Vulnerabilities > Microsoft > Windows
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-06-21 | CVE-2019-12572 | Uncontrolled Search Path Element vulnerability in Londontrustmedia Private Internet Access 1.0.2 A vulnerability in the London Trust Media Private Internet Access (PIA) VPN Client 1.0.2 (build 02363) for Windows could allow an authenticated, local attacker to run arbitrary code with elevated privileges. | 7.2 |
| 2019-06-18 | CVE-2019-7588 | Incorrect Default Permissions vulnerability in Exacq Enterprise System Manager 5.12.2 A vulnerability in the exacqVision Enterprise System Manager (ESM) v5.12.2 application whereby unauthorized privilege escalation can potentially be achieved. | 6.9 |
| 2019-06-17 | CVE-2018-19450 | Command Injection vulnerability in Foxitsoftware Foxit PDF SDK Activex A command injection can occur for specially crafted PDF files in Foxit Reader SDK (ActiveX) 5.4.0.1031 when parsing a launch action. | 6.8 |
| 2019-06-17 | CVE-2018-19449 | Out-of-bounds Write vulnerability in Foxitsoftware Foxit PDF SDK Activex A File Write can occur for specially crafted PDF files in Foxit Reader SDK (ActiveX) Professional 5.4.0.1031 when the JavaScript API Doc.exportAsFDF is used. | 6.8 |
| 2019-06-17 | CVE-2018-19448 | Out-of-bounds Write vulnerability in Foxitsoftware Foxit PDF SDK Activex In Foxit Reader SDK (ActiveX) Professional 5.4.0.1031, an uninitialized object in IReader_ContentProvider::GetDocEventHandler occurs when embedding the control into Office documents. | 6.8 |
| 2019-06-17 | CVE-2018-19447 | Out-of-bounds Write vulnerability in Foxitsoftware Foxit PDF SDK Activex A stack-based buffer overflow can occur for specially crafted PDF files in Foxit Reader SDK (ActiveX) 5.4.0.1031 when parsing the URI string. | 6.8 |
| 2019-06-17 | CVE-2018-19446 | Incorrect Permission Assignment for Critical Resource vulnerability in Foxitsoftware Foxit PDF SDK Activex A File Write can occur for specially crafted PDF files in Foxit Reader SDK (ActiveX) Professional 5.4.0.1031 when the JavaScript API Doc.createDataObject is used. | 6.8 |
| 2019-06-17 | CVE-2018-19445 | Command Injection vulnerability in Foxitsoftware Foxit PDF SDK Activex A command injection can occur for specially crafted PDF files in Foxit Reader SDK (ActiveX) Professional 5.4.0.1031 when the JavaScript API app.launchURL is used. | 6.8 |
| 2019-06-17 | CVE-2018-19444 | Use After Free vulnerability in Foxitsoftware Foxit PDF SDK Activex A use after free in the TextBox field Validate action in IReader_ContentProvider can occur for specially crafted PDF files in Foxit Reader SDK (ActiveX) Professional 5.4.0.1031. | 6.8 |
| 2019-06-17 | CVE-2019-12476 | Weak Password Recovery Mechanism for Forgotten Password vulnerability in Zohocorp Manageengine Adselfservice Plus 4.5/5.0 An authentication bypass vulnerability in the password reset functionality in Zoho ManageEngine ADSelfService Plus before 5.0.6 allows an attacker with physical access to gain a shell with SYSTEM privileges via the restricted thick client browser. | 7.2 |