VYPR

Vendor CVEs

Microsoft

All CVEs

14,318 total · sorted by risk
  • CVE-2019-1285HigSep 11, 2019
    risk 0.51cvss 7.8epss 0.01

    An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1256.

  • CVE-2019-1284HigSep 11, 2019
    risk 0.51cvss 7.8epss 0.01

    An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory, aka 'DirectX Elevation of Privilege Vulnerability'.

  • CVE-2019-1278HigSep 11, 2019
    risk 0.51cvss 7.8epss 0.01

    An elevation of privilege vulnerability exists in the way that the unistore.dll handles objects in memory, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1215, CVE-2019-1253, CVE-2019-1303.

  • CVE-2019-1277HigSep 11, 2019
    risk 0.51cvss 7.8epss 0.01

    An elevation of privilege vulnerability exists in Windows Audio Service when a malformed parameter is processed, aka 'Windows Audio Service Elevation of Privilege Vulnerability'.

  • CVE-2019-1272HigSep 11, 2019
    risk 0.51cvss 7.8epss 0.01

    An elevation of privilege vulnerability exists when Windows improperly handles calls to Advanced Local Procedure Call (ALPC).An attacker who successfully exploited this vulnerability could run arbitrary code in the security context of the local system, aka 'Windows ALPC…

  • CVE-2019-1271HigSep 11, 2019
    risk 0.51cvss 7.8epss 0.01

    An elevation of privilege exists in hdAudio.sys which may lead to an out of band write, aka 'Windows Media Elevation of Privilege Vulnerability'.

  • CVE-2019-1269HigSep 11, 2019
    risk 0.51cvss 7.8epss 0.01

    An elevation of privilege vulnerability exists when Windows improperly handles calls to Advanced Local Procedure Call (ALPC).An attacker who successfully exploited this vulnerability could run arbitrary code in the security context of the local system, aka 'Windows ALPC…

  • CVE-2019-1268HigSep 11, 2019
    risk 0.51cvss 7.8epss 0.01

    An elevation of privilege exists when Winlogon does not properly handle file path information, aka 'Winlogon Elevation of Privilege Vulnerability'.

  • CVE-2019-1267HigSep 11, 2019
    risk 0.51cvss 7.8epss 0.01

    An elevation of privilege vulnerability exists in Microsoft Compatibility Appraiser where a configuration file, with local privileges, is vulnerable to symbolic link and hard link attacks, aka 'Microsoft Compatibility Appraiser Elevation of Privilege Vulnerability'.

  • CVE-2019-1264HigSep 11, 2019
    risk 0.51cvss 7.8epss 0.04

    A security feature bypass vulnerability exists when Microsoft Office improperly handles input, aka 'Microsoft Office Security Feature Bypass Vulnerability'.

  • CVE-2019-1256HigSep 11, 2019
    risk 0.51cvss 7.8epss 0.01

    An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1285.

  • CVE-2019-1235HigSep 11, 2019
    risk 0.51cvss 7.8epss 0.01

    An elevation of privilege vulnerability exists in Windows Text Service Framework (TSF) when the TSF server process does not validate the source of input or commands it receives, aka 'Windows Text Service Framework Elevation of Privilege Vulnerability'.

  • CVE-2019-1232HigSep 11, 2019
    risk 0.51cvss 7.8epss 0.01

    An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector Service improperly impersonates certain file operations, aka 'Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability'.

  • CVE-2019-1201HigAug 14, 2019
    risk 0.51cvss 7.8epss 0.05

    A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user.…

  • CVE-2019-1200HigAug 14, 2019
    risk 0.51cvss 7.8epss 0.05

    A remote code execution vulnerability exists in Microsoft Outlook software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current…

  • CVE-2019-1199HigAug 14, 2019
    risk 0.51cvss 7.8epss 0.05

    A remote code execution vulnerability exists in Microsoft Outlook when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on…

  • CVE-2019-1190HigAug 14, 2019
    risk 0.51cvss 7.8epss 0.01

    An elevation of privilege vulnerability exists in the way that the Windows kernel image handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. To exploit the vulnerability, a locally authenticated…

  • CVE-2019-1169HigAug 14, 2019
    risk 0.51cvss 7.8epss 0.01

    An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs;…

  • CVE-2019-1168HigAug 14, 2019
    risk 0.51cvss 7.8epss 0.01

    An elevation of privilege exists in the p2pimsvc service where an attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then…

  • CVE-2019-1164HigAug 14, 2019
    risk 0.51cvss 7.8epss 0.01

    An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete…

  • CVE-2019-1162HigAug 14, 2019
    risk 0.51cvss 7.8epss 0.01

    An elevation of privilege vulnerability exists when Windows improperly handles calls to Advanced Local Procedure Call (ALPC). An attacker who successfully exploited this vulnerability could run arbitrary code in the security context of the local system. An attacker could then…

  • CVE-2019-1157HigAug 14, 2019
    risk 0.51cvss 7.8epss 0.04

    A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by…

  • CVE-2019-1156HigAug 14, 2019
    risk 0.51cvss 7.8epss 0.04

    A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by…

  • CVE-2019-1155HigAug 14, 2019
    risk 0.51cvss 7.8epss 0.04

    A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by…

  • CVE-2019-1147HigAug 14, 2019
    risk 0.51cvss 7.8epss 0.04

    A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by…

  • CVE-2019-1146HigAug 14, 2019
    risk 0.51cvss 7.8epss 0.04

    A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by…

  • CVE-2019-1090HigJul 15, 2019
    risk 0.51cvss 7.8epss 0.01

    An elevation of privilege vulnerability exists in the way that the dnsrslvr.dll handles objects in memory, aka 'Windows dnsrlvr.dll Elevation of Privilege Vulnerability'.

  • CVE-2019-1088HigJul 15, 2019
    risk 0.51cvss 7.8epss 0.01

    An elevation of privilege exists in Windows Audio Service, aka 'Windows Audio Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1086, CVE-2019-1087.

  • CVE-2019-1087HigJul 15, 2019
    risk 0.51cvss 7.8epss 0.01

    An elevation of privilege exists in Windows Audio Service, aka 'Windows Audio Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1086, CVE-2019-1088.

  • CVE-2019-1086HigJul 15, 2019
    risk 0.51cvss 7.8epss 0.01

    An elevation of privilege exists in Windows Audio Service, aka 'Windows Audio Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1087, CVE-2019-1088.

  • CVE-2019-1085HigJul 15, 2019
    risk 0.51cvss 7.8epss 0.01

    An elevation of privilege vulnerability exists in the way that the wlansvc.dll handles objects in memory, aka 'Windows WLAN Service Elevation of Privilege Vulnerability'.

  • CVE-2019-1082HigJul 15, 2019
    risk 0.51cvss 7.8epss 0.01

    An elevation of privilege vulnerability exists in Microsoft Windows where a certain DLL, with Local Service privilege, is vulnerable to race planting a customized DLL.An attacker who successfully exploited this vulnerability could potentially elevate privilege to SYSTEM.The…

  • CVE-2019-1067HigJul 15, 2019
    risk 0.51cvss 7.8epss 0.01

    An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'.

  • CVE-2019-0999HigJul 15, 2019
    risk 0.51cvss 7.8epss 0.01

    An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory, aka 'DirectX Elevation of Privilege Vulnerability'.

  • CVE-2019-1065HigJun 12, 2019
    risk 0.51cvss 7.8epss 0.01

    An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete…

  • CVE-2019-1045HigJun 12, 2019
    risk 0.51cvss 7.8epss 0.01

    An elevation of privilege vulnerability exists in the way that the Windows Network File System (NFS) handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. To exploit the vulnerability, a locally…

  • CVE-2019-1035HigJun 12, 2019
    risk 0.51cvss 7.8epss 0.07

    A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user.…

  • CVE-2019-1034HigJun 12, 2019
    risk 0.51cvss 7.8epss 0.05

    A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user.…

  • CVE-2019-1028HigJun 12, 2019
    risk 0.51cvss 7.8epss 0.01

    An elevation of privilege exists in Windows Audio Service. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges. To exploit the vulnerability, an attacker could run a specially crafted application that could exploit the…

  • CVE-2019-1027HigJun 12, 2019
    risk 0.51cvss 7.8epss 0.01

    An elevation of privilege exists in Windows Audio Service. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges. To exploit the vulnerability, an attacker could run a specially crafted application that could exploit the…

  • CVE-2019-1026HigJun 12, 2019
    risk 0.51cvss 7.8epss 0.01

    An elevation of privilege exists in Windows Audio Service. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges. To exploit the vulnerability, an attacker could run a specially crafted application that could exploit the…

  • CVE-2019-1022HigJun 12, 2019
    risk 0.51cvss 7.8epss 0.01

    An elevation of privilege exists in Windows Audio Service. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges. To exploit the vulnerability, an attacker could run a specially crafted application that could exploit the…

  • CVE-2019-1021HigJun 12, 2019
    risk 0.51cvss 7.8epss 0.01

    An elevation of privilege exists in Windows Audio Service. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges. To exploit the vulnerability, an attacker could run a specially crafted application that could exploit the…

  • CVE-2019-1007HigJun 12, 2019
    risk 0.51cvss 7.8epss 0.01

    An elevation of privilege exists in Windows Audio Service. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges. To exploit the vulnerability, an attacker could run a specially crafted application that could exploit the…

  • CVE-2019-0998HigJun 12, 2019
    risk 0.51cvss 7.8epss 0.01

    An elevation of privilege vulnerability exists when the Storage Service improperly handles file operations. An attacker who successfully exploited this vulnerability could gain elevated privileges on the victim system. To exploit the vulnerability, an attacker would first have…

  • CVE-2019-0985HigJun 12, 2019
    risk 0.51cvss 7.8epss 0.04

    A remote code execution vulnerability exists when the Microsoft Speech API (SAPI) improperly handles text-to-speech (TTS) input. The vulnerability could corrupt memory in a way that enables an attacker to execute arbitrary code in the context of the current user. To exploit the…

  • CVE-2019-0983HigJun 12, 2019
    risk 0.51cvss 7.8epss 0.01

    An elevation of privilege vulnerability exists when the Storage Service improperly handles file operations. An attacker who successfully exploited this vulnerability could gain elevated privileges on the victim system. To exploit the vulnerability, an attacker would first have…

  • CVE-2019-0974HigJun 12, 2019
    risk 0.51cvss 7.8epss 0.04

    A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by…

  • CVE-2019-0973HigJun 12, 2019
    risk 0.51cvss 7.8epss 0.01

    An elevation of privilege vulnerability exists in the Windows Installer when the Windows Installer fails to properly sanitize input leading to an insecure library loading behavior. A locally authenticated attacker could run arbitrary code with elevated system privileges. An…

  • CVE-2019-0908HigJun 12, 2019
    risk 0.51cvss 7.8epss 0.05

    A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by…

Page 98 of 287