Lucene search

K
MicrosoftWindows Server 1803

116 matches found

CVE
CVE
added 2019/09/03 6:15 p.m.590 views

CVE-2019-1125

An information disclosure vulnerability exists when certain central processing units (CPU) speculatively access memory. An attacker who successfully exploited the vulnerability could read privileged data across trust boundaries.To exploit this vulnerability, an attacker would have to log on to an a...

5.6CVSS6.8AI score0.15102EPSS
CVE
CVE
added 2019/06/12 2:29 p.m.251 views

CVE-2019-1040

A tampering vulnerability exists in Microsoft Windows when a man-in-the-middle attacker is able to successfully bypass the NTLM MIC (Message Integrity Check) protection. An attacker who successfully exploited this vulnerability could gain the ability to downgrade NTLM security features.To exploit t...

5.9CVSS6.7AI score0.9061EPSS
CVE
CVE
added 2019/07/15 7:15 p.m.241 views

CVE-2019-1073

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1071.

5.5CVSS5.8AI score0.00349EPSS
CVE
CVE
added 2019/04/09 9:29 p.m.238 views

CVE-2019-0796

An elevation of privilege vulnerability exists when Windows improperly handles calls to the LUAFV driver (luafv.sys), aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0730, CVE-2019-0731, CVE-2019-0805, CVE-2019-0836, CVE-2019-0841.

5.5CVSS6.7AI score0.85917EPSS
CVE
CVE
added 2019/07/15 7:15 p.m.176 views

CVE-2019-1096

An information disclosure vulnerability exists when the win32k component improperly provides kernel information, aka 'Win32k Information Disclosure Vulnerability'.

5.5CVSS5.6AI score0.23126EPSS
CVE
CVE
added 2019/07/15 7:15 p.m.172 views

CVE-2019-1091

An information disclosure vulnerability exists when Unistore.dll fails to properly handle objects in memory, aka 'Microsoft unistore.dll Information Disclosure Vulnerability'.

5.5CVSS5.8AI score0.00933EPSS
CVE
CVE
added 2019/07/15 7:15 p.m.160 views

CVE-2019-1071

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1073.

5.5CVSS5.8AI score0.00349EPSS
CVE
CVE
added 2019/09/11 10:15 p.m.150 views

CVE-2019-1289

An elevation of privilege vulnerability exists when the Windows Update Delivery Optimization does not properly enforce file share permissions, aka 'Windows Update Delivery Optimization Elevation of Privilege Vulnerability'.

5.5CVSS6.7AI score0.00212EPSS
CVE
CVE
added 2019/03/06 12:0 a.m.146 views

CVE-2019-0621

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0661, CVE-2019-0663.

5.5CVSS6.5AI score0.01706EPSS
CVE
CVE
added 2019/04/09 9:29 p.m.139 views

CVE-2019-0844

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0840.

5.5CVSS6.1AI score0.00978EPSS
CVE
CVE
added 2019/09/11 10:15 p.m.137 views

CVE-2019-1273

A cross-site-scripting (XSS) vulnerability exists when Active Directory Federation Services (ADFS) does not properly sanitize certain error messages, aka 'Active Directory Federation Services XSS Vulnerability'.

5.4CVSS6.2AI score0.00718EPSS
CVE
CVE
added 2019/09/11 10:15 p.m.137 views

CVE-2019-1282

An information disclosure exists in the Windows Common Log File System (CLFS) driver when it fails to properly handle sandbox checks, aka 'Windows Common Log File System Driver Information Disclosure Vulnerability'.

5.5CVSS6.2AI score0.00573EPSS
CVE
CVE
added 2019/04/09 9:29 p.m.136 views

CVE-2019-0848

An information disclosure vulnerability exists when the win32k component improperly provides kernel information, aka 'Win32k Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0814.

5.5CVSS6AI score0.00996EPSS
CVE
CVE
added 2019/03/06 12:0 a.m.132 views

CVE-2019-0628

An information disclosure vulnerability exists when the win32k component improperly provides kernel information, aka 'Win32k Information Disclosure Vulnerability'.

5.5CVSS6.4AI score0.00549EPSS
CVE
CVE
added 2019/09/11 10:15 p.m.132 views

CVE-2019-1274

An information disclosure vulnerability exists when the Windows kernel fails to properly initialize a memory address, aka 'Windows Kernel Information Disclosure Vulnerability'.

5.5CVSS5.9AI score0.0059EPSS
CVE
CVE
added 2020/01/14 11:15 p.m.132 views

CVE-2020-0607

An information disclosure vulnerability exists in the way that Microsoft Graphics Components handle objects in memory, aka 'Microsoft Graphics Components Information Disclosure Vulnerability'.

5.5CVSS6.5AI score0.175EPSS
CVE
CVE
added 2020/01/14 11:15 p.m.132 views

CVE-2020-0608

An information disclosure vulnerability exists when the win32k component improperly provides kernel information, aka 'Win32k Information Disclosure Vulnerability'.

