Vulnerabilities > Microsoft > Windows > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-06-18 | CVE-2019-7588 | Incorrect Default Permissions vulnerability in Exacq Enterprise System Manager 5.12.2 A vulnerability in the exacqVision Enterprise System Manager (ESM) v5.12.2 application whereby unauthorized privilege escalation can potentially be achieved. | 6.9 |
| 2019-06-17 | CVE-2018-19450 | Command Injection vulnerability in Foxitsoftware Foxit PDF SDK Activex A command injection can occur for specially crafted PDF files in Foxit Reader SDK (ActiveX) 5.4.0.1031 when parsing a launch action. | 6.8 |
| 2019-06-17 | CVE-2018-19449 | Out-of-bounds Write vulnerability in Foxitsoftware Foxit PDF SDK Activex A File Write can occur for specially crafted PDF files in Foxit Reader SDK (ActiveX) Professional 5.4.0.1031 when the JavaScript API Doc.exportAsFDF is used. | 6.8 |
| 2019-06-17 | CVE-2018-19448 | Out-of-bounds Write vulnerability in Foxitsoftware Foxit PDF SDK Activex In Foxit Reader SDK (ActiveX) Professional 5.4.0.1031, an uninitialized object in IReader_ContentProvider::GetDocEventHandler occurs when embedding the control into Office documents. | 6.8 |
| 2019-06-17 | CVE-2018-19447 | Out-of-bounds Write vulnerability in Foxitsoftware Foxit PDF SDK Activex A stack-based buffer overflow can occur for specially crafted PDF files in Foxit Reader SDK (ActiveX) 5.4.0.1031 when parsing the URI string. | 6.8 |
| 2019-06-17 | CVE-2018-19446 | Incorrect Permission Assignment for Critical Resource vulnerability in Foxitsoftware Foxit PDF SDK Activex A File Write can occur for specially crafted PDF files in Foxit Reader SDK (ActiveX) Professional 5.4.0.1031 when the JavaScript API Doc.createDataObject is used. | 6.8 |
| 2019-06-17 | CVE-2018-19445 | Command Injection vulnerability in Foxitsoftware Foxit PDF SDK Activex A command injection can occur for specially crafted PDF files in Foxit Reader SDK (ActiveX) Professional 5.4.0.1031 when the JavaScript API app.launchURL is used. | 6.8 |
| 2019-06-17 | CVE-2018-19444 | Use After Free vulnerability in Foxitsoftware Foxit PDF SDK Activex A use after free in the TextBox field Validate action in IReader_ContentProvider can occur for specially crafted PDF files in Foxit Reader SDK (ActiveX) Professional 5.4.0.1031. | 6.8 |
| 2019-06-07 | CVE-2018-19452 | Use After Free vulnerability in Foxitsoftware Foxit PDF SDK Activex A use after free in the TextBox field Mouse Enter action in IReader_ContentProvider can occur for specially crafted PDF files in Foxit Reader SDK (ActiveX) Professional 5.4.0.1031. | 6.8 |
| 2019-06-07 | CVE-2018-19451 | Command Injection vulnerability in Foxitsoftware Foxit PDF SDK Activex A command injection can occur for specially crafted PDF files in Foxit Reader SDK (ActiveX) Professional 5.4.0.1031 when using the Open File action on a Field. | 6.8 |