Vulnerabilities > Microsoft > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-07-15 | CVE-2019-1075 | Open Redirect vulnerability in Microsoft Asp.Net Core 2.1/2.2 A spoofing vulnerability exists in ASP.NET Core that could lead to an open redirect, aka 'ASP.NET Core Spoofing Vulnerability'. | 6.1 |
| 2019-07-15 | CVE-2019-1074 | Link Following vulnerability in Microsoft products An elevation of privilege vulnerability exists in Microsoft Windows where certain folders, with local service privilege, are vulnerable to symbolic link attack. | 5.5 |
| 2019-07-15 | CVE-2019-1073 | Information Exposure vulnerability in Microsoft products An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. | 5.5 |
| 2019-07-15 | CVE-2019-1071 | Information Exposure vulnerability in Microsoft products An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. | 5.5 |
| 2019-07-15 | CVE-2019-0975 | Unspecified vulnerability in Microsoft Windows Server 2016 and Windows Server 2019 A security feature bypass vulnerability exists when Active Directory Federation Services (ADFS) improperly updates its list of banned IP addresses. | 6.3 |
| 2019-07-15 | CVE-2019-0966 | Improper Input Validation vulnerability in Microsoft products A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate input from a privileged user on a guest operating system, aka 'Windows Hyper-V Denial of Service Vulnerability'. | 6.8 |
| 2019-07-15 | CVE-2019-0962 | Unspecified vulnerability in Microsoft Azure Automation An elevation of privilege vulnerability exists in Azure Automation "RunAs account" runbooks for users with contributor role, aka 'Azure Automation Elevation of Privilege Vulnerability'. | 4.9 |
| 2019-06-12 | CVE-2019-1081 | Information Exposure vulnerability in Microsoft Edge and Internet Explorer An information disclosure vulnerability exists when affected Microsoft browsers improperly handle objects in memory, aka 'Microsoft Browser Information Disclosure Vulnerability'. | 6.5 |
| 2019-06-12 | CVE-2019-1054 | Unspecified vulnerability in Microsoft Edge A security feature bypass vulnerability exists in Edge that allows for bypassing Mark of the Web Tagging (MOTW), aka 'Microsoft Edge Security Feature Bypass Vulnerability'. | 5.0 |
| 2019-06-12 | CVE-2019-1050 | Information Exposure vulnerability in Microsoft products An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. | 6.5 |