Vulnerabilities > Microsoft > Windows > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-08-15 | CVE-2019-3974 | Unspecified vulnerability in Tenable Nessus Nessus 8.5.2 and earlier on Windows platforms were found to contain an issue where certain system files could be overwritten arbitrarily, potentially creating a denial of service condition. | 8.5 |
2019-08-07 | CVE-2019-14743 | Incorrect Permission Assignment for Critical Resource vulnerability in Valvesoftware Steam Client In Valve Steam Client for Windows through 2019-08-07, HKLM\SOFTWARE\Wow6432Node\Valve\Steam has explicit "Full control" for the Users group, which allows local users to gain NT AUTHORITY\SYSTEM access. | 7.2 |
2019-08-06 | CVE-2019-5683 | Link Following vulnerability in Nvidia GPU Driver NVIDIA Windows GPU Display Driver (all versions) contains a vulnerability in the user mode video driver trace logger component. | 7.2 |
2019-07-21 | CVE-2019-14209 | Out-of-bounds Write vulnerability in Foxitsoftware Phantompdf An issue was discovered in Foxit PhantomPDF before 8.3.10. | 7.5 |
2019-07-19 | CVE-2019-11989 | Unspecified vulnerability in HP Icewall SSO Agent and MFA Proxy A security vulnerability in HPE IceWall SSO Agent Option and IceWall MFA (Agent module ) could be exploited remotely to cause a denial of service. | 7.1 |
2019-07-18 | CVE-2019-7850 | Command Injection vulnerability in Adobe Campaign 18.10.5.8984 Adobe Campaign Classic version 18.10.5-8984 and earlier versions have a Command injection vulnerability. | 7.5 |
2019-07-12 | CVE-2019-12731 | Improper Privilege Management vulnerability in Mikogo The Windows versions of Snapview Mikogo, versions before 5.10.2 are affected by insecure implementations which allow local attackers to escalate privileges. | 7.2 |
2019-06-21 | CVE-2019-12572 | Uncontrolled Search Path Element vulnerability in Londontrustmedia Private Internet Access 1.0.2 A vulnerability in the London Trust Media Private Internet Access (PIA) VPN Client 1.0.2 (build 02363) for Windows could allow an authenticated, local attacker to run arbitrary code with elevated privileges. | 7.2 |
2019-06-17 | CVE-2019-12476 | Weak Password Recovery Mechanism for Forgotten Password vulnerability in Zohocorp Manageengine Adselfservice Plus 4.5/5.0 An authentication bypass vulnerability in the password reset functionality in Zoho ManageEngine ADSelfService Plus before 5.0.6 allows an attacker with physical access to gain a shell with SYSTEM privileges via the restricted thick client browser. | 7.2 |
2019-05-24 | CVE-2019-7089 | Unspecified vulnerability in Adobe Acrobat DC and Acrobat Reader DC Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have a data leakage (sensitive) vulnerability. | 7.8 |