Month | Quarter | Year |
---|---|---|
#2 | #5 | #4 |
CVE-ID | CWE-ID | Type | Score |
---|---|---|---|
CVE-2019-0881 | CWE-264 | Permissions, Privileges, and Access Control | 7.8 |
An elevation of privilege vulnerability exists when the Windows Kernel improperly handles key enumeration, aka 'Windows Kernel Elevation of Privilege Vulnerability'.
|
|||
CVE-2019-0865 | CWE-20 | Improper Input Validation | 7.5 |
A denial of service vulnerability exists when SymCrypt improperly handles a specially crafted digital signature.An attacker could exploit the vulnerability by creating a specially crafted connection or message.The security update addresses the vulnerability by correcting the way SymCrypt handles digital signatures., aka 'SymCrypt Denial of Service Vulnerability'.
|
|||
CVE-2019-0836 | CWE-264 | Permissions, Privileges, and Access Control | 7.8 |
An elevation of privilege vulnerability exists when Windows improperly handles calls to the LUAFV driver (luafv.sys), aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0730, CVE-2019-0731, CVE-2019-0796, CVE-2019-0805, CVE-2019-0841.
|
|||
CVE-2019-0805 | CWE-264 | Permissions, Privileges, and Access Control | 7.8 |
An elevation of privilege vulnerability exists when Windows improperly handles calls to the LUAFV driver (luafv.sys), aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0730, CVE-2019-0731, CVE-2019-0796, CVE-2019-0836, CVE-2019-0841.
|
|||
CVE-2019-0796 | CWE-264 | Permissions, Privileges, and Access Control | 5.5 |
An elevation of privilege vulnerability exists when Windows improperly handles calls to the LUAFV driver (luafv.sys), aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0730, CVE-2019-0731, CVE-2019-0805, CVE-2019-0836, CVE-2019-0841.
|
|||
CVE-2019-0768 | CWE-254 | Security Features | 4.3 |
A security feature bypass vulnerability exists when Internet Explorer VBScript execution policy does not properly restrict VBScript under specific conditions, and to allow requests that should otherwise be ignored, aka 'Internet Explorer Security Feature Bypass Vulnerability'. This CVE ID is unique from CVE-2019-0761.
|
|||
CVE-2019-0735 | CWE-264 | Permissions, Privileges, and Access Control | 7.8 |
An elevation of privilege vulnerability exists when the Windows Client Server Run-Time Subsystem (CSRSS) fails to properly handle objects in memory, aka 'Windows CSRSS Elevation of Privilege Vulnerability'.
|
|||
CVE-2019-0732 | CWE-254 | Security Features | 7.8 |
A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard when Windows improperly handles calls to the LUAFV driver (luafv.sys), aka 'Windows Security Feature Bypass Vulnerability'.
|
|||
CVE-2019-0731 | CWE-264 | Permissions, Privileges, and Access Control | 7.8 |
An elevation of privilege vulnerability exists when Windows improperly handles calls to the LUAFV driver (luafv.sys), aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0730, CVE-2019-0796, CVE-2019-0805, CVE-2019-0836, CVE-2019-0841.
|
|||
CVE-2019-0730 | CWE-264 | Permissions, Privileges, and Access Control | 7.8 |
An elevation of privilege vulnerability exists when Windows improperly handles calls to the LUAFV driver (luafv.sys), aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0731, CVE-2019-0796, CVE-2019-0805, CVE-2019-0836, CVE-2019-0841.
|