019-0767 | 0.00 | — | 0.02 | Apr 9, 2019 | An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory.To exploit this vulnerability, an authenticated attacker could run a specially crafted application, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE… | |||
| CVE-2019-0701 | 0.00 | — | 0.02 | Apr 8, 2019 | A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate input from a privileged user on a guest operating system, aka 'Windows Hyper-V Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-0690, CVE-2019-0695. | |||
| CVE-2019-0702 | 0.00 | — | 0.02 | Apr 8, 2019 | An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0755, CVE-2019-0767, CVE-2019-0775, CVE-2019-0782. | |||
| CVE-2019-0754 | 0.00 | — | 0.02 | Apr 8, 2019 | A denial of service vulnerability exists when Windows improperly handles objects in memory, aka 'Windows Denial of Service Vulnerability'. | |||
| CVE-2019-0755 | 0.00 | — | 0.02 | Apr 8, 2019 | An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0702, CVE-2019-0767, CVE-2019-0775, CVE-2019-0782. | |||
| CVE-2019-0678 | 0.00 | — | 0.06 | Apr 8, 2019 | An elevation of privilege vulnerability exists when Microsoft Edge does not properly enforce cross-domain policies, which could allow an attacker to access information from one domain and inject it into another domain.In a web-based attack scenario, an attacker could host a… | |||
| CVE-2019-0682 | 0.00 | — | 0.01 | Apr 8, 2019 | An elevation of privilege vulnerability exists due to an integer overflow in Windows Subsystem for Linux, aka 'Windows Subsystem for Linux Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0689, CVE-2019-0692, CVE-2019-0693, CVE-2019-0694. | |||
| CVE-2019-0689 | 0.00 | — | 0.01 | Apr 8, 2019 | An elevation of privilege vulnerability exists due to an integer overflow in Windows Subsystem for Linux, aka 'Windows Subsystem for Linux Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0682, CVE-2019-0692, CVE-2019-0693, CVE-2019-0694. | |||
| CVE-2019-0690 | 0.00 | — | 0.02 | Apr 8, 2019 | A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system, aka 'Windows Hyper-V Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-0695,… | |||
| CVE-2019-0692 | 0.00 | — | 0.01 | Apr 8, 2019 | An elevation of privilege vulnerability exists due to an integer overflow in Windows Subsystem for Linux, aka 'Windows Subsystem for Linux Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0682, CVE-2019-0689, CVE-2019-0693, CVE-2019-0694. | |||
| CVE-2019-0693 | 0.00 | — | 0.01 | Apr 8, 2019 | An elevation of privilege vulnerability exists due to an integer overflow in Windows Subsystem for Linux, aka 'Windows Subsystem for Linux Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0682, CVE-2019-0689, CVE-2019-0692, CVE-2019-0694. | |||
| CVE-2019-0694 | 0.00 | — | 0.01 | Apr 8, 2019 | An elevation of privilege vulnerability exists due to an integer overflow in Windows Subsystem for Linux, aka 'Windows Subsystem for Linux Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0682, CVE-2019-0689, CVE-2019-0692, CVE-2019-0693. | |||
| CVE-2019-0695 | 0.00 | — | 0.02 | Apr 8, 2019 | A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate input from a privileged user on a guest operating system, aka 'Windows Hyper-V Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-0690, CVE-2019-0701. | |||
| CVE-2019-0696 | 0.00 | — | 0.01 | Apr 8, 2019 | An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. | |||
| CVE-2019-0609 | 0.00 | — | 0.10 | Apr 8, 2019 | A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0639, CVE-2019-0680, CVE-2019-0769, CVE-2019-0770,… | |||
| CVE-2019-5922 | 0.00 | — | 0.05 | Mar 12, 2019 | Untrusted search path vulnerability in The installer of Microsoft Teams allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||
| CVE-2019-5921 | 0.00 | — | 0.05 | Mar 12, 2019 | Untrusted search path vulnerability in Windows 7 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||
