Vulnerabilities (CVE)

Vendor filter

Microsoft Subscribe

Product filter

Office Subscribe

Filter

6655 total CVE
CVE Vendors Products Updated CVSS
CVE-2019-1150 1 Microsoft 8 Windows 10, Windows 7, Windows 8.1 and 5 more 2019-08-16 9.3
A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts, aka 'Microsoft Graphics Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1144, CVE-2019-1145,...
CVE-2019-1151 1 Microsoft 9 Office, Windows 10, Windows 7 and 6 more 2019-08-16 9.3
A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts, aka 'Microsoft Graphics Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1144, CVE-2019-1145,...
CVE-2019-1144 1 Microsoft 8 Windows 10, Windows 7, Windows 8.1 and 5 more 2019-08-16 9.3
A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts, aka 'Microsoft Graphics Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1145, CVE-2019-1149,...
CVE-2019-1152 1 Microsoft 8 Windows 10, Windows 7, Windows 8.1 and 5 more 2019-08-16 9.3
A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts, aka 'Microsoft Graphics Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1144, CVE-2019-1145,...
CVE-2019-0988 1 Microsoft 1 Internet Explorer 2019-08-16 7.6
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0920, CVE-2019-1005,...
CVE-2019-1009 1 Microsoft 2 Windows 7, Windows Server 2008 2019-08-09 4.3
An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0968, CVE-2019-0977,...
CVE-2019-0887 1 Microsoft 8 Windows 10, Windows 7, Windows 8.1 and 5 more 2019-08-08 8.5
A remote code execution vulnerability exists in Remote Desktop Services - formerly known as Terminal Services - when an authenticated attacker abuses clipboard redirection, aka 'Remote Desktop Services Remote Code Execution Vulnerability'.
CVE-2019-1105 1 Microsoft 1 Outlook 2019-08-01 3.5
A spoofing vulnerability exists in the way Microsoft Outlook for Android software parses specifically crafted email messages, aka 'Outlook for Android Spoofing Vulnerability'.
CVE-2019-1167 1 Microsoft 1 Powershell Core 2019-07-25 1.9
A security feature bypass vulnerability exists in Windows Defender Application Control (WDAC) which could allow an attacker to bypass WDAC enforcement, aka 'Windows Defender Application Control Security Feature Bypass Vulnerability'.
CVE-2019-0595 1 Microsoft 8 Windows 10, Windows 7, Windows 8.1 and 5 more 2019-07-24 9.3
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0596, CVE-2019-0597,...
CVE-2019-1126 1 Microsoft 3 Windows Server 2012, Windows Server 2016, Windows Server 2019 2019-07-22 5.0
A security feature bypass vulnerability exists in Active Directory Federation Services (ADFS) which could allow an attacker to bypass the extranet lockout policy.To exploit this vulnerability, an attacker could run a specially crafted...
CVE-2019-1084 1 Microsoft 9 Exchange Server, Lync, Lync Basic and 6 more 2019-07-22 4.0
An information disclosure vulnerability exists when Exchange allows creation of entities with Display Names having non-printable characters. An authenticated attacker could exploit this vulnerability by creating entities with invalid display...
CVE-2019-0975 1 Microsoft 2 Windows Server 2016, Windows Server 2019 2019-07-22 6.8
A security feature bypass vulnerability exists when Active Directory Federation Services (ADFS) improperly updates its list of banned IP addresses. To exploit this vulnerability, an attacker would have to convince a victim ADFS administrator to...
CVE-2019-0865 1 Microsoft 3 Windows 10, Windows Server 2016, Windows Server 2019 2019-07-22 5.0
A denial of service vulnerability exists when SymCrypt improperly handles a specially crafted digital signature.An attacker could exploit the vulnerability by creating a specially crafted connection or message.The security update addresses the...
CVE-2019-1137 1 Microsoft 1 Exchange Server 2019-07-19 3.5
A cross-site-scripting (XSS) vulnerability exists when Microsoft Exchange Server does not properly sanitize a specially crafted web request to an affected Exchange server, aka 'Microsoft Exchange Server Spoofing Vulnerability'.
CVE-2019-1089 1 Microsoft 8 Windows 10, Windows 7, Windows 8.1 and 5 more 2019-07-19 7.2
An elevation of privilege vulnerability exists in rpcss.dll when the RPC service Activation Kernel improperly handles an RPC request. To exploit this vulnerability, a low level authenticated attacker could run a specially crafted application. The...
CVE-2019-1072 1 Microsoft 2 Team Foundation Server, Azure Devops Server 2019-07-19 7.5
A remote code execution vulnerability exists when Azure DevOps Server and Team Foundation Server (TFS) improperly handle user input, aka 'Azure DevOps Server and Team Foundation Server Remote Code Execution Vulnerability'.
CVE-2019-1102 1 Microsoft 7 Windows 10, Windows 7, Windows 8.1 and 4 more 2019-07-19 9.3
A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory, aka 'GDI+ Remote Code Execution Vulnerability'.
CVE-2019-1134 1 Microsoft 2 Sharepoint Enterprise Server, Sharepoint Server 2019-07-19 3.5
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'.
CVE-2019-1109 1 Microsoft 2 Office, Office 365 2019-07-19 6.4
A spoofing vulnerability exists when Microsoft Office Javascript does not check the validity of the web page making a request to Office documents.An attacker who successfully exploited this vulnerability could read or write information in Office...