Vulnerabilities > Microsoft > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-06-12 | CVE-2019-1049 | Information Exposure vulnerability in Microsoft Windows 7 and Windows Server 2008 An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. | 6.5 |
| 2019-06-12 | CVE-2019-1048 | Information Exposure vulnerability in Microsoft Windows 7 and Windows Server 2008 An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. | 6.5 |
| 2019-06-12 | CVE-2019-1047 | Information Exposure vulnerability in Microsoft Windows 7 and Windows Server 2008 An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. | 6.5 |
| 2019-06-12 | CVE-2019-1046 | Information Exposure vulnerability in Microsoft products An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. | 5.5 |
| 2019-06-12 | CVE-2019-1043 | Unspecified vulnerability in Microsoft products A remote code execution vulnerability exists in the way that comctl32.dll handles objects in memory, aka 'Comctl32 Remote Code Execution Vulnerability'. | 6.8 |
| 2019-06-12 | CVE-2019-1040 | Unspecified vulnerability in Microsoft products A tampering vulnerability exists in Microsoft Windows when a man-in-the-middle attacker is able to successfully bypass the NTLM MIC (Message Integrity Check) protection, aka 'Windows NTLM Tampering Vulnerability'. | 5.9 |
| 2019-06-12 | CVE-2019-1039 | Improper Initialization vulnerability in Microsoft products An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory.To exploit this vulnerability, an authenticated attacker could run a specially crafted application, aka 'Windows Kernel Information Disclosure Vulnerability'. | 5.5 |
| 2019-06-12 | CVE-2019-1036 | Cross-site Scripting vulnerability in Microsoft products A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. | 5.4 |
| 2019-06-12 | CVE-2019-1033 | Cross-site Scripting vulnerability in Microsoft products A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. | 5.4 |
| 2019-06-12 | CVE-2019-1032 | Cross-site Scripting vulnerability in Microsoft Sharepoint Enterprise Server and Sharepoint Server A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. | 5.4 |