Vulnerabilities > Microsoft > Windows Server 2019 > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-11-12 | CVE-2019-1385 | Link Following vulnerability in Microsoft products An elevation of privilege vulnerability exists when the Windows AppX Deployment Extensions improperly performs privilege management, resulting in access to system files.To exploit this vulnerability, an authenticated attacker would need to run a specially crafted application to elevate privileges.The security update addresses the vulnerability by correcting how AppX Deployment Extensions manages privileges., aka 'Windows AppX Deployment Extensions Elevation of Privilege Vulnerability'. | 7.8 |
| 2019-11-12 | CVE-2019-1383 | Unspecified vulnerability in Microsoft products An elevation of privilege vulnerability exists when the Windows Data Sharing Service improperly handles file operations, aka 'Windows Data Sharing Service Elevation of Privilege Vulnerability'. | 7.8 |
| 2019-11-12 | CVE-2019-1380 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Microsoft products A local elevation of privilege vulnerability exists in how splwow64.exe handles certain calls, aka 'Microsoft splwow64 Elevation of Privilege Vulnerability'. | 7.8 |
| 2019-11-12 | CVE-2019-1379 | Unspecified vulnerability in Microsoft Windows 10 and Windows Server 2019 An elevation of privilege vulnerability exists when the Windows Data Sharing Service improperly handles file operations, aka 'Windows Data Sharing Service Elevation of Privilege Vulnerability'. | 7.8 |
| 2019-10-10 | CVE-2019-1359 | Unspecified vulnerability in Microsoft products A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. | 7.8 |
| 2019-10-10 | CVE-2019-1358 | Unspecified vulnerability in Microsoft products A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. | 7.8 |
| 2019-10-10 | CVE-2019-1342 | Improper Handling of Exceptional Conditions vulnerability in Microsoft products An elevation of privilege vulnerability exists when Windows Error Reporting manager improperly handles a process crash, aka 'Windows Error Reporting Manager Elevation of Privilege Vulnerability'. | 7.8 |
| 2019-10-10 | CVE-2019-1341 | Unspecified vulnerability in Microsoft products An elevation of privilege vulnerability exists when umpo.dll of the Power Service, improperly handles a Registry Restore Key function, aka 'Windows Power Service Elevation of Privilege Vulnerability'. | 7.8 |
| 2019-10-10 | CVE-2019-1340 | Unspecified vulnerability in Microsoft products An elevation of privilege vulnerability exists in Windows AppX Deployment Server that allows file creation in arbitrary locations.To exploit the vulnerability, an attacker would first have to log on to the system, aka 'Microsoft Windows Elevation of Privilege Vulnerability'. | 7.8 |
| 2019-10-10 | CVE-2019-1339 | Link Following vulnerability in Microsoft products An elevation of privilege vulnerability exists when Windows Error Reporting manager improperly handles hard links, aka 'Windows Error Reporting Manager Elevation of Privilege Vulnerability'. | 7.8 |