| CVE-2019-0628 | 0.00 | — | 0.02 | Mar 6, 2019 | An information disclosure vulnerability exists when the win32k component improperly provides kernel information, aka 'Win32k Information Disclosure Vulnerability'. | |||
| CVE-2019-0600 | 0.00 | — | 0.02 | Mar 6, 2019 | An information disclosure vulnerability exists when the Human Interface Devices (HID) component improperly handles objects in memory, aka 'HID Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0601. | |||
| CVE-2019-0601 | 0.00 | — | 0.02 | Mar 6, 2019 | An information disclosure vulnerability exists when the Human Interface Devices (HID) component improperly handles objects in memory, aka 'HID Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0600. | |||
| CVE-2019-0621 | 0.00 | — | 0.02 | Mar 6, 2019 | An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0661, CVE-2019-0663. | |||
| CVE-2019-0743 | 0.00 | — | 0.02 | Mar 6, 2019 | A Cross-site Scripting (XSS) vulnerability exists when Team Foundation Server does not properly sanitize user provided input, aka 'Team Foundation Server Cross-site Scripting Vulnerability'. This CVE ID is unique from CVE-2019-0742. | |||
| CVE-2019-0742 | 0.00 | — | 0.02 | Mar 6, 2019 | A Cross-site Scripting (XSS) vulnerability exists when Team Foundation Server does not properly sanitize user provided input, aka 'Team Foundation Server Cross-site Scripting Vulnerability'. This CVE ID is unique from CVE-2019-0743. | |||
| CVE-2019-0741 | 0.00 | — | 0.07 | Mar 6, 2019 | An information disclosure vulnerability exists in the way Azure IoT Java SDK logs sensitive information, aka 'Azure IoT Java SDK Information Disclosure Vulnerability'. | |||
| CVE-2019-0729 | 0.00 | — | 0.03 | Mar 6, 2019 | An Elevation of Privilege vulnerability exists in the way Azure IoT Java SDK generates symmetric keys for encryption, allowing an attacker to predict the randomness of the key, aka 'Azure IoT Java SDK Elevation of Privilege Vulnerability'. | |||
| CVE-2019-0670 | 0.00 | — | 0.02 | Mar 6, 2019 | A spoofing vulnerability exists in Microsoft SharePoint when the application does not properly parse HTTP content, aka 'Microsoft SharePoint Spoofing Vulnerability'. | |||
| CVE-2019-0663 | 0.00 | — | 0.02 | Mar 6, 2019 | An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory.To exploit this vulnerability, an authenticated attacker could run a specially crafted application, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE… | |||
| CVE-2019-0661 | 0.00 | — | 0.02 | Mar 6, 2019 | An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0621, CVE-2019-0663. | |||
| CVE-2019-0659 | 0.00 | — | 0.01 | Mar 6, 2019 | An elevation of privilege vulnerability exists when the Storage Service improperly handles file operations, aka 'Windows Storage Service Elevation of Privilege Vulnerability'. | |||
| CVE-2019-0656 | 0.00 | — | 0.01 | Mar 6, 2019 | An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. | |||
| CVE-2019-0654 | 0.00 | — | 0.03 | Mar 6, 2019 | A spoofing vulnerability exists when Microsoft browsers improperly handles specific redirects, aka 'Microsoft Browser Spoofing Vulnerability'. | |||
| CVE-2019-0649 | 0.00 | — | 0.04 | Mar 6, 2019 | A vulnerability exists in Microsoft Chakra JIT server, aka 'Scripting Engine Elevation of Privileged Vulnerability'. | |||
| CVE-2019-0648 | 0.00 | — | 0.05 | Mar 6, 2019 | An information disclosure vulnerability exists when Chakra improperly discloses the contents of its memory, which could provide an attacker with information to further compromise the user's computer or data.To exploit the vulnerability, an attacker must know the memory address… | |||
| CVE-2019-0636 | 0.00 | — | 0.02 | Mar 6, 2019 | An information vulnerability exists when Windows improperly discloses file information, aka 'Windows Information Disclosure Vulnerability'. | |||
