CVE ID | Publié | Description | Score | Gravité |
---|---|---|---|---|
Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally. | 7.8 |
Haute |
||
Improper neutralization in Microsoft Management Console allows an unauthorized attacker to bypass a security feature locally. | 7 |
Haute |
||
Heap-based buffer overflow in Windows NTFS allows an unauthorized attacker to execute code locally. | 7.8 |
Haute |
||
Out-of-bounds read in Windows NTFS allows an authorized attacker to disclose information locally. | 5.5 |
Moyen |
||
Integer overflow or wraparound in Windows Fast FAT Driver allows an unauthorized attacker to execute code locally. | 7.8 |
Haute |
||
Insertion of sensitive information into log file in Windows NTFS allows an unauthorized attacker to disclose information with a physical attack. | 4.6 |
Moyen |
||
External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing over a network. | 6.5 |
Moyen |
||
.NET, .NET Framework, and Visual Studio Denial of Service Vulnerability | 7.5 |
Haute |
||
.NET, .NET Framework, and Visual Studio Denial of Service Vulnerability | 7.5 |
Haute |
||
.NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability | 7.3 |
Haute |
||
Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability | 5.5 |
Moyen |
||
.NET and Visual Studio Remote Code Execution Vulnerability | 7.8 |
Haute |
||
.NET Framework Denial of Service Vulnerability | 5 |
Moyen |
||
A spoofing vulnerability exists in the way Windows CryptoAPI (Crypt32.dll) validates Elliptic Curve Cryptography (ECC) certificates.An attacker could exploit the vulnerability by using a spoofed code-signing certificate to sign a malicious executable, making it appear the file was from a trusted, legitimate source, aka 'Windows CryptoAPI Spoofing Vulnerability'. | 8.1 |
Haute |
||
An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0730, CVE-2019-0731, CVE-2019-0796, CVE-2019-0805, CVE-2019-0836. | 7.8 |
Haute |
||
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0806, CVE-2019-0812, CVE-2019-0829, CVE-2019-0860, CVE-2019-0861. | 7.5 |
Haute |
||
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka "Scripting Engine Memory Corruption Vulnerability." This affects Internet Explorer 9, Internet Explorer 11, Internet Explorer 10. This CVE ID is unique from CVE-2018-8643. | 7.5 |
Haute |