|
222531
|
5.5 |
MEDIUM
Local
|
microsoft
|
open_enclave_software_development_kit
|
An information disclosure vulnerability exists when affected Open Enclave SDK versions improperly handle objects in memory, aka 'Open Enclave SDK Information Disclosure Vulnerability'.
|
CWE-200
Information Exposure
|
CVE-2019-1370
|
2024-11-21 13:36 |
2019-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222532
|
5.3 |
MEDIUM
Network
|
microsoft
|
windows_10
windows_server_2016
windows_server_2019
|
An information disclosure vulnerability exists when the Windows TCP/IP stack improperly handles IPv6 flowlabel filled in packets, aka 'Windows TCP/IP Information Disclosure Vulnerability'.
|
CWE-200
Information Exposure
|
CVE-2019-1324
|
2024-11-21 13:36 |
2019-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222533
|
6.8 |
MEDIUM
Network
|
microsoft
|
windows_server_2016
windows_10
windows_server_2019
|
A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system, aka 'Windows Hyper…
|
CWE-20
Improper Input Validation
|
CVE-2019-1310
|
2024-11-21 13:36 |
2019-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222534
|
6.8 |
MEDIUM
Network
|
microsoft
|
windows_10
windows_server_2016
windows_server_2019
|
A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system, aka 'Windows Hyper…
|
CWE-20
Improper Input Validation
|
CVE-2019-1309
|
2024-11-21 13:36 |
2019-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222535
|
7.5 |
HIGH
Network
|
microsoft
|
azure_stack
|
A spoofing vulnerability exists when Azure Stack fails to validate certain requests, aka 'Azure Stack Spoofing Vulnerability'.
|
CWE-290
Authentication Bypass by Spoofing
|
CVE-2019-1234
|
2024-11-21 13:36 |
2019-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222536
|
7.8 |
HIGH
Local
|
microsoft
|
windows_10_update_assistant
|
An elevation of privilege vulnerability exists in Windows 10 Update Assistant in the way it handles permissions.A locally authenticated attacker could run arbitrary code with elevated system privileg…
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2019-1378
|
2024-11-21 13:36 |
2019-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222537
|
6.5 |
MEDIUM
Network
|
microsoft
|
sql_server_management_studio
|
An information disclosure vulnerability exists in Microsoft SQL Server Management Studio (SSMS) when it improperly enforces permissions, aka 'SQL Server Management Studio Information Disclosure Vulne…
|
CWE-755
Improper Handling of Exceptional Conditions
|
CVE-2019-1376
|
2024-11-21 13:36 |
2019-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222538
|
5.4 |
MEDIUM
Network
|
microsoft
|
dynamics_365
|
A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server, aka 'Microsoft Dynamic…
|
CWE-79
Cross-site Scripting
|
CVE-2019-1375
|
2024-11-21 13:36 |
2019-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222539
|
7.5 |
HIGH
Network
|
microsoft
|
internet_explorer
|
A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory, aka 'Internet Explorer Memory Corruption Vulnerability'.
|
CWE-787
Out-of-bounds Write
|
CVE-2019-1371
|
2024-11-21 13:36 |
2019-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222540
|
10.0 |
CRITICAL
Network
|
microsoft
|
azure_app_service_on_azure_stack
|
An remote code execution vulnerability exists when Azure App Service/ Antares on Azure Stack fails to check the length of a buffer prior to copying memory to it.An attacker who successfully exploited…
|
NVD-CWE-noinfo
|
CVE-2019-1372
|
2024-11-21 13:36 |
2019-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