| CVE-2019-0635 | 0.00 | — | 0.02 | Mar 6, 2019 | An information disclosure vulnerability exists when Windows Hyper-V on a host operating system fails to properly validate input from an authenticated user on a guest operating system, aka 'Windows Hyper-V Information Disclosure Vulnerability'. | |||
| CVE-2019-0632 | 0.00 | — | 0.01 | Mar 6, 2019 | A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard, aka 'Windows Security Feature Bypass Vulnerability'. This CVE ID is unique from CVE-2019-0627, CVE-2019-0631. | |||
| CVE-2019-0631 | 0.00 | — | 0.01 | Mar 6, 2019 | A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard, aka 'Windows Security Feature Bypass Vulnerability'. This CVE ID is unique from CVE-2019-0627, CVE-2019-0632. | |||
| CVE-2019-0627 | 0.00 | — | 0.01 | Mar 6, 2019 | A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard, aka 'Windows Security Feature Bypass Vulnerability'. This CVE ID is unique from CVE-2019-0631, CVE-2019-0632. | |||
| CVE-2019-0624 | 0.00 | — | 0.01 | Jan 17, 2019 | A spoofing vulnerability exists when a Skype for Business 2015 server does not properly sanitize a specially crafted request, aka "Skype for Business 2015 Spoofing Vulnerability." This affects Skype. | |||
| CVE-2019-0646 | 0.00 | — | 0.01 | Jan 17, 2019 | A Cross-site Scripting (XSS) vulnerability exists when Team Foundation Server does not properly sanitize user provided input, aka "Team Foundation Server Cross-site Scripting Vulnerability." This affects Team. | |||
| CVE-2019-2538 | 0.00 | — | 0.01 | Jan 16, 2019 | Vulnerability in the Oracle Managed File Transfer component of Oracle Fusion Middleware (subcomponent: MFT Runtime Server). Supported versions that are affected are 19.1.0.0.0 and 12.2.1.3.0. Easily exploitable vulnerability allows low privileged attacker with network access via… | |||
| CVE-2019-0556 | 0.00 | — | 0.02 | Jan 8, 2019 | A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft Office SharePoint XSS Vulnerability." This affects Microsoft SharePoint. This CVE ID is… | |||
| CVE-2019-0549 | 0.00 | — | 0.02 | Jan 8, 2019 | An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019,… | |||
| CVE-2019-0550 | 0.00 | — | 0.04 | Jan 8, 2019 | A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system, aka "Windows Hyper-V Remote Code Execution Vulnerability." This affects Windows 10 Servers, Windows 10,… | |||
| CVE-2019-0551 | 0.00 | — | 0.04 | Jan 8, 2019 | A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system, aka "Windows Hyper-V Remote Code Execution Vulnerability." This affects Windows Server 2016, Windows 10,… | |||
| CVE-2019-0557 | 0.00 | — | 0.02 | Jan 8, 2019 | A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft Office SharePoint XSS Vulnerability." This affects Microsoft SharePoint. This CVE ID is… | |||
| CVE-2019-0622 | 0.00 | — | 0.02 | Jan 8, 2019 | An elevation of privilege vulnerability exists when Skype for Andriod fails to properly handle specific authentication requests, aka "Skype for Android Elevation of Privilege Vulnerability." This affects Skype 8.35. | |||
| CVE-2019-0588 | 0.00 | — | 0.05 | Jan 8, 2019 | An information disclosure vulnerability exists when the Microsoft Exchange PowerShell API grants calendar contributors more view permissions than intended, aka "Microsoft Exchange Information Disclosure Vulnerability." This affects Microsoft Exchange Server. | |||
| CVE-2019-0569 | 0.00 | — | 0.02 | Jan 8, 2019 | An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019,… |
- CVE-2019-0766Apr 9, 2019risk 0.00cvss —epss 0.01
An elevation of privilege vulnerability exists in Windows AppX Deployment Server that allows file creation in arbitrary locations. To exploit the vulnerability, an attacker would first have to log on to the system, aka 'Microsoft Windows Elevation of Privilege Vulnerability'.
