Vulnerabilities > Microsoft
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-10-10 | CVE-2019-1311 | Unspecified vulnerability in Microsoft products A remote code execution vulnerability exists when the Windows Imaging API improperly handles objects in memory, aka 'Windows Imaging API Remote Code Execution Vulnerability'. | 9.3 |
2019-10-10 | CVE-2019-1308 | Out-of-bounds Write vulnerability in Microsoft Chakracore A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. | 7.6 |
2019-10-10 | CVE-2019-1307 | Out-of-bounds Write vulnerability in Microsoft Chakracore A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. | 7.6 |
2019-10-10 | CVE-2019-1239 | Unspecified vulnerability in Microsoft Internet Explorer 11 A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'VBScript Remote Code Execution Vulnerability'. | 7.6 |
2019-10-10 | CVE-2019-1238 | Unspecified vulnerability in Microsoft Internet Explorer 10/11/9 A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'VBScript Remote Code Execution Vulnerability'. | 7.1 |
2019-10-10 | CVE-2019-1230 | Improper Input Validation vulnerability in Microsoft products An information disclosure vulnerability exists when the Windows Hyper-V Network Switch on a host operating system fails to properly validate input from an authenticated user on a guest operating system, aka 'Hyper-V Information Disclosure Vulnerability'. | 4.0 |
2019-10-10 | CVE-2019-1166 | Improper Validation of Integrity Check Value vulnerability in Microsoft products A tampering vulnerability exists in Microsoft Windows when a man-in-the-middle attacker is able to successfully bypass the NTLM MIC (Message Integrity Check) protection, aka 'Windows NTLM Tampering Vulnerability'. | 4.3 |
2019-10-10 | CVE-2019-1070 | Cross-site Scripting vulnerability in Microsoft Sharepoint Enterprise Server 2013/2016 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. | 3.5 |
2019-10-10 | CVE-2019-1060 | XXE vulnerability in Microsoft products A remote code execution vulnerability exists when the Microsoft XML Core Services MSXML parser processes user input, aka 'MS XML Remote Code Execution Vulnerability'. | 9.3 |
2019-10-10 | CVE-2019-0608 | Authentication Bypass by Spoofing vulnerability in Microsoft Edge and Internet Explorer A spoofing vulnerability exists when Microsoft Browsers does not properly parse HTTP content, aka 'Microsoft Browser Spoofing Vulnerability'. | 4.3 |