Vulnerabilities > Microsoft > Windows RT 8 1 > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-11-12 | CVE-2019-1382 | Unspecified vulnerability in Microsoft products An elevation of privilege vulnerability exists when ActiveX Installer service may allow access to files without proper authentication, aka 'Microsoft ActiveX Installer Service Elevation of Privilege Vulnerability'. | 5.5 |
| 2019-11-12 | CVE-2019-1381 | Information Exposure vulnerability in Microsoft products An information disclosure vulnerability exists when the Windows Servicing Stack allows access to unprivileged file locations, aka 'Microsoft Windows Information Disclosure Vulnerability'. | 5.5 |
| 2019-10-10 | CVE-2019-1347 | Out-of-bounds Read vulnerability in Microsoft products A denial of service vulnerability exists when Windows improperly handles objects in memory, aka 'Windows Denial of Service Vulnerability'. | 6.5 |
| 2019-10-10 | CVE-2019-1346 | Out-of-bounds Read vulnerability in Microsoft products A denial of service vulnerability exists when Windows improperly handles objects in memory, aka 'Windows Denial of Service Vulnerability'. | 6.5 |
| 2019-10-10 | CVE-2019-1344 | Out-of-bounds Read vulnerability in Microsoft products An information disclosure vulnerability exists in the way that the Windows Code Integrity Module handles objects in memory, aka 'Windows Code Integrity Module Information Disclosure Vulnerability'. | 5.5 |
| 2019-10-10 | CVE-2019-1343 | Unspecified vulnerability in Microsoft products A denial of service vulnerability exists when Windows improperly handles objects in memory, aka 'Windows Denial of Service Vulnerability'. | 6.5 |
| 2019-10-10 | CVE-2019-1334 | Information Exposure vulnerability in Microsoft products An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. | 5.5 |
| 2019-10-10 | CVE-2019-1325 | Unspecified vulnerability in Microsoft products An elevation of privilege vulnerability exists in the Windows redirected drive buffering system (rdbss.sys) when the operating system improperly handles specific local calls within Windows 7 for 32-bit systems, aka 'Windows Redirected Drive Buffering System Elevation of Privilege Vulnerability'. | 5.5 |
| 2019-10-10 | CVE-2019-1318 | Authentication Bypass by Spoofing vulnerability in Microsoft products A spoofing vulnerability exists when Transport Layer Security (TLS) accesses non- Extended Master Secret (EMS) sessions, aka 'Microsoft Windows Transport Layer Security Spoofing Vulnerability'. | 5.9 |
| 2019-10-10 | CVE-2019-1166 | Improper Validation of Integrity Check Value vulnerability in Microsoft products A tampering vulnerability exists in Microsoft Windows when a man-in-the-middle attacker is able to successfully bypass the NTLM MIC (Message Integrity Check) protection, aka 'Windows NTLM Tampering Vulnerability'. | 5.9 |