- CVE-2019-0767Apr 9, 2019risk 0.00cvss —epss 0.02
An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory.To exploit this vulnerability, an authenticated attacker could run a specially crafted application, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE…
- CVE-2019-0701Apr 8, 2019risk 0.00cvss —epss 0.02
A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate input from a privileged user on a guest operating system, aka 'Windows Hyper-V Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-0690, CVE-2019-0695.
- CVE-2019-0702Apr 8, 2019risk 0.00cvss —epss 0.02
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0755, CVE-2019-0767, CVE-2019-0775, CVE-2019-0782.
- CVE-2019-0754Apr 8, 2019risk 0.00cvss —epss 0.02
A denial of service vulnerability exists when Windows improperly handles objects in memory, aka 'Windows Denial of Service Vulnerability'.
- CVE-2019-0755Apr 8, 2019risk 0.00cvss —epss 0.02
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0702, CVE-2019-0767, CVE-2019-0775, CVE-2019-0782.
- CVE-2019-0678Apr 8, 2019risk 0.00cvss —epss 0.06
An elevation of privilege vulnerability exists when Microsoft Edge does not properly enforce cross-domain policies, which could allow an attacker to access information from one domain and inject it into another domain.In a web-based attack scenario, an attacker could host a…
- CVE-2019-0682Apr 8, 2019risk 0.00cvss —epss 0.01
An elevation of privilege vulnerability exists due to an integer overflow in Windows Subsystem for Linux, aka 'Windows Subsystem for Linux Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0689, CVE-2019-0692, CVE-2019-0693, CVE-2019-0694.
- CVE-2019-0689Apr 8, 2019risk 0.00cvss —epss 0.01
An elevation of privilege vulnerability exists due to an integer overflow in Windows Subsystem for Linux, aka 'Windows Subsystem for Linux Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0682, CVE-2019-0692, CVE-2019-0693, CVE-2019-0694.
- CVE-2019-0690Apr 8, 2019risk 0.00cvss —epss 0.02
A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system, aka 'Windows Hyper-V Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-0695,…
- CVE-2019-0692Apr 8, 2019risk 0.00cvss —epss 0.01
An elevation of privilege vulnerability exists due to an integer overflow in Windows Subsystem for Linux, aka 'Windows Subsystem for Linux Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0682, CVE-2019-0689, CVE-2019-0693, CVE-2019-0694.
- CVE-2019-0693Apr 8, 2019risk 0.00cvss —epss 0.01
An elevation of privilege vulnerability exists due to an integer overflow in Windows Subsystem for Linux, aka 'Windows Subsystem for Linux Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0682, CVE-2019-0689, CVE-2019-0692, CVE-2019-0694.
- CVE-2019-0694Apr 8, 2019risk 0.00cvss —epss 0.01
An elevation of privilege vulnerability exists due to an integer overflow in Windows Subsystem for Linux, aka 'Windows Subsystem for Linux Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0682, CVE-2019-0689, CVE-2019-0692, CVE-2019-0693.
- CVE-2019-0695Apr 8, 2019risk 0.00cvss —epss 0.02
A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate input from a privileged user on a guest operating system, aka 'Windows Hyper-V Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-0690, CVE-2019-0701.
- CVE-2019-0696Apr 8, 2019risk 0.00cvss —epss 0.01
An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'.
