Vulnerabilities > Microsoft
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-08-05 | CVE-2019-3800 | Information Exposure vulnerability in multiple products CF CLI version prior to v6.45.0 (bosh release version 1.16.0) writes the client id and secret to its config file when the user authenticates with --client-credentials flag. | 2.1 |
2019-07-29 | CVE-2019-1105 | Cross-site Scripting vulnerability in Microsoft Outlook A spoofing vulnerability exists in the way Microsoft Outlook for Android software parses specifically crafted email messages, aka 'Outlook for Android Spoofing Vulnerability'. | 3.5 |
2019-07-26 | CVE-2019-9492 | Untrusted Search Path vulnerability in Trendmicro Officescan 11.0/Xg A DLL side-loading vulnerability in Trend Micro OfficeScan 11.0 SP1 and XG could allow an authenticated attacker to gain code execution and terminate the product's process - disabling endpoint protection. | 4.6 |
2019-07-26 | CVE-2019-13382 | Link Following vulnerability in Techsmith Snagit 2019.1.2 UploaderService in SnagIT 2019.1.2 allows elevation of privilege by placing an invalid presentation file in %PROGRAMDATA%\TechSmith\TechSmith Recorder\QueuedPresentations and then creating a symbolic link in %PROGRAMDATA%\Techsmith\TechSmith Recorder\InvalidPresentations that points to an arbitrary folder with an arbitrary file name. | 9.3 |
2019-07-23 | CVE-2019-11702 | Missing Authorization vulnerability in Mozilla Firefox A hyperlink using protocols associated with Internet Explorer, such as IE.HTTP:, can be used to open local files at a known location with Internet Explorer if a user approves execution when prompted. | 4.3 |
2019-07-23 | CVE-2019-11700 | Missing Authorization vulnerability in Mozilla Firefox A hyperlink using the res: protocol can be used to open local files at a known location in Internet Explorer if a user approves execution when prompted. | 4.3 |
2019-07-23 | CVE-2019-11694 | Use of Uninitialized Resource vulnerability in Mozilla Firefox, Firefox ESR and Thunderbird A vulnerability exists in the Windows sandbox where an uninitialized value in memory can be leaked to a renderer from a broker when making a call to access an otherwise unavailable file. | 5.0 |
2019-07-21 | CVE-2019-14215 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Foxitsoftware Phantompdf An issue was discovered in Foxit PhantomPDF before 8.3.11. | 5.0 |
2019-07-21 | CVE-2019-14214 | Unspecified vulnerability in Foxitsoftware Phantompdf An issue was discovered in Foxit PhantomPDF before 8.3.10. | 5.0 |
2019-07-21 | CVE-2019-14212 | NULL Pointer Dereference vulnerability in Foxitsoftware Phantompdf An issue was discovered in Foxit PhantomPDF before 8.3.11. | 5.0 |