Vulnerabilities > Microsoft > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-10-10 | CVE-2019-1313 | Improper Handling of Exceptional Conditions vulnerability in Microsoft SQL Server Management Studio 18.3/18.3.1 An information disclosure vulnerability exists in Microsoft SQL Server Management Studio (SSMS) when it improperly enforces permissions, aka 'SQL Server Management Studio Information Disclosure Vulnerability'. | 6.5 |
| 2019-10-10 | CVE-2019-1238 | Unspecified vulnerability in Microsoft Internet Explorer 10/11/9 A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'VBScript Remote Code Execution Vulnerability'. | 6.4 |
| 2019-10-10 | CVE-2019-1230 | Improper Input Validation vulnerability in Microsoft products An information disclosure vulnerability exists when the Windows Hyper-V Network Switch on a host operating system fails to properly validate input from an authenticated user on a guest operating system, aka 'Hyper-V Information Disclosure Vulnerability'. | 6.8 |
| 2019-10-10 | CVE-2019-1166 | Improper Validation of Integrity Check Value vulnerability in Microsoft products A tampering vulnerability exists in Microsoft Windows when a man-in-the-middle attacker is able to successfully bypass the NTLM MIC (Message Integrity Check) protection, aka 'Windows NTLM Tampering Vulnerability'. | 5.9 |
| 2019-10-10 | CVE-2019-1070 | Cross-site Scripting vulnerability in Microsoft Sharepoint Enterprise Server 2013/2016 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. | 5.4 |
| 2019-10-10 | CVE-2019-0608 | Authentication Bypass by Spoofing vulnerability in Microsoft Edge and Internet Explorer A spoofing vulnerability exists when Microsoft Browsers does not properly parse HTTP content, aka 'Microsoft Browser Spoofing Vulnerability'. | 4.3 |
| 2019-09-11 | CVE-2019-1305 | Cross-site Scripting vulnerability in Microsoft Azure Devops Server and Team Foundation Server A Cross-site Scripting (XSS) vulnerability exists when Team Foundation Server does not properly sanitize user provided input, aka 'Team Foundation Server Cross-site Scripting Vulnerability'. | 5.4 |
| 2019-09-11 | CVE-2019-1299 | Improper Initialization vulnerability in Microsoft Edge An information disclosure vulnerability exists when Microsoft Edge based on Edge HTML improperly handles objects in memory, aka 'Microsoft Edge based on Edge HTML Information Disclosure Vulnerability'. | 6.5 |
| 2019-09-11 | CVE-2019-1294 | Unspecified vulnerability in Microsoft products A security feature bypass exists when Windows Secure Boot improperly restricts access to debugging functionality, aka 'Windows Secure Boot Security Feature Bypass Vulnerability'. low complexity microsoft | 4.6 |
| 2019-09-11 | CVE-2019-1293 | Information Exposure vulnerability in Microsoft products An information disclosure vulnerability exists in Windows when the Windows SMB Client kernel-mode driver fails to properly handle objects in memory, aka 'Windows SMB Client Driver Information Disclosure Vulnerability'. | 5.5 |