323 matches found
CVE-2019-1152
A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; ...
CVE-2019-1419
A remote code execution vulnerability exists in Microsoft Windows when the Windows Adobe Type Manager Library improperly handles specially crafted OpenType fonts, aka 'OpenType Font Parsing Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1456.
CVE-2019-0838
An information disclosure vulnerability exists when Windows Task Scheduler improperly discloses credentials to Windows Credential Manager, aka 'Windows Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0839.
CVE-2019-1453
A denial of service vulnerability exists in Remote Desktop Protocol (RDP) when an attacker connects to the target system using RDP and sends specially crafted requests, aka 'Windows Remote Desktop Protocol (RDP) Denial of Service Vulnerability'.
CVE-2019-1467
An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1465, CVE-2019-1466.
CVE-2019-0600
An information disclosure vulnerability exists when the Human Interface Devices (HID) component improperly handles objects in memory, aka 'HID Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0601.
CVE-2019-0774
An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0614.
CVE-2019-1095
An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1094, CVE-2019-1098, CVE-2019-1099, CVE-2019-1100, CVE-2019-1101, CVE-2019-1116.
CVE-2019-1333
A remote code execution vulnerability exists in the Windows Remote Desktop Client when a user connects to a malicious server, aka 'Remote Desktop Client Remote Code Execution Vulnerability'.
CVE-2019-1087
An elevation of privilege exists in Windows Audio Service, aka 'Windows Audio Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1086, CVE-2019-1088.
CVE-2019-0907
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.An attacker could exploit this vulnerability by enticing a victim to open...
CVE-2019-1148
An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system.To exploit this vulnerability, an attacker wou...
CVE-2019-0899
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0889, CVE-2019-0890, CVE-2019-0891, CVE-2019-0893, CVE-2019-0894, CVE-2019-0895,...
CVE-2019-0974
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.An attacker could exploit this vulnerability by enticing a victim to open...
CVE-2019-1010
An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system.There are multiple ways an attacker could exploit ...
CVE-2019-0909
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.An attacker could exploit this vulnerability by enticing a victim to open...
CVE-2019-1057
A remote code execution vulnerability exists when the Microsoft XML Core Services MSXML parser processes user input. An attacker who successfully exploited the vulnerability could run malicious code remotely to take control of the user’s system.To exploit the vulnerability, an attacker could host a...
CVE-2019-1157
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.An attacker could exploit this vulnerability by enticing a victim to open...
CVE-2019-1159
An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new ...
CVE-2019-0720
A remote code execution vulnerability exists when Windows Hyper-V Network Switch on a host server fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker could run a specially crafted application on a guest operating system ...
CVE-2019-0754
A denial of service vulnerability exists when Windows improperly handles objects in memory, aka 'Windows Denial of Service Vulnerability'.
CVE-2019-0905
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.An attacker could exploit this vulnerability by enticing a victim to open...
CVE-2019-1147
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.An attacker could exploit this vulnerability by enticing a victim to open...
CVE-2019-0603
A remote code execution vulnerability exists in the way that Windows Deployment Services TFTP Server handles objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code with elevated permissions on a target system. To exploit the vulnerability, an attack...
CVE-2019-0714
A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system. An attacker who successfully exploited the vulnerability could cause the host server to crash.To exploit the vulnerabi...
CVE-2019-0716
A denial of service vulnerability exists when Windows improperly handles objects in memory. An attacker who successfully exploited the vulnerability could cause a target system to stop responding.To exploit this vulnerability, an attacker would have to log on to an affected system and run a special...
CVE-2019-0890
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0889, CVE-2019-0891, CVE-2019-0893, CVE-2019-0894, CVE-2019-0895, CVE-2019-0896,...
CVE-2019-0891
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0889, CVE-2019-0890, CVE-2019-0893, CVE-2019-0894, CVE-2019-0895, CVE-2019-0896,...
CVE-2019-0897
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0889, CVE-2019-0890, CVE-2019-0891, CVE-2019-0893, CVE-2019-0894, CVE-2019-0895,...
CVE-2019-1039
An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory.To exploit this vulnerability, an authenticated attacker could run a specially crafted application. An attacker who successfully exploited this vulnerability could obtain information to f...
CVE-2019-1245
An information disclosure vulnerability exists when DirectWrite improperly discloses the contents of its memory, aka 'DirectWrite Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1244, CVE-2019-1251.
CVE-2019-1362
An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1364.
CVE-2019-1146
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.An attacker could exploit this vulnerability by enticing a victim to open...
CVE-2019-1012
An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system.There are multiple ways an attacker could exploit ...
CVE-2019-1243
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1240, CVE-2019-1241, CVE-2019-1242, CVE-2019-1246, CVE-2019-1247, CVE-2019-1248,...
CVE-2019-1290
A remote code execution vulnerability exists in the Windows Remote Desktop Client when a user connects to a malicious server, aka 'Remote Desktop Client Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0787, CVE-2019-0788, CVE-2019-1291.
CVE-2019-0898
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0889, CVE-2019-0890, CVE-2019-0891, CVE-2019-0893, CVE-2019-0894, CVE-2019-0895,...
CVE-2019-0908
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.An attacker could exploit this vulnerability by enticing a victim to open...
CVE-2019-1014
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; o...
CVE-2019-1164
An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new ...
CVE-2019-1183
This information is being revised to indicate that this CVE (CVE-2019-1183) is fully mitigated by the security updates for the vulnerability discussed in CVE-2019-1194. No update is required.
CVE-2019-1484
A remote code execution vulnerability exists when Microsoft Windows OLE fails to properly validate user input, aka 'Windows OLE Remote Code Execution Vulnerability'.
CVE-2019-1285
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1256.
CVE-2019-0888
A remote code execution vulnerability exists in the way that ActiveX Data Objects (ADO) handle objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code with the victim user’s privileges.An attacker could craft a website that exploits the vulnerability...
CVE-2019-0896
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0889, CVE-2019-0890, CVE-2019-0891, CVE-2019-0893, CVE-2019-0894, CVE-2019-0895,...
CVE-2019-0936
An elevation of privilege vulnerability exists in Microsoft Windows when Windows fails to properly handle certain symbolic links, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0734.
CVE-2019-0972
This security update corrects a denial of service in the Local Security Authority Subsystem Service (LSASS) caused when an authenticated attacker sends a specially crafted authentication request. A remote attacker who successfully exploited this vulnerability could cause a denial of service on the ...
CVE-2019-1025
A denial of service vulnerability exists when Windows improperly handles objects in memory. An attacker who successfully exploited the vulnerability could cause a target system to stop responding.To exploit this vulnerability, an attacker would have to log on to an affected system and run a special...
CVE-2019-1043
A remote code execution vulnerability exists in the way that comctl32.dll handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could ...
CVE-2019-1108
An information disclosure vulnerability exists when the Windows RDP client improperly discloses the contents of its memory, aka 'Remote Desktop Protocol Client Information Disclosure Vulnerability'.