Vulnerabilities > Microsoft > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-04-09 | CVE-2019-0835 | Unspecified vulnerability in Microsoft Internet Explorer 10/11 An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory, aka 'Microsoft Scripting Engine Information Disclosure Vulnerability'. | 6.5 |
| 2019-04-09 | CVE-2019-0833 | Unspecified vulnerability in Microsoft Edge An information disclosure vulnerability exists when Microsoft Edge improperly handles objects in memory, aka 'Microsoft Edge Information Disclosure Vulnerability'. | 6.5 |
| 2019-04-09 | CVE-2019-0831 | Cross-site Scripting vulnerability in Microsoft products A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. | 5.4 |
| 2019-04-09 | CVE-2019-0830 | Cross-site Scripting vulnerability in Microsoft products A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. | 5.4 |
| 2019-04-09 | CVE-2019-0817 | Data Processing Errors vulnerability in Microsoft Exchange Server A spoofing vulnerability exists in Microsoft Exchange Server when Outlook Web Access (OWA) fails to properly handle web requests, aka 'Microsoft Exchange Spoofing Vulnerability'. | 5.4 |
| 2019-04-09 | CVE-2019-0814 | Unspecified vulnerability in Microsoft products An information disclosure vulnerability exists when the win32k component improperly provides kernel information, aka 'Win32k Information Disclosure Vulnerability'. | 5.5 |
| 2019-04-09 | CVE-2019-0802 | Unspecified vulnerability in Microsoft products An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. | 6.5 |
| 2019-04-09 | CVE-2019-0796 | Permissions, Privileges, and Access Controls vulnerability in Microsoft products An elevation of privilege vulnerability exists when Windows improperly handles calls to the LUAFV driver (luafv.sys), aka 'Windows Elevation of Privilege Vulnerability'. | 5.5 |
| 2019-04-09 | CVE-2019-0764 | Argument Injection or Modification vulnerability in Microsoft Edge and Internet Explorer A tampering vulnerability exists when Microsoft browsers do not properly validate input under specific conditions, aka 'Microsoft Browsers Tampering Vulnerability'. | 6.5 |
| 2019-04-09 | CVE-2019-0821 | Unspecified vulnerability in Microsoft products An information disclosure vulnerability exists in the way that the Windows SMB Server handles certain requests, aka 'Windows SMB Information Disclosure Vulnerability'. | 6.5 |