105 matches found
CVE-2019-0793
Technical details about CVE-2019-0793 are not publicly available in the provided connected documents; monitor for updates.
CVE-2019-0791
CVE-2019-0791 is a remote code execution vulnerability in the Microsoft XML Core Services (MSXML) parser when it processes user input. The issue enables network-based exploitation with user interaction required, and is rated HIGH (CVSS v3.0: 8.8). The initial document does not specify a fixed pat...
CVE-2019-0795
Technical details for CVE-2019-0795 are not provided in the supplied documents; no affected products, root cause, impact, or remediation are stated. Monitor for updates from connected sources.
CVE-2019-0790
Technical details for CVE-2019-0790 are not provided in the supplied documents; no affected products, versions, root cause, or mitigations are listed. Monitor for updates.
MS XML Remote Code Execution Vulnerability
A remote code execution vulnerability exists when the Microsoft XML Core Services MSXML parser processes user input. An attacker who successfully exploited the vulnerability could run malicious code remotely to take control of the user’s system. To exploit the vulnerability, an attacker could hos...
April 9, 2019—KB4493458 (Security-only update)
April 9, 2019—KB4493458 Security-only update Improvements and fixes This security update includes quality improvements. Key changes include: Addresses an issue in which netdom.exe fails to run, and the error, “The command failed to complete successfully” appears. Addresses an issue that may cause...
April 9, 2019—KB4493448 (Security-only update)
April 9, 2019—KB4493448 Security-only update Improvements and fixes This security update includes quality improvements. Key changes include: Provides protections against Spectre Variant 2 CVE-2017-5715 and Meltdown CVE-2017-5754 for VIA-based computers. These protections are enabled by default fo...
Remote code execution
A remote code execution vulnerability exists when the Microsoft XML Core Services MSXML parser processes user input, aka 'MS XML Remote Code Execution Vulnerability'...
CVE-2019-0756
Affected component: Microsoft XML Core Services MSXML parser. Description from CVE-2019-0756 indicates a remote code execution vulnerability when the MSXML parser processes user input. Severity is high (CVSS v3 base 8.8; v2 base 9.3). The connected PRION/NVD entries reiterate the same advisory wi...
Microsoft Windows Multiple Vulnerabilities (KB4489899)
This host is missing a critical security update according to Microsoft KB4489899 Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This progra...
March 12, 2019—KB4489878 (Monthly Rollup)
March 12, 2019—KB4489878 Monthly Rollup Improvements and fixes This security update includes improvements and fixes that were a part of update KB4486565 released February 19, 2019 and addresses the following issues: Addresses an issue that may prevent the Event Viewer from showing some event...
Microsoft Windows 10 - XmlDocument Insecure Sharing Privilege Escalation Exploit
Exploit for windows platform in category local exploits Windows: XmlDocument Insecure Sharing Elevation of Privilege Platform: Windows 10 1809 almost certainly earlier versions as well. Class: Elevation of Privilege Security Boundary per Windows Security Service Criteria: AppContainer Sandbox...
Microsoft Windows 10 - XmlDocument Insecure Sharing Privilege Escalation
Microsoft Windows 10 - XmlDocument Insecure Sharing Privilege Escalation Windows: XmlDocument Insecure Sharing Elevation of Privilege Platform: Windows 10 1809 almost certainly earlier versions as well. Class: Elevation of Privilege Security Boundary per Windows Security Service Criteria:...
January 8, 2019—KB4480972 (Security-only update)
January 8, 2019—KB4480972 Security-only update Improvements and fixes This security update includes quality improvements. No new operating system features are being introduced in this update. Key changes include: Provides protections against an additional subclass of speculative execution...
January 8, 2019—KB4480973 (OS Build 15063.1563)
January 8, 2019—KB4480973 OS Build 15063.1563 Windows 10, version 1703, reached end of service on October 8, 2018 . Devices running Windows 10 Home, Pro, Pro for Workstation, and IoT Core editions will no longer receive monthly security and quality updates that contain protection from the latest...
January 8, 2019—KB4480963 (Monthly Rollup)
January 8, 2019—KB4480963 Monthly Rollup Improvements and fixes This security update addresses the following issues: Provides protections against an additional subclass of speculative execution side-channel vulnerability known as Speculative Store Bypass CVE-2018-3639 for AMD-based computers. The...
January 8, 2019—KB4480966 (OS Build 17134.523)
January 8, 2019—KB4480966 OS Build 17134.523 Improvements and fixes This update includes quality improvements. No new operating system features are being introduced in this update. Key changes include: Addresses an issue that affects PowerShell remoting loop back using non-administrator accounts...
January 8, 2019—KB4480975 (Monthly Rollup)
January 8, 2019—KB4480975 Monthly Rollup Improvements and fixes This security update addresses the following issues: Provides protections against an additional subclass of speculative execution side-channel vulnerability known as Speculative Store Bypass CVE-2018-3639 for AMD-based computers. The...
VBScript - MSXML Execution Policy Bypass Exploit
According to https://blogs.windows.com/msedgedev/2017/07/07/update-disabling-vbscript-internet-explorer-11/, Starting from Windows 10 Fall Creators Update, VBScript execution in IE 11 should be disabled for websites in the Internet Zone and the Restricted Sites Zone by default. However, the...
VBScript - MSXML Execution Policy Bypass
VBScript - MSXML Execution Policy Bypass According to https://blogs.windows.com/msedgedev/2017/07/07/update-disabling-vbscript-internet-explorer-11/, Starting from Windows 10 Fall Creators Update, VBScript execution in IE 11 should be disabled for websites in the Internet Zone and the Restricted...