Latest CVE Feed
-
7.8
HIGHCVE-2019-0983
An elevation of privilege vulnerability exists when the Storage Service improperly handles file operations. An attacker who successfully exploited this vulnerability could gain elevated privileges on the victim system. To exploit the vulnerability, an att... Read more
- Published: Jun. 12, 2019
- Modified: May. 20, 2025
-
6.5
MEDIUMCVE-2019-0977
An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. There... Read more
Affected Products : windows_7 windows_server_2008 windows_server windows windows_server_2008_r2 windows_server_2008_sp2- Published: Jun. 12, 2019
- Modified: May. 20, 2025
-
9.3
HIGHCVE-2019-0974
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit th... Read more
Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_server windows_10_1607 +8 more products- Published: Jun. 12, 2019
- Modified: May. 20, 2025
-
7.8
HIGHCVE-2019-0973
An elevation of privilege vulnerability exists in the Windows Installer when the Windows Installer fails to properly sanitize input leading to an insecure library loading behavior. A locally authenticated attacker could run arbitrary code with elevated sy... Read more
Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_server windows_10_1607 +8 more products- Published: Jun. 12, 2019
- Modified: May. 20, 2025
-
6.8
MEDIUMCVE-2019-0972
This security update corrects a denial of service in the Local Security Authority Subsystem Service (LSASS) caused when an authenticated attacker sends a specially crafted authentication request. A remote attacker who successfully exploited this vulnerabi... Read more
Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_server windows_10_1607 +8 more products- Published: Jun. 12, 2019
- Modified: May. 20, 2025
-
6.5
MEDIUMCVE-2019-0968
An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. There... Read more
Affected Products : windows_7 windows_server_2008 windows_server windows windows_server_2008_r2 windows_server_2008_sp2- Published: Jun. 12, 2019
- Modified: May. 20, 2025
-
7.8
HIGHCVE-2019-0960
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then insta... Read more
Affected Products : windows_7 windows_server_2008 windows_server windows windows_server_2008_r2 windows_server_2008_sp2- Published: Jun. 12, 2019
- Modified: May. 20, 2025
-
7.8
HIGHCVE-2019-0959
An elevation of privilege vulnerability exists when the Windows Common Log File System (CLFS) driver improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context. To exploit the... Read more
- Published: Jun. 12, 2019
- Modified: May. 20, 2025
-
5.5
MEDIUMCVE-2019-0948
An information disclosure vulnerability exists in the Windows Event Viewer (eventvwr.msc) when it improperly parses XML input containing a reference to an external entity. An attacker who successfully exploited this vulnerability could read arbitrary file... Read more
Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_server windows_10_1607 +8 more products- Published: Jun. 12, 2019
- Modified: May. 20, 2025
-
7.8
HIGHCVE-2019-0943
An elevation of privilege vulnerability exists when Windows improperly handles calls to Advanced Local Procedure Call (ALPC). An attacker who successfully exploited this vulnerability could run arbitrary code in the security context of the local system. A... Read more
Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_server windows_10_1607 +7 more products- Published: Jun. 12, 2019
- Modified: May. 20, 2025
-
7.5
HIGHCVE-2019-0941
A denial of service exists in Microsoft IIS Server when the optional request filtering feature improperly handles requests. An attacker who successfully exploited this vulnerability could perform a temporary denial of service against pages configured to u... Read more
Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_server windows_10_1607 +9 more products- Published: Jun. 12, 2019
- Modified: May. 20, 2025
-
7.6
HIGHCVE-2019-0920
A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current ... Read more
- Published: Jun. 12, 2019
- Modified: May. 20, 2025
-
9.3
HIGHCVE-2019-0909
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit th... Read more
Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_server windows_10_1607 +8 more products- Published: Jun. 12, 2019
- Modified: May. 20, 2025
-
9.3
HIGHCVE-2019-0908
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit th... Read more
Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_server windows_10_1607 +8 more products- Published: Jun. 12, 2019
- Modified: May. 20, 2025
-
9.3
HIGHCVE-2019-0907
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit th... Read more
Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_server windows_10_1607 +8 more products- Published: Jun. 12, 2019
- Modified: May. 20, 2025
-
9.3
HIGHCVE-2019-0906
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit th... Read more
Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_server windows_10_1607 +8 more products- Published: Jun. 12, 2019
- Modified: May. 20, 2025
-
9.3
HIGHCVE-2019-0905
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit th... Read more
Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_server windows_10_1607 +8 more products- Published: Jun. 12, 2019
- Modified: May. 20, 2025
-
9.3
HIGHCVE-2019-0904
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit th... Read more
Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_server windows_10_1607 +8 more products- Published: Jun. 12, 2019
- Modified: May. 20, 2025
-
9.3
HIGHCVE-2019-0888
A remote code execution vulnerability exists in the way that ActiveX Data Objects (ADO) handle objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code with the victim user’s privileges. An attacker could cr... Read more
Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_server windows_10_1607 +8 more products- Published: Jun. 12, 2019
- Modified: May. 20, 2025
-
9.0
HIGHCVE-2019-0722
A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker could run a specially crafted application... Read more
Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_server windows_10_1607 +9 more products- Published: Jun. 12, 2019
- Modified: May. 20, 2025