5.5CVSS6.4AI score0.00978EPSS
CVE
CVE
added 2020/02/11 10:15 p.m.132 views

CVE-2020-0746

An information disclosure vulnerability exists in the way that Microsoft Graphics Components handle objects in memory, aka 'Microsoft Graphics Components Information Disclosure Vulnerability'.

5.5CVSS6.1AI score0.1459EPSS
CVE
CVE
added 2019/03/06 12:0 a.m.131 views

CVE-2019-0636

An information vulnerability exists when Windows improperly discloses file information, aka 'Windows Information Disclosure Vulnerability'.

5.5CVSS6.8AI score0.00549EPSS
CVE
CVE
added 2020/01/14 11:15 p.m.130 views

CVE-2020-0639

An information disclosure vulnerability exists in the Windows Common Log File System (CLFS) driver when it fails to properly handle objects in memory, aka 'Windows Common Log File System Driver Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-0615.

5.5CVSS6.6AI score0.00681EPSS
CVE
CVE
added 2019/04/09 9:29 p.m.128 views

CVE-2019-0814

An information disclosure vulnerability exists when the win32k component improperly provides kernel information, aka 'Win32k Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0848.

5.5CVSS6AI score0.00996EPSS
CVE
CVE
added 2019/06/12 2:29 p.m.127 views

CVE-2019-0948

An information disclosure vulnerability exists in the Windows Event Viewer (eventvwr.msc) when it improperly parses XML input containing a reference to an external entity. An attacker who successfully exploited this vulnerability could read arbitrary files via an XML external entity (XXE) declarati...

5.5CVSS6AI score0.42662EPSS
CVE
CVE
added 2019/04/09 9:29 p.m.124 views

CVE-2019-0840

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0844.

5.5CVSS6.1AI score0.00978EPSS
CVE
CVE
added 2019/04/09 9:29 p.m.117 views

CVE-2019-0837

An information disclosure vulnerability exists when DirectX improperly handles objects in memory, aka 'DirectX Information Disclosure Vulnerability'.

5.5CVSS6.2AI score0.00978EPSS
CVE
CVE
added 2019/08/14 9:15 p.m.117 views

CVE-2019-1148

An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system.To exploit this vulnerability, an attacker wou...

5.5CVSS6.7AI score0.03723EPSS
CVE
CVE
added 2019/07/29 2:12 p.m.116 views

CVE-2019-1126

A security feature bypass vulnerability exists in Active Directory Federation Services (ADFS) which could allow an attacker to bypass the extranet lockout policy.To exploit this vulnerability, an attacker could run a specially crafted application, which would allow an attacker to launch a password ...

5.3CVSS6.3AI score0.02066EPSS
CVE
CVE
added 2020/01/14 11:15 p.m.116 views

CVE-2020-0643

An information disclosure vulnerability exists in the way that the Windows Graphics Device Interface Plus (GDI+) handles objects in memory, allowing an attacker to retrieve information from a targeted system, aka 'Windows GDI+ Information Disclosure Vulnerability'.

5.5CVSS6.5AI score0.00978EPSS
CVE
CVE
added 2019/08/14 9:15 p.m.113 views

CVE-2019-0714

A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system. An attacker who successfully exploited the vulnerability could cause the host server to crash.To exploit the vulnerabi...

5.8CVSS6.9AI score0.01294EPSS
CVE
CVE
added 2019/04/09 3:29 a.m.112 views

CVE-2019-0776

An information disclosure vulnerability exists when the win32k component improperly provides kernel information, aka 'Win32k Information Disclosure Vulnerability'.

5.5CVSS6AI score0.00881EPSS
CVE
CVE
added 2019/06/12 2:29 p.m.112 views

CVE-2019-1039

An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory.To exploit this vulnerability, an authenticated attacker could run a specially crafted application. An attacker who successfully exploited this vulnerability could obtain information to f...

5.5CVSS6.1AI score0.00538EPSS
CVE
CVE
added 2019/08/14 9:15 p.m.109 views

CVE-2019-0718

A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system. An attacker who successfully exploited the vulnerability could cause the host server to crash.To exploit the vulnerabi...

5.8CVSS6.9AI score0.01591EPSS
CVE
CVE
added 2020/02/11 10:15 p.m.108 views

CVE-2020-0677

An information disclosure vulnerability exists in the Cryptography Next Generation (CNG) service when it fails to properly handle objects in memory.To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application.The security update addre...

5.5CVSS5.2AI score0.00996EPSS
CVE
CVE
added 2019/10/10 2:15 p.m.107 views

CVE-2019-1318

A spoofing vulnerability exists when Transport Layer Security (TLS) accesses non- Extended Master Secret (EMS) sessions, aka 'Microsoft Windows Transport Layer Security Spoofing Vulnerability'.

