Vulnerabilities > Microsoft > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-06-12 | CVE-2019-0996 | Cross-Site Request Forgery (CSRF) vulnerability in Microsoft Azure Devops Server 2019 A spoofing vulnerability exists in Azure DevOps Server when it improperly handles requests to authorize applications, resulting in a cross-site request forgery, aka 'Azure DevOps Server Spoofing Vulnerability'. | 6.5 |
| 2019-06-12 | CVE-2019-0990 | Information Exposure vulnerability in Microsoft Chakracore and Edge An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Microsoft Edge, aka 'Scripting Engine Information Disclosure Vulnerability'. | 6.5 |
| 2019-06-12 | CVE-2019-0977 | Information Exposure vulnerability in Microsoft Windows 7 and Windows Server 2008 An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. | 6.5 |
| 2019-06-12 | CVE-2019-0972 | Unspecified vulnerability in Microsoft products This security update corrects a denial of service in the Local Security Authority Subsystem Service (LSASS) caused when an authenticated attacker sends a specially crafted authentication request, aka 'Local Security Authority Subsystem Service Denial of Service Vulnerability'. | 6.5 |
| 2019-06-12 | CVE-2019-0968 | Unspecified vulnerability in Microsoft Windows 7 and Windows Server 2008 An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. | 6.5 |
| 2019-06-12 | CVE-2019-0948 | XXE vulnerability in Microsoft products An information disclosure vulnerability exists in the Windows Event Viewer (eventvwr.msc) when it improperly parses XML input containing a reference to an external entity, aka 'Windows Event Viewer Information Disclosure Vulnerability'. | 5.5 |
| 2019-06-12 | CVE-2019-0713 | Improper Input Validation vulnerability in Microsoft products A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate input from a privileged user on a guest operating system, aka 'Windows Hyper-V Denial of Service Vulnerability'. | 6.8 |
| 2019-06-12 | CVE-2019-0711 | Improper Input Validation vulnerability in Microsoft products A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate input from a privileged user on a guest operating system, aka 'Windows Hyper-V Denial of Service Vulnerability'. | 6.8 |
| 2019-06-12 | CVE-2019-0710 | Improper Input Validation vulnerability in Microsoft products A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate input from a privileged user on a guest operating system, aka 'Windows Hyper-V Denial of Service Vulnerability'. | 6.8 |
| 2019-05-16 | CVE-2019-1008 | Unspecified vulnerability in Microsoft Dynamics 365 and Dynamics CRM 2015 A security feature bypass vulnerability exists in Dynamics On Premise, aka 'Microsoft Dynamics On-Premise Security Feature Bypass'. | 5.9 |