Vulnerabilities > Microsoft > Medium

DATE CVE VULNERABILITY TITLE RISK
2019-01-08 CVE-2019-0537 Unspecified vulnerability in Microsoft Visual Studio 2010/2012
An information disclosure vulnerability exists when Visual Studio improperly discloses arbitrary file contents if the victim opens a malicious .vscontent file, aka "Microsoft Visual Studio Information Disclosure Vulnerability." This affects Microsoft Visual Studio.
local
low complexity
microsoft
5.5
2019-01-08 CVE-2019-0536 Unspecified vulnerability in Microsoft products
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.
local
low complexity
microsoft
5.5
2018-12-12 CVE-2018-8650 Cross-site Scripting vulnerability in Microsoft Sharepoint Enterprise Server 2016
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft Office SharePoint XSS Vulnerability." This affects Microsoft SharePoint.
network
low complexity
microsoft CWE-79
5.4
2018-12-12 CVE-2018-8652 Cross-site Scripting vulnerability in Microsoft Windows Azure Pack Rollup 13.1
A Cross-site Scripting (XSS) vulnerability exists when Windows Azure Pack does not properly sanitize user-provided input, aka "Windows Azure Pack Cross Site Scripting Vulnerability." This affects Windows Azure Pack Rollup 13.1.
network
low complexity
microsoft CWE-79
5.4
2018-12-12 CVE-2018-8651 Cross-site Scripting vulnerability in Microsoft Dynamics NAV 2016/2017
A cross site scripting vulnerability exists when Microsoft Dynamics NAV does not properly sanitize a specially crafted web request to an affected Dynamics NAV server, aka "Microsoft Dynamics NAV Cross Site Scripting Vulnerability." This affects Microsoft Dynamics NAV.
network
low complexity
microsoft CWE-79
5.4
2018-12-12 CVE-2018-8649 Unspecified vulnerability in Microsoft Windows 10 and Windows Server 2019
A denial of service vulnerability exists when Windows improperly handles objects in memory, aka "Windows Denial of Service Vulnerability." This affects Windows 10, Windows Server 2019.
local
low complexity
microsoft
5.5
2018-12-12 CVE-2018-8638 Unspecified vulnerability in Microsoft Windows 10 and Windows Server 2019
An information disclosure vulnerability exists when DirectX improperly handles objects in memory, aka "DirectX Information Disclosure Vulnerability." This affects Windows 10, Windows Server 2019.
local
low complexity
microsoft
5.5
2018-12-12 CVE-2018-8637 Unspecified vulnerability in Microsoft products
An information disclosure vulnerability exists in Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (KASLR) bypass, aka "Win32k Information Disclosure Vulnerability." This affects Windows 10 Servers, Windows 10, Windows Server 2019.
local
low complexity
microsoft
5.5
2018-12-12 CVE-2018-8627 Use of Uninitialized Resource vulnerability in Microsoft products
An information disclosure vulnerability exists when Microsoft Excel software reads out of bound memory due to an uninitialized variable, which could disclose the contents of memory, aka "Microsoft Excel Information Disclosure Vulnerability." This affects Microsoft Office, Office 365 ProPlus, Microsoft Excel, Microsoft Excel Viewer, Excel.
local
low complexity
microsoft CWE-908
5.5
2018-12-12 CVE-2018-8622 Unspecified vulnerability in Microsoft products
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2008 R2.
local
low complexity
microsoft
5.5