Total
3924 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-0174 | 1 Microsoft | 7 Windows 10, Windows 7, Windows 8.1 and 4 more | 2019-10-03 | 6.1 MEDIUM | 6.5 MEDIUM |
| Windows NetBIOS in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows a denial of service vulnerability when it improperly handles NetBIOS packets, aka "Windows NetBIOS Denial of Service Vulnerability". | |||||
| CVE-2018-0868 | 1 Microsoft | 7 Windows 10, Windows 7, Windows 8.1 and 4 more | 2019-10-03 | 6.9 MEDIUM | 7.0 HIGH |
| Windows Installer in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege vulnerability due to how input is sanitized, aka "Windows Installer Elevation of Privilege Vulnerability". | |||||
| CVE-2017-0191 | 1 Microsoft | 7 Windows 10, Windows 7, Windows 8.1 and 4 more | 2019-10-03 | 3.5 LOW | 5.8 MEDIUM |
| A denial of service vulnerability exists in the way that Windows 7, Windows 8.1, Windows 10, Windows Server 2008 R2, Windows Server 2012, Windows Server 2012 R2, and Windows Server 2016 handles objects in memory. An attacker who successfully exploited the vulnerability could cause a target system to stop responding, aka "Windows Denial of Service Vulnerability." | |||||
| CVE-2017-0246 | 1 Microsoft | 7 Windows 10, Windows 7, Windows 8.1 and 4 more | 2019-10-03 | 6.9 MEDIUM | 7.0 HIGH |
| The Graphics Component in the kernel-mode drivers in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows local users to gain privileges via a crafted application or in Windows 7 for x64-based Systems and later, cause denial of service, aka "Win32k Elevation of Privilege Vulnerability." | |||||
| CVE-2017-11771 | 1 Microsoft | 7 Windows 10, Windows 7, Windows 8.1 and 4 more | 2019-10-03 | 10.0 HIGH | 9.8 CRITICAL |
| The Microsoft Windows Search component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows a remote code execution vulnerability when it fails to properly handle DNS responses, aka "Windows Search Remote Code Execution Vulnerability". | |||||
| CVE-2019-0928 | 1 Microsoft | 2 Windows 10, Windows Server 2016 | 2019-09-12 | 5.5 MEDIUM | 6.2 MEDIUM |
| A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate input from a privileged user on a guest operating system, aka 'Windows Hyper-V Denial of Service Vulnerability'. | |||||
| CVE-2019-1293 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2019-09-12 | 2.1 LOW | 5.5 MEDIUM |
| An information disclosure vulnerability exists in Windows when the Windows SMB Client kernel-mode driver fails to properly handle objects in memory, aka 'Windows SMB Client Driver Information Disclosure Vulnerability'. | |||||
| CVE-2019-1251 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2019-09-12 | 2.1 LOW | 5.5 MEDIUM |
| An information disclosure vulnerability exists when DirectWrite improperly discloses the contents of its memory, aka 'DirectWrite Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1244, CVE-2019-1245. | |||||
| CVE-2019-1219 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2019-09-12 | 2.1 LOW | 5.5 MEDIUM |
| An information disclosure vulnerability exists when the Windows Transaction Manager improperly handles objects in memory, aka 'Windows Transaction Manager Information Disclosure Vulnerability'. | |||||
| CVE-2019-1252 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2019-09-12 | 4.3 MEDIUM | 6.5 MEDIUM |
| An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1286. | |||||
| CVE-2019-1245 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2019-09-12 | 4.3 MEDIUM | 6.5 MEDIUM |
| An information disclosure vulnerability exists when DirectWrite improperly discloses the contents of its memory, aka 'DirectWrite Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1244, CVE-2019-1251. | |||||
| CVE-2019-1286 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2019-09-12 | 4.3 MEDIUM | 6.5 MEDIUM |
| An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1252. | |||||
| CVE-2019-1244 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2019-09-12 | 4.3 MEDIUM | 6.5 MEDIUM |
| An information disclosure vulnerability exists when DirectWrite improperly discloses the contents of its memory, aka 'DirectWrite Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1245, CVE-2019-1251. | |||||
| CVE-2019-1216 | 1 Microsoft | 7 Windows 10, Windows 7, Windows 8.1 and 4 more | 2019-09-12 | 2.1 LOW | 5.5 MEDIUM |
| An information disclosure vulnerability exists when DirectX improperly handles objects in memory, aka 'DirectX Information Disclosure Vulnerability'. | |||||
| CVE-2019-1273 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2019-09-12 | 3.5 LOW | 5.4 MEDIUM |
| A cross-site-scripting (XSS) vulnerability exists when Active Directory Federation Services (ADFS) does not properly sanitize certain error messages, aka 'Active Directory Federation Services XSS Vulnerability'. | |||||
| CVE-2019-1113 | 1 Microsoft | 10 .net Framework, Visual Studio 2017, Windows 10 and 7 more | 2019-07-19 | 6.8 MEDIUM | 8.8 HIGH |
| A remote code execution vulnerability exists in .NET software when the software fails to check the source markup of a file.An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user, aka '.NET Framework Remote Code Execution Vulnerability'. | |||||
| CVE-2019-0811 | 1 Microsoft | 3 Windows Server 2012, Windows Server 2016, Windows Server 2019 | 2019-07-19 | 5.0 MEDIUM | 7.5 HIGH |
| A denial of service vulnerability exists in Windows DNS Server when it fails to properly handle DNS queries, aka 'Windows DNS Server Denial of Service Vulnerability'. | |||||
| CVE-2019-0966 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2019-07-18 | 5.5 MEDIUM | 6.8 MEDIUM |
| A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate input from a privileged user on a guest operating system, aka 'Windows Hyper-V Denial of Service Vulnerability'. | |||||
| CVE-2019-1083 | 1 Microsoft | 9 .net Framework, Windows 10, Windows 7 and 6 more | 2019-07-17 | 5.0 MEDIUM | 7.5 HIGH |
| A denial of service vulnerability exists when Microsoft Common Object Runtime Library improperly handles web requests, aka '.NET Denial of Service Vulnerability'. | |||||
| CVE-2019-1091 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2019-07-17 | 2.1 LOW | 5.5 MEDIUM |
| An information disclosure vulnerability exists when Unistore.dll fails to properly handle objects in memory, aka 'Microsoft unistore.dll Information Disclosure Vulnerability'. | |||||