Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2019-12-10	CVE-2019-1470	Improper Input Validation vulnerability in Microsoft products An information disclosure vulnerability exists when Windows Hyper-V on a host operating system fails to properly validate input from an authenticated user on a guest operating system, aka 'Windows Hyper-V Information Disclosure Vulnerability'. local low complexity microsoft CWE-20	6.0
2019-12-10	CVE-2019-1469	Information Exposure vulnerability in Microsoft products An information disclosure vulnerability exists when the win32k component improperly provides kernel information, aka 'Win32k Information Disclosure Vulnerability'. local low complexity microsoft CWE-200	5.5
2019-12-10	CVE-2019-1467	Information Exposure vulnerability in Microsoft products An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. network low complexity microsoft CWE-200	6.5
2019-12-10	CVE-2019-1466	Out-of-bounds Read vulnerability in Microsoft products An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. network low complexity microsoft CWE-125	6.5
2019-12-10	CVE-2019-1465	Out-of-bounds Read vulnerability in Microsoft products An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. network low complexity microsoft CWE-125	6.5
2019-12-10	CVE-2019-1464	Information Exposure vulnerability in Microsoft Excel, Office and Office 365 Proplus An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory, aka 'Microsoft Excel Information Disclosure Vulnerability'. local low complexity microsoft CWE-200	5.5
2019-12-10	CVE-2019-1463	Information Exposure vulnerability in Microsoft Office and Office 365 Proplus An information disclosure vulnerability exists in Microsoft Access software when the software fails to properly handle objects in memory, aka 'Microsoft Access Information Disclosure Vulnerability'. local low complexity microsoft CWE-200	5.5
2019-12-10	CVE-2019-1461	Unspecified vulnerability in Microsoft Office, Office 365 Proplus and Word A denial of service vulnerability exists in Microsoft Word software when the software fails to properly handle objects in memory, aka 'Microsoft Word Denial of Service Vulnerability'. network low complexity microsoft	6.5
2019-12-10	CVE-2019-1400	Information Exposure vulnerability in Microsoft Office and Office 365 Proplus An information disclosure vulnerability exists in Microsoft Access software when the software fails to properly handle objects in memory, aka 'Microsoft Access Information Disclosure Vulnerability'. local low complexity microsoft CWE-200	5.5
2019-12-10	CVE-2019-1332	Cross-site Scripting vulnerability in Microsoft products A cross-site scripting (XSS) vulnerability exists when Microsoft SQL Server Reporting Services (SSRS) does not properly sanitize a specially-crafted web request to an affected SSRS server, aka 'Microsoft SQL Server Reporting Services XSS Vulnerability'. network low complexity microsoft CWE-79	6.1