- CVE-2019-0609Apr 8, 2019risk 0.00cvss —epss 0.10
A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0639, CVE-2019-0680, CVE-2019-0769, CVE-2019-0770,…
- CVE-2019-5922Mar 12, 2019risk 0.00cvss —epss 0.05
Untrusted search path vulnerability in The installer of Microsoft Teams allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
- CVE-2019-5921Mar 12, 2019risk 0.00cvss —epss 0.05
Untrusted search path vulnerability in Windows 7 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
- CVE-2019-0628Mar 6, 2019risk 0.00cvss —epss 0.02
An information disclosure vulnerability exists when the win32k component improperly provides kernel information, aka 'Win32k Information Disclosure Vulnerability'.
- CVE-2019-0600Mar 6, 2019risk 0.00cvss —epss 0.02
An information disclosure vulnerability exists when the Human Interface Devices (HID) component improperly handles objects in memory, aka 'HID Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0601.
- CVE-2019-0601Mar 6, 2019risk 0.00cvss —epss 0.02
An information disclosure vulnerability exists when the Human Interface Devices (HID) component improperly handles objects in memory, aka 'HID Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0600.
- CVE-2019-0621Mar 6, 2019risk 0.00cvss —epss 0.02
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0661, CVE-2019-0663.
- CVE-2019-0743Mar 6, 2019risk 0.00cvss —epss 0.02
A Cross-site Scripting (XSS) vulnerability exists when Team Foundation Server does not properly sanitize user provided input, aka 'Team Foundation Server Cross-site Scripting Vulnerability'. This CVE ID is unique from CVE-2019-0742.
- CVE-2019-0742Mar 6, 2019risk 0.00cvss —epss 0.02
A Cross-site Scripting (XSS) vulnerability exists when Team Foundation Server does not properly sanitize user provided input, aka 'Team Foundation Server Cross-site Scripting Vulnerability'. This CVE ID is unique from CVE-2019-0743.
- CVE-2019-0741Mar 6, 2019risk 0.00cvss —epss 0.07
An information disclosure vulnerability exists in the way Azure IoT Java SDK logs sensitive information, aka 'Azure IoT Java SDK Information Disclosure Vulnerability'.
- CVE-2019-0729Mar 6, 2019risk 0.00cvss —epss 0.03
An Elevation of Privilege vulnerability exists in the way Azure IoT Java SDK generates symmetric keys for encryption, allowing an attacker to predict the randomness of the key, aka 'Azure IoT Java SDK Elevation of Privilege Vulnerability'.
- CVE-2019-0670Mar 6, 2019risk 0.00cvss —epss 0.02
A spoofing vulnerability exists in Microsoft SharePoint when the application does not properly parse HTTP content, aka 'Microsoft SharePoint Spoofing Vulnerability'.
- CVE-2019-0663Mar 6, 2019risk 0.00cvss —epss 0.02
An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory.To exploit this vulnerability, an authenticated attacker could run a specially crafted application, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE…
- CVE-2019-0661Mar 6, 2019risk 0.00cvss —epss 0.02
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0621, CVE-2019-0663.
- CVE-2019-0659Mar 6, 2019risk 0.00cvss —epss 0.01
An elevation of privilege vulnerability exists when the Storage Service improperly handles file operations, aka 'Windows Storage Service Elevation of Privilege Vulnerability'.
- CVE-2019-0656Mar 6, 2019risk 0.00cvss —epss 0.01
An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'.
- CVE-2019-0654Mar 6, 2019risk 0.00cvss —epss 0.03
A spoofing vulnerability exists when Microsoft browsers improperly handles specific redirects, aka 'Microsoft Browser Spoofing Vulnerability'.
- CVE-2019-0649Mar 6, 2019risk 0.00cvss —epss 0.04
A vulnerability exists in Microsoft Chakra JIT server, aka 'Scripting Engine Elevation of Privileged Vulnerability'.
