A remote code execution vulnerability exists when Microsoft Windows OLE fails to properly validate user input, aka ‘Windows OLE Remote Code Execution Vulnerability’. Date published : 2019-05-16 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0885
A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka ‘Scripting Engine Memory Corruption Vulnerability’. This CVE ID is unique from CVE-2019-0911, CVE-2019-0918. Date...
An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka ‘Windows GDI Information Disclosure Vulnerability’. This CVE ID is unique from CVE-2019-0758, CVE-2019-0961. Date published :...
An elevation of privilege vulnerability exists when the Windows Kernel improperly handles key enumeration, aka ‘Windows Kernel Elevation of Privilege Vulnerability’. Date published : 2019-05-16 http://packetstormsecurity.com/files/152988/Microsoft-Windows-CmKeyBodyRemapToVirtualForEnum-Arbitrary-Key-Enumeration.html https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0881
A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server and Team Foundation Server do not properly sanitize user provided input, aka ‘Azure DevOps Server and Team Foundation Server Cross-site Scripting Vulnerability’. This CVE...
A denial of service vulnerability exists when .NET Framework improperly handles objects in heap memory, aka ‘.NET Framework Denial of Service Vulnerability’. Date published : 2019-05-16 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0864
An elevation of privilege vulnerability exists in the way Windows Error Reporting (WER) handles files, aka ‘Windows Error Reporting Elevation of Privilege Vulnerability’. Date published : 2019-05-16 http://packetstormsecurity.com/files/153008/Angry-Polar-Bear-2-Microsoft-Windows-Error-Reporting-Local-Privilege-Escalation.html https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0863
A denial of service vulnerability exists when .NET Framework and .NET Core improperly process RegEx strings, aka ‘.NET Framework and .NET Core Denial of Service Vulnerability’. This CVE ID is unique from CVE-2019-0980, CVE-2019-0981....
An information disclosure vulnerability exists in Microsoft SQL Server Analysis Services when it improperly enforces metadata permissions, aka ‘Microsoft SQL Server Analysis Services Information Disclosure Vulnerability’. Date published : 2019-05-16 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0819
An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka ‘Windows GDI Information Disclosure Vulnerability’. This CVE ID is unique from CVE-2019-0882, CVE-2019-0961. Date published :...
An elevation of privilege vulnerability exists in Microsoft Windows when a man-in-the-middle attacker is able to successfully decode and replace authentication request using Kerberos, allowing an attacker to be validated as an Administrator.The update...
A security feature bypass vulnerability exists in Windows Defender Application Control (WDAC) which could allow an attacker to bypass WDAC enforcement, aka ‘Windows Defender Application Control Security Feature Bypass Vulnerability’. Date published : 2019-05-16...
An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector or the Visual Studio Standard Collector allows file deletion in arbitrary locations.To exploit the vulnerability, an attacker would first have to log...
A memory corruption vulnerability exists in the Windows Server DHCP service when processing specially crafted packets, aka ‘Windows DHCP Server Remote Code Execution Vulnerability’. Date published : 2019-05-16 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0725