Vulnerabilities > Microsoft > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-11-12 | CVE-2019-1370 | Information Exposure vulnerability in Microsoft Open Enclave Software Development KIT An information disclosure vulnerability exists when affected Open Enclave SDK versions improperly handle objects in memory, aka 'Open Enclave SDK Information Disclosure Vulnerability'. | 5.5 |
| 2019-11-12 | CVE-2019-1324 | Information Exposure vulnerability in Microsoft products An information disclosure vulnerability exists when the Windows TCP/IP stack improperly handles IPv6 flowlabel filled in packets, aka 'Windows TCP/IP Information Disclosure Vulnerability'. | 5.3 |
| 2019-11-12 | CVE-2019-1310 | Improper Input Validation vulnerability in Microsoft products A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system, aka 'Windows Hyper-V Denial of Service Vulnerability'. | 6.8 |
| 2019-11-12 | CVE-2019-1309 | Improper Input Validation vulnerability in Microsoft products A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system, aka 'Windows Hyper-V Denial of Service Vulnerability'. | 6.8 |
| 2019-11-12 | CVE-2019-0712 | Improper Input Validation vulnerability in Microsoft products A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system, aka 'Windows Hyper-V Denial of Service Vulnerability'. | 6.8 |
| 2019-10-10 | CVE-2019-1376 | Improper Handling of Exceptional Conditions vulnerability in Microsoft SQL Server Management Studio 18.3.1 An information disclosure vulnerability exists in Microsoft SQL Server Management Studio (SSMS) when it improperly enforces permissions, aka 'SQL Server Management Studio Information Disclosure Vulnerability'. | 6.5 |
| 2019-10-10 | CVE-2019-1375 | Cross-site Scripting vulnerability in Microsoft Dynamics 365 A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server, aka 'Microsoft Dynamics 365 (On-Premise) Cross Site Scripting Vulnerability'. | 5.4 |
| 2019-10-10 | CVE-2019-1369 | Information Exposure vulnerability in Microsoft Open Enclave Software Development KIT An information disclosure vulnerability exists when affected Open Enclave SDK versions improperly handle objects in memory, aka 'Open Enclave SDK Information Disclosure Vulnerability'. | 5.5 |
| 2019-10-10 | CVE-2019-1368 | Unspecified vulnerability in Microsoft products A security feature bypass exists when Windows Secure Boot improperly restricts access to debugging functionality, aka 'Windows Secure Boot Security Feature Bypass Vulnerability'. low complexity microsoft | 4.6 |
| 2019-10-10 | CVE-2019-1363 | Information Exposure vulnerability in Microsoft Windows 7 and Windows Server 2008 An information disclosure vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory, allowing an attacker to retrieve information from a targeted system, aka 'Windows GDI Information Disclosure Vulnerability'. | 5.5 |