Filtered by vendor Microsoft
Subscribe
Total
17397 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-1449 | 1 Microsoft | 2 Office, Office 365 Proplus | 2020-08-24 | 10.0 HIGH | 9.8 CRITICAL |
| A security feature bypass vulnerability exists in the way that Office Click-to-Run (C2R) components handle a specially crafted file, which could lead to a standard user, any AppContainer sandbox, and Office LPAC Protected View to escalate privileges to SYSTEM.To exploit this bug, an attacker would have to run a specially crafted file, aka 'Microsoft Office ClickToRun Security Feature Bypass Vulnerability'. | |||||
| CVE-2019-7125 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Mac Os X and 1 more | 2020-08-24 | 9.3 HIGH | 8.8 HIGH |
| Adobe Acrobat and Reader versions 2019.010.20098 and earlier, 2019.010.20098 and earlier, 2017.011.30127 and earlier version, and 2015.006.30482 and earlier have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution . | |||||
| CVE-2019-1438 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2020-08-24 | 7.2 HIGH | 7.8 HIGH |
| An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handles objects in memory, aka 'Windows Graphics Component Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1407, CVE-2019-1433, CVE-2019-1435, CVE-2019-1437. | |||||
| CVE-2019-1437 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2020-08-24 | 7.2 HIGH | 7.8 HIGH |
| An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handles objects in memory, aka 'Windows Graphics Component Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1407, CVE-2019-1433, CVE-2019-1435, CVE-2019-1438. | |||||
| CVE-2019-1456 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2020-08-24 | 6.8 MEDIUM | 8.8 HIGH |
| A remote code execution vulnerability exists in Microsoft Windows when the Windows Adobe Type Manager Library improperly handles specially crafted OpenType fonts, aka 'OpenType Font Parsing Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1419. | |||||
| CVE-2019-1432 | 1 Microsoft | 5 Windows 7, Windows 8.1, Windows Rt 8.1 and 2 more | 2020-08-24 | 4.3 MEDIUM | 6.5 MEDIUM |
| An information disclosure vulnerability exists when DirectWrite improperly discloses the contents of its memory, aka 'DirectWrite Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1411. | |||||
| CVE-2019-1430 | 1 Microsoft | 2 Windows 10, Windows Server 2016 | 2020-08-24 | 9.3 HIGH | 7.8 HIGH |
| A remote code execution vulnerability exists when Windows Media Foundation improperly parses specially crafted QuickTime media files.An attacker who successfully exploited this vulnerability could gain the same user rights as the local user, aka 'Microsoft Windows Media Foundation Remote Code Execution Vulnerability'. | |||||
| CVE-2019-1429 | 1 Microsoft | 9 Internet Explorer, Windows 10, Windows 7 and 6 more | 2020-08-24 | 7.6 HIGH | 7.5 HIGH |
| A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1426, CVE-2019-1427, CVE-2019-1428. | |||||
| CVE-2019-1428 | 1 Microsoft | 5 Chakracore, Edge, Windows 10 and 2 more | 2020-08-24 | 7.6 HIGH | 7.5 HIGH |
| A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge (HTML-based), aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1426, CVE-2019-1427, CVE-2019-1429. | |||||
| CVE-2019-1433 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2020-08-24 | 7.2 HIGH | 7.8 HIGH |
| An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handles objects in memory, aka 'Windows Graphics Component Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1407, CVE-2019-1435, CVE-2019-1437, CVE-2019-1438. | |||||
| CVE-2019-1427 | 1 Microsoft | 4 Chakracore, Edge, Windows 10 and 1 more | 2020-08-24 | 7.6 HIGH | 7.5 HIGH |
| A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge (HTML-based), aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1426, CVE-2019-1428, CVE-2019-1429. | |||||
| CVE-2019-1426 | 1 Microsoft | 5 Chakracore, Edge, Windows 10 and 2 more | 2020-08-24 | 7.6 HIGH | 7.5 HIGH |
| A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge (HTML-based), aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1427, CVE-2019-1428, CVE-2019-1429. | |||||
| CVE-2019-1425 | 1 Microsoft | 2 Visual Studio 2017, Visual Studio 2019 | 2020-08-24 | 5.8 MEDIUM | 6.5 MEDIUM |
| An elevation of privilege vulnerability exists when Visual Studio fails to properly validate hardlinks while extracting archived files, aka 'Visual Studio Elevation of Privilege Vulnerability'. | |||||
| CVE-2019-1423 | 1 Microsoft | 1 Windows 10 | 2020-08-24 | 4.6 MEDIUM | 7.8 HIGH |
| An elevation of privilege vulnerability exists in the way that the StartTileData.dll handles file creation in protected locations, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1420, CVE-2019-1422. | |||||
| CVE-2019-1422 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2020-08-24 | 4.6 MEDIUM | 7.8 HIGH |
| An elevation of privilege vulnerability exists in the way that the iphlpsvc.dll handles file creation allowing for a file overwrite, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1420, CVE-2019-1423. | |||||
| CVE-2019-14215 | 2 Foxitsoftware, Microsoft | 2 Phantompdf, Windows | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in Foxit PhantomPDF before 8.3.11. The application could crash when calling xfa.event.rest XFA JavaScript due to accessing a wild pointer. | |||||
| CVE-2019-14214 | 2 Foxitsoftware, Microsoft | 2 Phantompdf, Windows | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in Foxit PhantomPDF before 8.3.10. The application could be exposed to a JavaScript Denial of Service when deleting pages in a document that contains only one page by calling a "t.hidden = true" function. | |||||
| CVE-2019-14210 | 2 Foxitsoftware, Microsoft | 2 Phantompdf, Windows | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in Foxit PhantomPDF before 8.3.10. The application could be exposed to Memory Corruption due to the use of an invalid pointer copy, resulting from a destructed string object. | |||||
| CVE-2019-14209 | 2 Foxitsoftware, Microsoft | 2 Phantompdf, Windows | 2020-08-24 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in Foxit PhantomPDF before 8.3.10. The application could be exposed to Heap Corruption due to data desynchrony when adding AcroForm. | |||||
| CVE-2019-1420 | 1 Microsoft | 6 Windows 10, Windows 7, Windows 8.1 and 3 more | 2020-08-24 | 4.6 MEDIUM | 7.8 HIGH |
| An elevation of privilege vulnerability exists in the way that the dssvc.dll handles file creation allowing for a file overwrite or creation in a secured location, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1422, CVE-2019-1423. | |||||