| Month | Quarter | Year |
|---|---|---|
| #11 | #10 | #10 |
| CVE-ID | CWE-ID | Type | Score |
|---|---|---|---|
| CVE-2019-0710 | CWE-20 | Input Validation | 6.8 |
A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate input from a privileged user on a guest operating system, aka 'Windows Hyper-V Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-0711, CVE-2019-0713. |
|||
| CVE-2019-0707 | CWE-264 | Permissions, Privileges, and Access Control | 7.0 |
An elevation of privilege vulnerability exists in the Network Driver Interface Specification (NDIS) when ndis.sys fails to check the length of a buffer prior to copying memory to it.To exploit the vulnerability, in a local attack scenario, an attacker could run a specially crafted application to elevate the attacker's privilege level, aka 'Windows NDIS Elevation of Privilege Vulnerability'. |
|||
| CVE-2019-0702 | CWE-200 | Information Leak / Disclosure | 5.5 |
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0755, CVE-2019-0767, CVE-2019-0775, CVE-2019-0782. |
|||
| CVE-2019-0664 | CWE-200 | Information Leak / Disclosure | 6.5 |
An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0602, CVE-2019-0615, CVE-2019-0616, CVE-2019-0619, CVE-2019-0660. |
|||
| CVE-2019-0663 | CWE-200 | Information Leak / Disclosure | 5.5 |
An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory.To exploit this vulnerability, an authenticated attacker could run a specially crafted application, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0621, CVE-2019-0661. |
|||
| CVE-2019-0662 | CWE-119 | Buffer Errors | 8.8 |
A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory, aka 'GDI+ Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0618. |
|||
| CVE-2019-0661 | CWE-200 | Information Leak / Disclosure | 5.5 |
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0621, CVE-2019-0663. |
|||
| CVE-2019-0660 | CWE-200 | Information Leak / Disclosure | 6.5 |
An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0602, CVE-2019-0615, CVE-2019-0616, CVE-2019-0619, CVE-2019-0664. |
|||
| CVE-2019-0656 | CWE-264 | Permissions, Privileges, and Access Control | 7.0 |
An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. |
|||
| CVE-2019-0635 | CWE-200 | Information Leak / Disclosure | 6.2 |
An information disclosure vulnerability exists when Windows Hyper-V on a host operating system fails to properly validate input from an authenticated user on a guest operating system, aka 'Windows Hyper-V Information Disclosure Vulnerability'. |
|||