Vulnerabilities > Microsoft > Windows > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-11-14 | CVE-2018-19279 | Cleartext Storage of Sensitive Information vulnerability in Primx Zonecentral PRIMX ZoneCentral before 6.1.2236 on Windows sometimes leaks the plaintext of NTFS files. | 2.1 |
| 2018-11-09 | CVE-2018-1799 | Unspecified vulnerability in IBM DB2 IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 could allow a local unprivileged user to overwrite files on the system which could cause damage to the database. | 3.6 |
| 2018-11-08 | CVE-2018-15437 | Resource Exhaustion vulnerability in Cisco products A vulnerability in the system scanning component of Cisco Immunet and Cisco Advanced Malware Protection (AMP) for Endpoints running on Microsoft Windows could allow a local attacker to disable the scanning functionality of the product. | 2.1 |
| 2018-10-17 | CVE-2018-3283 | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Logging). | 3.5 |
| 2018-06-11 | CVE-2016-5293 | Improper Input Validation vulnerability in multiple products When the Mozilla Updater is run, if the Updater's log file in the working directory points to a hardlink, data can be appended to an arbitrary local file. | 2.1 |
| 2018-06-11 | CVE-2016-5294 | Improper Input Validation vulnerability in Mozilla Firefox, Firefox ESR and Thunderbird The Mozilla Updater can be made to choose an arbitrary target working directory for output files resulting from the update process. | 2.1 |
| 2018-06-11 | CVE-2017-5409 | Improper Privilege Management vulnerability in Mozilla Firefox and Firefox ESR The Mozilla Windows updater can be called by a non-privileged user to delete an arbitrary local file by passing a special path to the callback parameter through the Mozilla Maintenance Service, which has privileged access. | 3.6 |
| 2018-06-11 | CVE-2017-7761 | Incorrect Default Permissions vulnerability in Mozilla Firefox and Firefox ESR The Mozilla Maintenance Service "helper.exe" application creates a temporary directory writable by non-privileged users. | 3.6 |
| 2018-06-11 | CVE-2017-7767 | Improper Privilege Management vulnerability in Mozilla Firefox and Firefox ESR The Mozilla Maintenance Service can be invoked by an unprivileged user to overwrite arbitrary files with junk data using the Mozilla Windows Updater, which runs with the Maintenance Service's privileged access. | 2.1 |
| 2018-06-11 | CVE-2017-7768 | Information Exposure vulnerability in Mozilla Firefox and Firefox ESR The Mozilla Maintenance Service can be invoked by an unprivileged user to read 32 bytes of any arbitrary file on the local system by convincing the service that it is reading a status file provided by the Mozilla Windows Updater. | 2.1 |