| Month | Quarter | Year |
|---|---|---|
| #3 | #7 | #6 |
| CVE-ID | CWE-ID | Type | Score |
|---|---|---|---|
| CVE-2019-1097 | CWE-200 | Information Leak / Disclosure | 5.5 |
An information disclosure vulnerability exists when DirectWrite improperly discloses the contents of its memory, aka 'DirectWrite Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1093. |
|||
| CVE-2019-1096 | CWE-200 | Information Leak / Disclosure | 5.5 |
An information disclosure vulnerability exists when the win32k component improperly provides kernel information, aka 'Win32k Information Disclosure Vulnerability'. |
|||
| CVE-2019-1095 | CWE-200 | Information Leak / Disclosure | 6.5 |
An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1094, CVE-2019-1098, CVE-2019-1099, CVE-2019-1100, CVE-2019-1101, CVE-2019-1116. |
|||
| CVE-2019-1094 | CWE-200 | Information Leak / Disclosure | 6.5 |
An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1095, CVE-2019-1098, CVE-2019-1099, CVE-2019-1100, CVE-2019-1101, CVE-2019-1116. |
|||
| CVE-2019-1093 | CWE-200 | Information Leak / Disclosure | 5.5 |
An information disclosure vulnerability exists when DirectWrite improperly discloses the contents of its memory, aka 'DirectWrite Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1097. |
|||
| CVE-2019-1091 | CWE-200 | Information Leak / Disclosure | 5.5 |
An information disclosure vulnerability exists when Unistore.dll fails to properly handle objects in memory, aka 'Microsoft unistore.dll Information Disclosure Vulnerability'. |
|||
| CVE-2019-1090 | CWE-264 | Permissions, Privileges, and Access Control | 7.8 |
An elevation of privilege vulnerability exists in the way that the dnsrslvr.dll handles objects in memory, aka 'Windows dnsrlvr.dll Elevation of Privilege Vulnerability'. |
|||
| CVE-2019-1089 | CWE-264 | Permissions, Privileges, and Access Controls | 7.8 |
An elevation of privilege vulnerability exists in rpcss.dll when the RPC service Activation Kernel improperly handles an RPC request. To exploit this vulnerability, a low level authenticated attacker could run a specially crafted application. The security update addresses this vulnerability by correcting how rpcss.dll handles these requests., aka 'Windows RPCSS Elevation of Privilege Vulnerability'. |
|||
| CVE-2019-1088 | CWE-264 | Permissions, Privileges, and Access Control | 7.8 |
An elevation of privilege exists in Windows Audio Service, aka 'Windows Audio Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1086, CVE-2019-1087. |
|||
| CVE-2019-1087 | CWE-264 | Permissions, Privileges, and Access Control | 7.8 |
An elevation of privilege exists in Windows Audio Service, aka 'Windows Audio Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1086, CVE-2019-1088. |
|||