Vulnerabilities > Microsoft > Windows Server 2016 > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-05-16 | CVE-2019-0882 | Unspecified vulnerability in Microsoft products An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. network microsoft | 4.3 |
| 2019-05-16 | CVE-2019-0758 | Unspecified vulnerability in Microsoft products An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. network microsoft | 4.3 |
| 2019-05-16 | CVE-2019-0733 | Unspecified vulnerability in Microsoft products A security feature bypass vulnerability exists in Windows Defender Application Control (WDAC) which could allow an attacker to bypass WDAC enforcement, aka 'Windows Defender Application Control Security Feature Bypass Vulnerability'. | 4.6 |
| 2019-05-16 | CVE-2019-0707 | Out-of-bounds Write vulnerability in Microsoft products An elevation of privilege vulnerability exists in the Network Driver Interface Specification (NDIS) when ndis.sys fails to check the length of a buffer prior to copying memory to it.To exploit the vulnerability, in a local attack scenario, an attacker could run a specially crafted application to elevate the attacker's privilege level, aka 'Windows NDIS Elevation of Privilege Vulnerability'. | 6.9 |
| 2019-04-09 | CVE-2019-0849 | Unspecified vulnerability in Microsoft products An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. network microsoft | 4.3 |
| 2019-04-09 | CVE-2019-0836 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Microsoft products An elevation of privilege vulnerability exists when Windows improperly handles calls to the LUAFV driver (luafv.sys), aka 'Windows Elevation of Privilege Vulnerability'. | 4.6 |
| 2019-04-09 | CVE-2019-0835 | Unspecified vulnerability in Microsoft Internet Explorer 10/11 An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory, aka 'Microsoft Scripting Engine Information Disclosure Vulnerability'. network microsoft | 4.3 |
| 2019-04-09 | CVE-2019-0805 | Insufficient Verification of Data Authenticity vulnerability in Microsoft products An elevation of privilege vulnerability exists when Windows improperly handles calls to the LUAFV driver (luafv.sys), aka 'Windows Elevation of Privilege Vulnerability'. | 4.6 |
| 2019-04-09 | CVE-2019-0802 | Unspecified vulnerability in Microsoft products An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. network microsoft | 4.3 |
| 2019-04-09 | CVE-2019-0764 | Argument Injection or Modification vulnerability in Microsoft Edge and Internet Explorer A tampering vulnerability exists when Microsoft browsers do not properly validate input under specific conditions, aka 'Microsoft Browsers Tampering Vulnerability'. | 4.3 |