Microsoft Windows Graphics Device Interface Information Disclosure Vulnerability (CNVD-2019-41635)

Microsoft Windows and Microsoft Windows Server are both products of Microsoft Corporation.Microsoft Windows is an operating system for personal devices.Microsoft Windows Server is a server operating system. Windows Graphics Device Interface GDI is one of the graphic device interfaces. An...

Microsoft Windows and Microsoft Windows Server Denial of Service Vulnerabilities

Microsoft Windows and Microsoft Windows Server are both products of Microsoft Corporation.Microsoft Windows is an operating system for personal devices.Microsoft Windows Server is a server operating system. A denial of service vulnerability exists in Microsoft Windows and Windows Server, which...

PT-2019-3918

Name of the Vulnerable Software and Affected Versions Windows Hyper-V affected versions not specified Description The issue is related to insufficient input validation in the Hyper-V hardware virtualization system of the Windows operating system. It may allow a remote attacker to execute arbitrar...

PT-2019-3924 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Microsoft Windows affected versions not specified Description: The issue is related to errors in handling objects in memory in the Win32k component of Windows operating systems. It allows an attacker to execute arbitrary code using a speciall...

PT-2019-3913

Name of the Vulnerable Software and Affected Versions Windows affected versions not specified Description The issue is related to errors in handling objects in memory in the Win32k component of Windows operating systems. It allows an attacker to potentially elevate their privileges using a...

The vulnerability in the implementation of the Secure Boot protocol for operating systems with Windows, which allows a perpetrator to disclose protected information

The vulnerability of the Secure Boot protocol for loading operating systems on Windows is related to errors in accessing debugging functions during the loading process. Exploiting this vulnerability can allow an attacker to disclose sensitive information that is protected by the security measures...

Philips IntelliSpace Perinatal Unauthorized Access Vulnerability

Philips IntelliSpace Perinatal is the European Philips Philips set of obstetric care information management solutions for the healthcare industry. An unauthorized access vulnerability exists in Philips IntelliSpace Perinatal K and prior versions, which can be exploited by an attacker to bypass...

CVE-2019-13546

In IntelliSpace Perinatal, Versions K and prior, a vulnerability within the IntelliSpace Perinatal application environment could enable an unauthorized attacker with physical access to a locked application screen, or an authorized remote desktop session host application user to break-out from the...

Design/Logic Flaw

In IntelliSpace Perinatal, Versions K and prior, a vulnerability within the IntelliSpace Perinatal application environment could enable an unauthorized attacker with physical access to a locked application screen, or an authorized remote desktop session host application user to break-out from the...

CVE-2019-13546

Philips IntelliSpace Perinatal (Versions K and prior) is affected by CVE-2019-13546 (Exposure of Resource to Wrong Sphere). The vulnerability allows a local attacker with physical access to a locked application screen, or a user in a remote desktop session, to escape the application containment a...

CVE-2019-13546

In IntelliSpace Perinatal, Versions K and prior, a vulnerability within the IntelliSpace Perinatal application environment could enable an unauthorized attacker with physical access to a locked application screen, or an authorized remote desktop session host application user to break-out from the...

CAD Mini Home Decor has a memory corruption vulnerability

CAD Mini Home is an interior design CAD software tools, support for WinXp, Win2003, WinVista, Win 7 and other systems. CAD Mini Home Furnishings tool has a memory corruption vulnerability when dealing with BMP images. An attacker can cause the program to crash by constructing a malformed BMP imag...

The vulnerability of the umpo.dll component of the Windows operating system’s Power Service allows a hacker to gain elevated privileges.

The vulnerability of the umpo.dll component of the Windows Power Service lies in its handling of the registry key recovery function. Exploiting this vulnerability can allow attackers to enhance their privileges by deleting the registry key...

The vulnerability of the Windows Error Reporting service on Windows operating systems allows a hacker to increase their privileges.

The vulnerability of the Windows Error Reporting service on Windows operating systems is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to enhance their privileges through a specially created application...

The vulnerability of the Windows operating system, related to errors in handling symbolic links, allows a perpetrator to trigger a service failure.

The vulnerability of the Windows operating system is related to errors in handling symbolic links. Exploiting this vulnerability can allow an attacker to cause a service failure...

Microsoft Internet Explorer Remote Code Execution Vulnerability (CNVD-2019-35571)

Microsoft Internet Explorer IE is a Web browser that comes with the Windows operating system from Microsoft Corporation.VBScript Engine is one of the VBScript scripting language engines. A remote code execution vulnerability exists in the way the VBScript Engine handles memory objects in Microsof...

Microsoft Windows and Microsoft Windows Server IIS Server Privilege Elevation Vulnerability

Microsoft Windows and Microsoft Windows Server are both products of Microsoft Corporation, USA.Microsoft Windows is a set of operating systems for personal devices.Microsoft Windows Server is a set of server operating systems.IIS Server is one of the IIS Internet Information Services servers...

PT-2019-3515 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Microsoft Windows affected versions not specified Description: The issue is related to insufficient authentication in Windows operating systems, allowing an attacker to potentially elevate their privileges by running a specially crafted...

The vulnerability of the Jet Database Engine database management system in the Windows operating system allows a hacker to execute arbitrary code.

The vulnerability of the Jet Database Engine database management system for the Windows operating system is related to errors in object handling in memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code using a specially created file...

The vulnerability of the DirectWrite programming interface in Windows operating systems allows attackers to gain unauthorized access to protected information.

The vulnerability of the DirectWrite programming interface in Windows operating systems is related to errors in object handling in memory. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to protected information by opening a specially...