Vulnerabilities > Microsoft > Medium

DATE CVE VULNERABILITY TITLE RISK
2019-01-08 CVE-2019-0561 Unspecified vulnerability in Microsoft products
An information disclosure vulnerability exists when Microsoft Word macro buttons are used improperly, aka "Microsoft Word Information Disclosure Vulnerability." This affects Microsoft Word, Office 365 ProPlus, Microsoft Office, Word.
local
low complexity
microsoft
5.5
5.5
2019-01-08 CVE-2019-0560 Unspecified vulnerability in Microsoft Office, Office 365 Proplus and Outlook
An information disclosure vulnerability exists when Microsoft Office improperly discloses the contents of its memory, aka "Microsoft Office Information Disclosure Vulnerability." This affects Office 365 ProPlus, Microsoft Office.
local
low complexity
microsoft
5.5
5.5
2019-01-08 CVE-2019-0559 Unspecified vulnerability in Microsoft Office, Office 365 Proplus and Outlook
An information disclosure vulnerability exists when Microsoft Outlook improperly handles certain types of messages, aka "Microsoft Outlook Information Disclosure Vulnerability." This affects Office 365 ProPlus, Microsoft Office, Microsoft Outlook.
network
low complexity
microsoft
6.5
6.5
2019-01-08 CVE-2019-0558 Cross-site Scripting vulnerability in Microsoft Business Productivity Servers and Sharepoint Server
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft Office SharePoint XSS Vulnerability." This affects Microsoft SharePoint Server, Microsoft SharePoint, Microsoft Business Productivity Servers.
network
low complexity
microsoft CWE-79
5.4
5.4
2019-01-08 CVE-2019-0557 Cross-site Scripting vulnerability in Microsoft Sharepoint Server 2016
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft Office SharePoint XSS Vulnerability." This affects Microsoft SharePoint.
network
low complexity
microsoft CWE-79
5.4
5.4
2019-01-08 CVE-2019-0556 Cross-site Scripting vulnerability in Microsoft Sharepoint Server 2013
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft Office SharePoint XSS Vulnerability." This affects Microsoft SharePoint.
network
low complexity
microsoft CWE-79
5.4
5.4
2019-01-08 CVE-2019-0554 Unspecified vulnerability in Microsoft products
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.
local
low complexity
microsoft
5.5
5.5
2019-01-08 CVE-2019-0553 Unspecified vulnerability in Microsoft products
An information disclosure vulnerability exists when Windows Subsystem for Linux improperly handles objects in memory, aka "Windows Subsystem for Linux Information Disclosure Vulnerability." This affects Windows 10 Servers, Windows 10, Windows Server 2019.
local
low complexity
microsoft
5.5
5.5
2019-01-08 CVE-2019-0549 Unspecified vulnerability in Microsoft products
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.
local
low complexity
microsoft
5.5
5.5
2019-01-08 CVE-2019-0537 Unspecified vulnerability in Microsoft Visual Studio 2010/2012
An information disclosure vulnerability exists when Visual Studio improperly discloses arbitrary file contents if the victim opens a malicious .vscontent file, aka "Microsoft Visual Studio Information Disclosure Vulnerability." This affects Microsoft Visual Studio.
local
low complexity
microsoft
5.5
5.5