Vulnerabilities > Microsoft > Medium

DATE CVE VULNERABILITY TITLE RISK
2019-04-09 CVE-2019-0858 Cross-site Scripting vulnerability in Microsoft Exchange Server 2013/2016/2019
A spoofing vulnerability exists in Microsoft Exchange Server when Outlook Web Access (OWA) fails to properly handle web requests, aka 'Microsoft Exchange Spoofing Vulnerability'.
network
low complexity
microsoft CWE-79
6.1
6.1
2019-04-09 CVE-2019-0857 Improper Encoding or Escaping of Output vulnerability in Microsoft Azure Devops Server 2019
A spoofing vulnerability that could allow a security feature bypass exists in when Azure DevOps Server does not properly sanitize user provided input, aka 'Azure DevOps Server Spoofing Vulnerability'.
network
low complexity
microsoft CWE-116
6.5
6.5
2019-04-09 CVE-2019-0849 Unspecified vulnerability in Microsoft products
An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'.
network
low complexity
microsoft
6.5
6.5
2019-04-09 CVE-2019-0848 Unspecified vulnerability in Microsoft products
An information disclosure vulnerability exists when the win32k component improperly provides kernel information, aka 'Win32k Information Disclosure Vulnerability'.
local
low complexity
microsoft
5.5
5.5
2019-04-09 CVE-2019-0844 Unspecified vulnerability in Microsoft products
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'.
local
low complexity
microsoft
5.5
5.5
2019-04-09 CVE-2019-0840 Unspecified vulnerability in Microsoft products
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'.
local
low complexity
microsoft
5.5
5.5
2019-04-09 CVE-2019-0839 Unspecified vulnerability in Microsoft products
An information disclosure vulnerability exists when the Terminal Services component improperly discloses the contents of its memory, aka 'Windows Information Disclosure Vulnerability'.
local
low complexity
microsoft
4.4
4.4
2019-04-09 CVE-2019-0837 Unspecified vulnerability in Microsoft Windows 10 and Windows Server 2016
An information disclosure vulnerability exists when DirectX improperly handles objects in memory, aka 'DirectX Information Disclosure Vulnerability'.
local
low complexity
microsoft
5.5
5.5
2019-04-09 CVE-2019-0835 Unspecified vulnerability in Microsoft Internet Explorer 10/11
An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory, aka 'Microsoft Scripting Engine Information Disclosure Vulnerability'.
network
low complexity
microsoft
6.5
6.5
2019-04-09 CVE-2019-0833 Unspecified vulnerability in Microsoft Edge
An information disclosure vulnerability exists when Microsoft Edge improperly handles objects in memory, aka 'Microsoft Edge Information Disclosure Vulnerability'.
network
low complexity
microsoft
6.5
6.5