Vulnerabilities > Microsoft > Windows

DATE CVE VULNERABILITY TITLE RISK
2019-08-16 CVE-2019-7957 Unspecified vulnerability in Adobe Creative Cloud
Creative Cloud Desktop Application versions 4.6.1 and earlier have a security bypass vulnerability.
network
low complexity
adobe apple microsoft
5.0
2019-08-15 CVE-2019-3974 Unspecified vulnerability in Tenable Nessus
Nessus 8.5.2 and earlier on Windows platforms were found to contain an issue where certain system files could be overwritten arbitrarily, potentially creating a denial of service condition.
network
low complexity
tenable microsoft
8.5
2019-08-13 CVE-2019-12807 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Estsoft Alzip
Alzip 10.83 and earlier version contains a stack-based buffer overflow vulnerability, caused by improper bounds checking during the parsing of crafted ISO archive file format.
6.8
2019-08-13 CVE-2019-12806 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Crosscert Unisign 2.0.4.0
UniSign 2.0.4.0 and earlier version contains a stack-based buffer overflow vulnerability which can overwrite the stack with arbitrary data, due to a buffer overflow in a library.
6.8
2019-08-12 CVE-2019-14935 Incorrect Permission Assignment for Critical Resource vulnerability in 3CX 15
3CX Phone 15 on Windows has insecure permissions on the "%PROGRAMDATA%\3CXPhone for Windows\PhoneApp" installation directory, allowing Full Control access for Everyone, and leading to privilege escalation because of a StartUp link.
local
low complexity
3cx microsoft CWE-732
4.6
2019-08-07 CVE-2019-14743 Incorrect Permission Assignment for Critical Resource vulnerability in Valvesoftware Steam Client
In Valve Steam Client for Windows through 2019-08-07, HKLM\SOFTWARE\Wow6432Node\Valve\Steam has explicit "Full control" for the Users group, which allows local users to gain NT AUTHORITY\SYSTEM access.
local
low complexity
valvesoftware microsoft CWE-732
7.2
2019-08-06 CVE-2019-5687 Incorrect Default Permissions vulnerability in Nvidia GPU Driver
NVIDIA Windows GPU Display Driver (all versions) contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape in which an incorrect use of default permissions for an object exposes it to an unintended actor
local
low complexity
nvidia microsoft CWE-276
3.6
2019-08-06 CVE-2019-5685 Out-of-bounds Write vulnerability in Nvidia GPU Driver
NVIDIA Windows GPU Display Driver (all versions) contains a vulnerability in DirectX drivers, in which a specially crafted shader can cause an out of bounds access to a shader local temporary array, which may lead to denial of service or code execution.
network
low complexity
nvidia microsoft CWE-787
critical
10.0
2019-08-06 CVE-2019-5684 Out-of-bounds Write vulnerability in Nvidia GPU Driver
NVIDIA Windows GPU Display Driver (all versions) contains a vulnerability in DirectX drivers, in which a specially crafted shader can cause an out of bounds access of an input texture array, which may lead to denial of service or code execution.
network
low complexity
nvidia microsoft CWE-787
critical
10.0
2019-08-06 CVE-2019-5683 Link Following vulnerability in Nvidia GPU Driver
NVIDIA Windows GPU Display Driver (all versions) contains a vulnerability in the user mode video driver trace logger component.
local
low complexity
nvidia microsoft CWE-59
7.2