5.9CVSS7.1AI score0.05874EPSS
CVE
CVE
added 2019/12/10 10:15 p.m.107 views

CVE-2019-1469

An information disclosure vulnerability exists when the win32k component improperly provides kernel information, aka 'Win32k Information Disclosure Vulnerability'.

5.5CVSS6AI score0.0075EPSS
CVE
CVE
added 2019/08/14 9:15 p.m.106 views

CVE-2019-1078

An information disclosure vulnerability exists when the Windows Graphics component improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.An authenticated attacker could exploit this vulnerabil...

5.5CVSS6.7AI score0.00652EPSS
CVE
CVE
added 2020/02/11 10:15 p.m.106 views

CVE-2020-0755

An information disclosure vulnerability exists in the Cryptography Next Generation (CNG) service when it fails to properly handle objects in memory.To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application.The security update addre...

5.5CVSS5.2AI score0.00996EPSS
CVE
CVE
added 2019/10/10 2:15 p.m.105 views

CVE-2019-1344

An information disclosure vulnerability exists in the way that the Windows Code Integrity Module handles objects in memory, aka 'Windows Code Integrity Module Information Disclosure Vulnerability'.

5.5CVSS6.7AI score0.08119EPSS
CVE
CVE
added 2019/10/10 2:15 p.m.105 views

CVE-2019-1345

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1334.

5.5CVSS6.5AI score0.07944EPSS
CVE
CVE
added 2020/01/14 11:15 p.m.105 views

CVE-2020-0615

An information disclosure vulnerability exists in the Windows Common Log File System (CLFS) driver when it fails to properly handle objects in memory, aka 'Windows Common Log File System Driver Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-0639.

5.5CVSS6.6AI score0.00681EPSS
CVE
CVE
added 2019/09/11 10:15 p.m.103 views

CVE-2019-1270

An elevation of privilege vulnerability exists in Windows store installer where WindowsApps directory is vulnerable to symbolic link attack, aka 'Microsoft Windows Store Installer Elevation of Privilege Vulnerability'.

5.5CVSS6.6AI score0.00428EPSS
CVE
CVE
added 2019/08/14 9:15 p.m.102 views

CVE-2019-0723

A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system. An attacker who successfully exploited the vulnerability could cause the host server to crash.To exploit the vulnerabi...

5.8CVSS6.9AI score0.01294EPSS
CVE
CVE
added 2019/09/11 10:15 p.m.102 views

CVE-2019-1219

An information disclosure vulnerability exists when the Windows Transaction Manager improperly handles objects in memory, aka 'Windows Transaction Manager Information Disclosure Vulnerability'.

5.5CVSS6.2AI score0.00955EPSS
CVE
CVE
added 2019/08/14 9:15 p.m.101 views

CVE-2019-1153

An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system.To exploit this vulnerability, an attacker wou...

5.5CVSS6.7AI score0.04234EPSS
CVE
CVE
added 2019/07/15 7:15 p.m.100 views

CVE-2019-1093

An information disclosure vulnerability exists when DirectWrite improperly discloses the contents of its memory, aka 'DirectWrite Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1097.

5.5CVSS5.8AI score0.0143EPSS
CVE
CVE
added 2020/04/15 3:15 p.m.100 views

CVE-2020-0945

An information disclosure vulnerability exists when Media Foundation improperly handles objects in memory, aka 'Media Foundation Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-0937, CVE-2020-0939, CVE-2020-0946, CVE-2020-0947.

5.5CVSS5.6AI score0.24868EPSS
CVE
CVE
added 2019/08/14 9:15 p.m.99 views

CVE-2019-0715

A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system. An attacker who successfully exploited the vulnerability could cause the host server to crash.To exploit the vulnerabi...

5.8CVSS6.9AI score0.01294EPSS
CVE
CVE
added 2019/10/10 2:15 p.m.99 views

CVE-2019-1166

A tampering vulnerability exists in Microsoft Windows when a man-in-the-middle attacker is able to successfully bypass the NTLM MIC (Message Integrity Check) protection, aka 'Windows NTLM Tampering Vulnerability'.

5.9CVSS7AI score0.02573EPSS
CVE
CVE
added 2019/06/12 2:29 p.m.98 views

CVE-2019-1046

An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system.There are multiple ways an attacker could exploit ...

5.5CVSS5.6AI score0.07622EPSS
CVE
CVE
added 2019/07/15 7:15 p.m.98 views

CVE-2019-1074

An elevation of privilege vulnerability exists in Microsoft Windows where certain folders, with local service privilege, are vulnerable to symbolic link attack. An attacker who successfully exploited this vulnerability could potentially access unauthorized information. The update addresses this vul...

5.5CVSS6.1AI score0.00372EPSS
CVE
CVE
added 2019/08/14 9:15 p.m.98 views

CVE-2019-1143

An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise a user’s system.There are multiple ways an attacker could exploit th...

5.5CVSS6.7AI score0.00902EPSS
Total number of security vulnerabilities116