Skip to main content
CVE-2019-1075 MEDIUM PATCH This Month

A spoofing vulnerability exists in ASP.NET Core that could lead to an open redirect, aka 'ASP.NET Core Spoofing Vulnerability'. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Open Redirect Asp Net Core
NVD
CVSS 3.0
6.1
EPSS
2.6%
CVE-2019-1112 MEDIUM PATCH This Month

An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory, aka 'Microsoft Excel Information Disclosure Vulnerability'. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Microsoft Information Disclosure Office Office 365 Proplus
NVD
CVSS 3.0
5.5
EPSS
8.7%
CVE-2019-1097 MEDIUM PATCH This Month

An information disclosure vulnerability exists when DirectWrite improperly discloses the contents of its memory, aka 'DirectWrite Information Disclosure Vulnerability'. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Windows 10 Windows 7 Windows 8 1 Windows Rt 8 1 +4
NVD
CVSS 3.0
5.5
EPSS
1.7%
CVE-2019-1096 MEDIUM PATCH This Month

An information disclosure vulnerability exists when the win32k component improperly provides kernel information, aka 'Win32k Information Disclosure Vulnerability'. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Windows 10 Windows 7 Windows 8 1 Windows Rt 8 1 +4
NVD
CVSS 3.0
5.5
EPSS
4.8%
CVE-2019-1093 MEDIUM PATCH This Month

An information disclosure vulnerability exists when DirectWrite improperly discloses the contents of its memory, aka 'DirectWrite Information Disclosure Vulnerability'. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Windows 10 Windows 7 Windows 8 1 Windows Rt 8 1 +4
NVD
CVSS 3.0
5.5
EPSS
1.7%
CVE-2019-1091 MEDIUM PATCH This Month

An information disclosure vulnerability exists when Unistore.dll fails to properly handle objects in memory, aka 'Microsoft unistore.dll Information Disclosure Vulnerability'. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Microsoft Information Disclosure Windows 10 Windows Server 2016 Windows Server 2019
NVD
CVSS 3.0
5.5
EPSS
2.0%
CVE-2019-1074 MEDIUM PATCH This Month

An elevation of privilege vulnerability exists in Microsoft Windows where certain folders, with local service privilege, are vulnerable to symbolic link attack. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Authentication Bypass Microsoft Windows 10 Windows Server 2016 Windows Server 2019
NVD
CVSS 3.0
5.5
EPSS
1.6%
CVE-2019-1073 MEDIUM PATCH This Month

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.0
5.5
EPSS
2.6%
CVE-2019-1071 MEDIUM PATCH This Month

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Microsoft Information Disclosure Windows 10 Windows 7 Windows 8 1 +5
NVD
CVSS 3.0
5.5
EPSS
2.6%
CVE-2019-1137 MEDIUM PATCH This Month

A cross-site-scripting (XSS) vulnerability exists when Microsoft Exchange Server does not properly sanitize a specially crafted web request to an affected Exchange server, aka 'Microsoft Exchange. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Microsoft Exchange Server
NVD
CVSS 3.1
5.4
EPSS
1.6%
CVE-2019-1134 MEDIUM PATCH This Month

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Microsoft Sharepoint Enterprise Server Sharepoint Server
NVD
CVSS 3.1
5.4
EPSS
1.6%
CVE-2019-1076 MEDIUM PATCH This Month

A Cross-site Scripting (XSS) vulnerability exists when Team Foundation Server does not properly sanitize user provided input, aka 'Team Foundation Server Cross-site Scripting Vulnerability'. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

XSS Team Foundation Server Azure Devops Server
NVD
CVSS 3.0
5.4
EPSS
1.6%
CVE-2019-1126 MEDIUM PATCH This Month

A security feature bypass vulnerability exists in Active Directory Federation Services (ADFS) which could allow an attacker to bypass the extranet lockout policy.To exploit this vulnerability, an. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Windows Server 2012 Windows Server 2016 Windows Server 2019
NVD
CVSS 3.0
5.3
EPSS
4.9%
CVE-2019-1077 MEDIUM PATCH This Month

An elevation of privilege vulnerability exists when the Visual Studio updater service improperly handles file permissions, aka 'Visual Studio Elevation of Privilege Vulnerability'. Rated medium severity (CVSS 5.0), this vulnerability is low attack complexity.

Information Disclosure Visual Studio 2017 Visual Studio 2019
NVD
CVSS 3.0
5.0
EPSS
1.8%
CVE-2019-0962 MEDIUM PATCH This Month

An elevation of privilege vulnerability exists in Azure Automation "RunAs account" runbooks for users with contributor role, aka 'Azure Automation Elevation of Privilege Vulnerability'. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity.

Microsoft Information Disclosure Azure Automation
NVD
CVSS 3.0
4.9
EPSS
4.3%
Prev Page 3 of 3

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy