Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.

Latest Critical Actively Exploited Remotely Exploitable

7.6

HIGH

CVE-2019-1003

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the co...

Affected Products : edge windows_10 windows_server_2016 chakracore windows_server_2019
Published: Jun. 12, 2019

Modified: May. 20, 2025
7.6

HIGH

CVE-2019-1002

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the co...

Affected Products : edge windows_10 windows_server_2016
Published: Jun. 12, 2019

Modified: May. 20, 2025
7.8

HIGH

CVE-2019-0998

An elevation of privilege vulnerability exists when the Storage Service improperly handles file operations. An attacker who successfully exploited this vulnerability could gain elevated privileges on the victim system. To exploit the vulnerability, an att...

Affected Products : windows_10 windows_server_2016 windows_server_2019 windows_server windows_10_1809 windows windows_server_1803 windows_server_1903
Published: Jun. 12, 2019

Modified: May. 20, 2025
6.5

MEDIUM

CVE-2019-0996

A spoofing vulnerability exists in Azure DevOps Server when it improperly handles requests to authorize applications, resulting in a cross-site request forgery. An attacker who successfully exploited this vulnerability could bypass OAuth protections and r...

Affected Products : azure_devops_server
Published: Jun. 12, 2019

Modified: May. 20, 2025
7.6

HIGH

CVE-2019-0993

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the co...

Affected Products : edge windows_10 windows_server_2016 chakracore windows_server_2019
Published: Jun. 12, 2019

Modified: May. 20, 2025
7.6

HIGH

CVE-2019-0992

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the co...

Affected Products : edge windows_10 windows_server_2016 windows_server_2019
Published: Jun. 12, 2019

Modified: May. 20, 2025
7.6

HIGH

CVE-2019-0991

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the co...

Affected Products : edge windows_10 windows_server_2016 chakracore windows_server_2019
Published: Jun. 12, 2019

Modified: May. 20, 2025
6.5

MEDIUM

CVE-2019-0990

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the co...

Affected Products : edge windows_10 windows_server_2016 chakracore windows_server_2019
Published: Jun. 12, 2019

Modified: May. 20, 2025
7.6

HIGH

CVE-2019-0989

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the co...

Affected Products : edge windows_10 windows_server_2016 chakracore windows_server_2019
Published: Jun. 12, 2019

Modified: May. 20, 2025
7.6

HIGH

CVE-2019-0988

A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current ...

Affected Products : edge windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 internet_explorer
Published: Jun. 12, 2019

Modified: May. 20, 2025
7.1

HIGH

CVE-2019-0986

An elevation of privilege vulnerability exists when the Windows User Profile Service (ProfSvc) improperly handles symlinks. An attacker who successfully exploited this vulnerability could delete files and folders in an elevated context. To exploit this vu...

Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_server windows_10_1607 +8 more products
Published: Jun. 12, 2019

Modified: May. 20, 2025
7.8

HIGH

CVE-2019-0985

A remote code execution vulnerability exists when the Microsoft Speech API (SAPI) improperly handles text-to-speech (TTS) input. The vulnerability could corrupt memory in a way that enables an attacker to execute arbitrary code in the context of the curre...

Affected Products : windows_7 windows_server_2008 windows_server windows windows_server_2008_r2
Published: Jun. 12, 2019

Modified: May. 20, 2025
7.8

HIGH

CVE-2019-0984

An elevation of privilege vulnerability exists when the Windows Common Log File System (CLFS) driver improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context. To exploit the...

Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_server windows_10_1607 +8 more products
Published: Jun. 12, 2019

Modified: May. 20, 2025
7.8

HIGH

CVE-2019-0983

An elevation of privilege vulnerability exists when the Storage Service improperly handles file operations. An attacker who successfully exploited this vulnerability could gain elevated privileges on the victim system. To exploit the vulnerability, an att...

Affected Products : windows_10 windows_server_2016 windows_server_2019 windows_server windows_10_1607 windows_10_1809 windows windows_server_1803 windows_server_1903
Published: Jun. 12, 2019

Modified: May. 20, 2025
6.5

MEDIUM

CVE-2019-0977

An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. There...

Affected Products : windows_7 windows_server_2008 windows_server windows windows_server_2008_r2 windows_server_2008_sp2
Published: Jun. 12, 2019

Modified: May. 20, 2025
9.3

HIGH

CVE-2019-0974

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit th...

Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_server windows_10_1607 +8 more products
Published: Jun. 12, 2019

Modified: May. 20, 2025
7.8

HIGH

CVE-2019-0973

An elevation of privilege vulnerability exists in the Windows Installer when the Windows Installer fails to properly sanitize input leading to an insecure library loading behavior. A locally authenticated attacker could run arbitrary code with elevated sy...

Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_server windows_10_1607 +8 more products
Published: Jun. 12, 2019

Modified: May. 20, 2025
6.8

MEDIUM

CVE-2019-0972

This security update corrects a denial of service in the Local Security Authority Subsystem Service (LSASS) caused when an authenticated attacker sends a specially crafted authentication request. A remote attacker who successfully exploited this vulnerabi...

Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_server windows_10_1607 +8 more products
Published: Jun. 12, 2019

Modified: May. 20, 2025
6.5

MEDIUM

CVE-2019-0968

An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. There...

Affected Products : windows_7 windows_server_2008 windows_server windows windows_server_2008_r2 windows_server_2008_sp2
Published: Jun. 12, 2019

Modified: May. 20, 2025
7.8

HIGH

CVE-2019-0960

An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then insta...

Affected Products : windows_7 windows_server_2008 windows_server windows windows_server_2008_r2 windows_server_2008_sp2
Published: Jun. 12, 2019

Modified: May. 20, 2025

Showing 20 of 292768 Results

1
...
1204
1205
1206
1207
1208
1209
1210
...
14639

Browse by Apps

Latest CVE Feed

7.6

7.6

7.8

6.5

7.6

7.6

7.6

6.5

7.6

7.6

7.1

7.8

7.8

7.8

6.5

9.3

7.8

6.8

6.5

7.8

Theme Customizer

Layout

Vertical

Horizontal

Two Column

Color Scheme

Light

Dark

Layout Width

Fluid

Boxed

Layout Position

Topbar Color

Light

Dark

Sidebar Size

Default

Compact

Small (Icon View)

Small Hover View

Sidebar View

Default

Detached

Sidebar Color

Light

Dark

Gradient

Preloader

Enable

Disable