|
222131
|
5.9 |
MEDIUM
Network
|
microsoft
|
windows_server_2008
windows_server_2012
windows_10
windows_8.1
windows_server_2016
windows_7
windows_server_2019
windows_rt_8.1
|
A tampering vulnerability exists in Microsoft Windows when a man-in-the-middle attacker is able to successfully bypass the NTLM MIC (Message Integrity Check) protection, aka 'Windows NTLM Tampering V…
|
CWE-354
Improper Validation of Integrity Check Value
|
CVE-2019-1166
|
2024-11-21 13:36 |
2019-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222132
|
9.8 |
CRITICAL
Network
|
zingbox
|
inspector
|
A security vulnerability exists in Zingbox Inspector version 1.293 and earlier, that allows for remote code execution if the Inspector were sent a malicious command from the Zingbox cloud, or if the …
|
CWE-77
Command Injection
|
CVE-2019-1584
|
2024-11-21 13:36 |
2019-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222133
|
7.5 |
HIGH
Network
|
microsoft
|
internet_explorer
|
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID i…
|
CWE-787
Out-of-bounds Write
|
CVE-2019-1367
|
2024-11-21 13:36 |
2019-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222134
|
7.5 |
HIGH
Network
|
microsoft
|
windows_defender
forefront_endpoint_protection_2010
security_essentials
system_center_endpoint_protection
|
A denial of service vulnerability exists when Microsoft Defender improperly handles files, aka 'Microsoft Defender Denial of Service Vulnerability'.
|
NVD-CWE-noinfo
|
CVE-2019-1255
|
2024-11-21 13:36 |
2019-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222135
|
9.8 |
CRITICAL
Network
|
microsoft
|
team_foundation_server
azure_devops_server
|
A remote code execution vulnerability exists when Azure DevOps Server (ADO) and Team Foundation Server (TFS) fail to validate input properly, aka 'Azure DevOps and Team Foundation Server Remote Code …
|
CWE-20
Improper Input Validation
|
CVE-2019-1306
|
2024-11-21 13:36 |
2019-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222136
|
5.4 |
MEDIUM
Network
|
microsoft
|
team_foundation_server
azure_devops_server
|
A Cross-site Scripting (XSS) vulnerability exists when Team Foundation Server does not properly sanitize user provided input, aka 'Team Foundation Server Cross-site Scripting Vulnerability'.
|
CWE-79
Cross-site Scripting
|
CVE-2019-1305
|
2024-11-21 13:36 |
2019-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222137
|
7.8 |
HIGH
Local
|
microsoft
|
windows_10
windows_server_2016
windows_server_2019
|
An elevation of privilege vulnerability exists when the Windows AppX Deployment Server improperly handles junctions.To exploit this vulnerability, an attacker would first have to gain execution on th…
|
NVD-CWE-noinfo
|
CVE-2019-1303
|
2024-11-21 13:36 |
2019-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222138
|
8.8 |
HIGH
Network
|
microsoft
|
asp.net_core
|
An elevation of privilege vulnerability exists when a ASP.NET Core web application, created using vulnerable project templates, fails to properly sanitize web requests, aka 'ASP.NET Core Elevation Of…
|
CWE-20
Improper Input Validation
|
CVE-2019-1302
|
2024-11-21 13:36 |
2019-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222139
|
7.5 |
HIGH
Network
|
microsoft
|
powershell_core
.net_core
|
A denial of service vulnerability exists when .NET Core improperly handles web requests, aka '.NET Core Denial of Service Vulnerability'.
|
NVD-CWE-noinfo
|
CVE-2019-1301
|
2024-11-21 13:36 |
2019-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222140
|
7.5 |
HIGH
Network
|
microsoft
|
edge
chakracore
|
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. Th…
|
CWE-787
Out-of-bounds Write
|
CVE-2019-1300
|
2024-11-21 13:36 |
2019-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
