Vulnerabilities > Microsoft > Windows Server 2019

DATE CVE VULNERABILITY TITLE RISK
2019-08-14 CVE-2019-1198 Unspecified vulnerability in Microsoft products
An elevation of privilege exists in SyncController.dll.
network
high complexity
microsoft
6.5
2019-08-14 CVE-2019-1190 Unspecified vulnerability in Microsoft products
An elevation of privilege vulnerability exists in the way that the Windows kernel image handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. To exploit the vulnerability, a locally authenticated attacker could run a specially crafted application. The security update addresses the vulnerability by ensuring the Windows kernel image properly handles objects in memory.
local
low complexity
microsoft
7.8
2019-08-14 CVE-2019-1188 Link Following vulnerability in Microsoft products
A remote code execution vulnerability exists in Microsoft Windows that could allow remote code execution if a .LNK file is processed. An attacker who successfully exploited this vulnerability could gain the same user rights as the local user.
network
high complexity
microsoft CWE-59
7.5
2019-08-14 CVE-2019-1187 XXE vulnerability in Microsoft products
A denial of service vulnerability exists when the XmlLite runtime (XmlLite.dll) improperly parses XML input.
local
low complexity
microsoft CWE-611
5.5
2019-08-14 CVE-2019-1186 Unspecified vulnerability in Microsoft products
An elevation of privilege vulnerability exists in the way that the wcmsvc.dll handles objects in memory.
local
high complexity
microsoft
7.0
2019-08-14 CVE-2019-1184 Unspecified vulnerability in Microsoft products
An elevation of privilege vulnerability exists when Windows Core Shell COM Server Registrar improperly handles COM calls.
local
high complexity
microsoft
6.7
2019-08-14 CVE-2019-1183 Unspecified vulnerability in Microsoft products
This information is being revised to indicate that this CVE (CVE-2019-1183) is fully mitigated by the security updates for the vulnerability discussed in CVE-2019-1194.
network
low complexity
microsoft
8.8
2019-08-14 CVE-2019-1182 Unspecified vulnerability in Microsoft products
A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests.
network
low complexity
microsoft
critical
9.8
2019-08-14 CVE-2019-1181 Unspecified vulnerability in Microsoft products
A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests.
network
low complexity
microsoft
critical
9.8
2019-08-14 CVE-2019-1180 Unspecified vulnerability in Microsoft products
An elevation of privilege vulnerability exists in the way that the wcmsvc.dll handles objects in memory.
local
high complexity
microsoft
7.0