Vulnerabilities > Microsoft > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-07-15 | CVE-2019-1094 | Information Exposure vulnerability in Microsoft products An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. | 6.5 |
| 2019-07-15 | CVE-2019-1093 | Information Exposure vulnerability in Microsoft products An information disclosure vulnerability exists when DirectWrite improperly discloses the contents of its memory, aka 'DirectWrite Information Disclosure Vulnerability'. | 5.5 |
| 2019-07-15 | CVE-2019-1091 | Information Exposure vulnerability in Microsoft products An information disclosure vulnerability exists when Unistore.dll fails to properly handle objects in memory, aka 'Microsoft unistore.dll Information Disclosure Vulnerability'. | 5.5 |
| 2019-07-15 | CVE-2019-1084 | Information Exposure vulnerability in Microsoft products An information disclosure vulnerability exists when Exchange allows creation of entities with Display Names having non-printable characters. | 6.5 |
| 2019-07-15 | CVE-2019-1079 | Improper Input Validation vulnerability in Microsoft Visual Studio An information disclosure vulnerability exists when Visual Studio improperly parses XML input in certain settings files, aka 'Visual Studio Information Disclosure Vulnerability'. | 6.5 |
| 2019-07-15 | CVE-2019-1077 | Unspecified vulnerability in Microsoft Visual Studio 2017 and Visual Studio 2019 An elevation of privilege vulnerability exists when the Visual Studio updater service improperly handles file permissions, aka 'Visual Studio Elevation of Privilege Vulnerability'. | 5.0 |
| 2019-07-15 | CVE-2019-1076 | Cross-site Scripting vulnerability in Microsoft Azure Devops Server and Team Foundation Server A Cross-site Scripting (XSS) vulnerability exists when Team Foundation Server does not properly sanitize user provided input, aka 'Team Foundation Server Cross-site Scripting Vulnerability'. | 5.4 |
| 2019-07-15 | CVE-2019-1075 | Open Redirect vulnerability in Microsoft Asp.Net Core 2.1/2.2 A spoofing vulnerability exists in ASP.NET Core that could lead to an open redirect, aka 'ASP.NET Core Spoofing Vulnerability'. | 6.1 |
| 2019-07-15 | CVE-2019-1074 | Link Following vulnerability in Microsoft products An elevation of privilege vulnerability exists in Microsoft Windows where certain folders, with local service privilege, are vulnerable to symbolic link attack. | 5.5 |
| 2019-07-15 | CVE-2019-1073 | Information Exposure vulnerability in Microsoft products An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. | 5.5 |