Vulnerabilities > Microsoft > Windows
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-03-16 | CVE-2019-4719 | Unspecified vulnerability in IBM MQ, MQ Appliance and Websphere MQ IBM MQ and IBM MQ Appliance 7.1, 7.5, 8.0, 9.0 LTS, 9.1 LTS, and 9.1 CD could allow a local attacker to obtain sensitive information by inclusion of sensitive data within runmqras data. | 2.1 |
| 2020-03-16 | CVE-2019-4619 | Information Exposure Through an Error Message vulnerability in IBM MQ, MQ Appliance and Websphere MQ IBM MQ and IBM MQ Appliance 7.1, 7.5, 8.0, 9.0 LTS, 9.1 LTS, and 9.1 CD could allow a local attacker to obtain sensitive information by inclusion of sensitive data within trace. | 2.1 |
| 2020-02-20 | CVE-2019-14688 | Uncontrolled Search Path Element vulnerability in Trendmicro products Trend Micro has repackaged installers for several Trend Micro products that were found to utilize a version of an install package that had a DLL hijack vulnerability that could be exploited during a new product installation. | 5.1 |
| 2020-02-16 | CVE-2019-20456 | Untrusted Search Path vulnerability in Goverlan Client Agent, Reach Console and Reach Server Goverlan Reach Console before 9.50, Goverlan Reach Server before 3.50, and Goverlan Client Agent before 9.20.50 have an Untrusted Search Path that leads to Command Injection and Local Privilege Escalation via DLL hijacking. | 4.4 |
| 2020-02-14 | CVE-2018-21033 | Improper Input Validation vulnerability in Hitachi products A vulnerability in Hitachi Command Suite prior to 8.6.2-00, Hitachi Automation Director prior to 8.6.2-00 and Hitachi Infrastructure Analytics Advisor prior to 4.2.0-00 allow authenticated remote users to load an arbitrary Cascading Style Sheets (CSS) token sequence. | 4.0 |
| 2020-02-14 | CVE-2018-21032 | Information Exposure Through an Error Message vulnerability in Hitachi products A vulnerability in Hitachi Command Suite prior to 8.7.1-00 and Hitachi Automation Director prior to 8.5.0-00 allow authenticated remote users to expose technical information through error messages. | 4.0 |
| 2020-02-12 | CVE-2019-4741 | Server-Side Request Forgery (SSRF) vulnerability in IBM Content Navigator 3.0.0 IBM Content Navigator 3.0CD is vulnerable to Server Side Request Forgery (SSRF). | 5.0 |
| 2020-02-12 | CVE-2019-4427 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Cloud CLI IBM Cloud CLI 0.6.0 through 0.16.1 windows installers are signed using SHA1 certificate. | 5.0 |
| 2020-02-08 | CVE-2015-2062 | SQL Injection vulnerability in Huge-It Slider Multiple SQL injection vulnerabilities in the Huge-IT Slider (slider-image) plugin before 2.7.0 for WordPress allow remote administrators to execute arbitrary SQL commands via the removeslide parameter in a popup_posts or edit_cat action in the sliders_huge_it_slider page to wp-admin/admin.php. | 6.5 |
| 2020-02-03 | CVE-2019-4732 | Untrusted Search Path vulnerability in IBM SDK and Websphere Application Server IBM SDK, Java Technology Edition Version 7.0.0.0 through 7.0.10.55, 7.1.0.0 through 7.1.4.55, and 8.0.0.0 through 8.0.6.0 could allow a local authenticated attacker to execute arbitrary code on the system, caused by DLL search order hijacking vulnerability in Microsoft Windows client. | 6.9 |