Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2019-11-12	CVE-2019-1382	Unspecified vulnerability in Microsoft products An elevation of privilege vulnerability exists when ActiveX Installer service may allow access to files without proper authentication, aka 'Microsoft ActiveX Installer Service Elevation of Privilege Vulnerability'. local low complexity microsoft	5.5
2019-11-12	CVE-2019-1381	Information Exposure vulnerability in Microsoft products An information disclosure vulnerability exists when the Windows Servicing Stack allows access to unprivileged file locations, aka 'Microsoft Windows Information Disclosure Vulnerability'. local low complexity microsoft CWE-200	5.5
2019-11-12	CVE-2019-1374	Information Exposure vulnerability in Microsoft products An information disclosure vulnerability exists in the way Windows Error Reporting (WER) handles objects in memory, aka 'Windows Error Reporting Information Disclosure Vulnerability'. local low complexity microsoft CWE-200	5.5
2019-11-12	CVE-2019-1370	Information Exposure vulnerability in Microsoft Open Enclave Software Development KIT An information disclosure vulnerability exists when affected Open Enclave SDK versions improperly handle objects in memory, aka 'Open Enclave SDK Information Disclosure Vulnerability'. local low complexity microsoft CWE-200	5.5
2019-11-12	CVE-2019-1324	Information Exposure vulnerability in Microsoft products An information disclosure vulnerability exists when the Windows TCP/IP stack improperly handles IPv6 flowlabel filled in packets, aka 'Windows TCP/IP Information Disclosure Vulnerability'. network low complexity microsoft CWE-200	5.3
2019-11-12	CVE-2019-1310	Improper Input Validation vulnerability in Microsoft products A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system, aka 'Windows Hyper-V Denial of Service Vulnerability'. network low complexity microsoft CWE-20	6.8
2019-11-12	CVE-2019-1309	Improper Input Validation vulnerability in Microsoft products A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system, aka 'Windows Hyper-V Denial of Service Vulnerability'. network low complexity microsoft CWE-20	6.8
2019-11-12	CVE-2019-0712	Improper Input Validation vulnerability in Microsoft products A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system, aka 'Windows Hyper-V Denial of Service Vulnerability'. network low complexity microsoft CWE-20	6.8
2019-10-10	CVE-2019-1376	Improper Handling of Exceptional Conditions vulnerability in Microsoft SQL Server Management Studio 18.3.1 An information disclosure vulnerability exists in Microsoft SQL Server Management Studio (SSMS) when it improperly enforces permissions, aka 'SQL Server Management Studio Information Disclosure Vulnerability'. network low complexity microsoft CWE-755	6.5
2019-10-10	CVE-2019-1375	Cross-site Scripting vulnerability in Microsoft Dynamics 365 A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server, aka 'Microsoft Dynamics 365 (On-Premise) Cross Site Scripting Vulnerability'. network low complexity microsoft CWE-79	5.4