- CVE-2019-0648Mar 6, 2019risk 0.00cvss —epss 0.05
An information disclosure vulnerability exists when Chakra improperly discloses the contents of its memory, which could provide an attacker with information to further compromise the user's computer or data.To exploit the vulnerability, an attacker must know the memory address…
- CVE-2019-0636Mar 6, 2019risk 0.00cvss —epss 0.02
An information vulnerability exists when Windows improperly discloses file information, aka 'Windows Information Disclosure Vulnerability'.
- CVE-2019-0635Mar 6, 2019risk 0.00cvss —epss 0.02
An information disclosure vulnerability exists when Windows Hyper-V on a host operating system fails to properly validate input from an authenticated user on a guest operating system, aka 'Windows Hyper-V Information Disclosure Vulnerability'.
- CVE-2019-0632Mar 6, 2019risk 0.00cvss —epss 0.01
A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard, aka 'Windows Security Feature Bypass Vulnerability'. This CVE ID is unique from CVE-2019-0627, CVE-2019-0631.
- CVE-2019-0631Mar 6, 2019risk 0.00cvss —epss 0.01
A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard, aka 'Windows Security Feature Bypass Vulnerability'. This CVE ID is unique from CVE-2019-0627, CVE-2019-0632.
- CVE-2019-0627Mar 6, 2019risk 0.00cvss —epss 0.01
A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard, aka 'Windows Security Feature Bypass Vulnerability'. This CVE ID is unique from CVE-2019-0631, CVE-2019-0632.
- CVE-2019-0624Jan 17, 2019risk 0.00cvss —epss 0.01
A spoofing vulnerability exists when a Skype for Business 2015 server does not properly sanitize a specially crafted request, aka "Skype for Business 2015 Spoofing Vulnerability." This affects Skype.
- CVE-2019-0646Jan 17, 2019risk 0.00cvss —epss 0.01
A Cross-site Scripting (XSS) vulnerability exists when Team Foundation Server does not properly sanitize user provided input, aka "Team Foundation Server Cross-site Scripting Vulnerability." This affects Team.
- CVE-2019-2538Jan 16, 2019risk 0.00cvss —epss 0.01
Vulnerability in the Oracle Managed File Transfer component of Oracle Fusion Middleware (subcomponent: MFT Runtime Server). Supported versions that are affected are 19.1.0.0.0 and 12.2.1.3.0. Easily exploitable vulnerability allows low privileged attacker with network access via…
- CVE-2019-0556Jan 8, 2019risk 0.00cvss —epss 0.02
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft Office SharePoint XSS Vulnerability." This affects Microsoft SharePoint. This CVE ID is…
- CVE-2019-0549Jan 8, 2019risk 0.00cvss —epss 0.02
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019,…
- CVE-2019-0550Jan 8, 2019risk 0.00cvss —epss 0.04
A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system, aka "Windows Hyper-V Remote Code Execution Vulnerability." This affects Windows 10 Servers, Windows 10,…
- CVE-2019-0551Jan 8, 2019risk 0.00cvss —epss 0.04
A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system, aka "Windows Hyper-V Remote Code Execution Vulnerability." This affects Windows Server 2016, Windows 10,…
- CVE-2019-0557Jan 8, 2019risk 0.00cvss —epss 0.02
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft Office SharePoint XSS Vulnerability." This affects Microsoft SharePoint. This CVE ID is…
- CVE-2019-0622Jan 8, 2019risk 0.00cvss —epss 0.02
An elevation of privilege vulnerability exists when Skype for Andriod fails to properly handle specific authentication requests, aka "Skype for Android Elevation of Privilege Vulnerability." This affects Skype 8.35.
- CVE-2019-0588Jan 8, 2019risk 0.00cvss —epss 0.05
An information disclosure vulnerability exists when the Microsoft Exchange PowerShell API grants calendar contributors more view permissions than intended, aka "Microsoft Exchange Information Disclosure Vulnerability." This affects Microsoft Exchange Server.
- CVE-2019-0569Jan 8, 2019risk 0.00cvss —epss 0.02
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019,…
Page 270 of 284