|
222961
|
5.5 |
MEDIUM
Local
|
microsoft
|
windows_server_2008
windows_server_2012
windows_10
windows_8.1
windows_server_2016
windows_7
windows_rt_8.1
|
An information disclosure vulnerability exists when DirectX improperly handles objects in memory, aka 'DirectX Information Disclosure Vulnerability'.
|
CWE-200
Information Exposure
|
CVE-2019-1216
|
2024-11-21 13:36 |
2019-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222962
|
7.8 |
HIGH
Local
|
microsoft
|
windows_server_2008
windows_server_2012
windows_10
windows_8.1
windows_server_2016
windows_server_2019
windows_7
windows_rt_8.1
|
An elevation of privilege vulnerability exists in the way that ws2ifsl.sys (Winsock) handles objects in memory, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019…
|
NVD-CWE-noinfo
|
CVE-2019-1215
|
2024-11-21 13:36 |
2019-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222963
|
7.8 |
HIGH
Local
|
microsoft
|
windows_server_2008
windows_server_2012
windows_10
windows_8.1
windows_server_2016
windows_7
windows_rt_8.1
windows_server_2019
|
An elevation of privilege vulnerability exists when the Windows Common Log File System (CLFS) driver improperly handles objects in memory, aka 'Windows Common Log File System Driver Elevation of Priv…
|
NVD-CWE-noinfo
|
CVE-2019-1214
|
2024-11-21 13:36 |
2019-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222964
|
6.5 |
MEDIUM
Network
|
microsoft
|
lync
|
An information disclosure vulnerability exists in Lync 2013, aka 'Lync 2013 Information Disclosure Vulnerability'.
|
CWE-200
Information Exposure
|
CVE-2019-1209
|
2024-11-21 13:36 |
2019-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222965
|
7.5 |
HIGH
Network
|
microsoft
|
internet_explorer
|
A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'VBScript Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-123…
|
CWE-416
Use After Free
|
CVE-2019-1208
|
2024-11-21 13:36 |
2019-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222966
|
5.5 |
MEDIUM
Local
|
microsoft
|
.net_framework
|
An elevation of privilege vulnerability exists when the .NET Framework common language runtime (CLR) allows file creation in arbitrary locations, aka '.NET Framework Elevation of Privilege Vulnerabil…
|
CWE-22
Path Traversal
|
CVE-2019-1142
|
2024-11-21 13:36 |
2019-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222967
|
7.5 |
HIGH
Network
|
microsoft
|
edge
chakracore
|
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. Th…
|
CWE-787
Out-of-bounds Write
|
CVE-2019-1138
|
2024-11-21 13:36 |
2019-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222968
|
3.7 |
LOW
Network
|
openssl
|
openssl
|
In situations where an attacker receives automated notification of the success or failure of a decryption attempt an attacker, after sending a very large number of messages to be decrypted, can recov…
|
CWE-327
CWE-203
Use of a Broken or Risky Cryptographic Algorithm
Information Exposure Through Discrepancy
|
CVE-2019-1563
|
2024-11-21 13:36 |
2019-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222969
|
5.3 |
MEDIUM
Network
|
openssl
|
openssl
|
OpenSSL 1.1.1 introduced a rewritten random number generator (RNG). This was intended to include protection in the event of a fork() system call in order to ensure that the parent and child processes…
|
CWE-330
Use of Insufficiently Random Values
|
CVE-2019-1549
|
2024-11-21 13:36 |
2019-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
222970
|
4.7 |
MEDIUM
Local
|
openssl
|
openssl
|
Normally in OpenSSL EC groups always have a co-factor present and this is used in side channel resistant code paths. However, in some cases, it is possible to construct a group using explicit paramet…
|
NVD-CWE-noinfo
|
CVE-2019-1547
|
2024-11-21 13:36 |
2019-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
