This document describes Symantec product detections for the Microsoft vulnerabilities for which Microsoft releases patches in their monthly Security Bulletins.
Note: Symantec posts this information shortly after it becomes available from Microsoft. Any missing information will be added to the document as it becomes available.
Note: These have been referred to previously as Security Advisories. The language has been updated to Security Bulletins to maintain cadence with Microsoft's terminology
Note: The fields for KB and Bulletin are no longer populated or used by Microsoft, and they no longer appear here as of April 2017
ID and Rating |
CAN/CVE ID: ADV190014 BID: N/A Microsoft Rating: Critical |
Vulnerability Type |
Microsoft Live Accounts Elevation of Privilege Vulnerability |
Vulnerability Affects |
Advisory. See Microsoft.com |
Details |
Advisory. See Microsoft.com |
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2019-0720 BID: 109581 Microsoft Rating: Critical |
Vulnerability Type |
Hyper-V Remote Code Execution Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Hyper-V
|
Details |
A remote code execution vulnerability exists when Windows Hyper-V Network Switch on a host server fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker could run a specially crafted application on a guest operating system that could cause the Hyper-V host operating system to execute arbitrary code.
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2019-0736 BID: 109583 Microsoft Rating: Critical |
Vulnerability Type |
Windows DHCP Client Remote Code Execution Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Rt 8.1 - Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 1803
|
Details |
A memory corruption vulnerability exists in the Windows DHCP client when an attacker sends specially crafted DHCP responses to a client. An attacker who successfully exploited the vulnerability could run arbitrary code on the client machine.
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2019-0965 BID: 109630 Microsoft Rating: Critical |
Vulnerability Type |
Windows Hyper-V Remote Code Execution Vulnerability |
Vulnerability Affects |
Microsoft Hyper-V Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903
|
Details |
A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker could run a specially crafted application on a guest operating system that could cause the Hyper-V host operating system to execute arbitrary code.
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2019-1131 BID: 109557 Microsoft Rating: Critical |
Vulnerability Type |
Chakra Scripting Engine Memory Corruption Vulnerability |
Vulnerability Affects |
Microsoft Edge Microsoft ChakraCore
|
Details |
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2019-1133 BID: 109560 Microsoft Rating: Critical |
Vulnerability Type |
Scripting Engine Memory Corruption Vulnerability |
Vulnerability Affects |
Microsoft Internet Explorer 11 Microsoft Internet Explorer 10 Microsoft Internet Explorer 9
|
Details |
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2019-1139 BID: 109561 Microsoft Rating: Critical |
Vulnerability Type |
Chakra Scripting Engine Memory Corruption Vulnerability |
Vulnerability Affects |
Microsoft Edge Microsoft ChakraCore
|
Details |
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.
|
Intrusion Protection System (IPS) Response |
Sig ID: Under Review |
Other Detections |
AV: N/A Skeptic: Under Review |
ID and Rating |
CAN/CVE ID: CVE-2019-1140 BID: 109562 Microsoft Rating: Critical |
Vulnerability Type |
Chakra Scripting Engine Memory Corruption Vulnerability |
Vulnerability Affects |
Microsoft Edge Microsoft ChakraCore
|
Details |
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.
|
Intrusion Protection System (IPS) Response |
Sig ID: Under Review |
Other Detections |
AV: N/A Skeptic: Under Review |
ID and Rating |
CAN/CVE ID: CVE-2019-1141 BID: 109565 Microsoft Rating: Critical |
Vulnerability Type |
Chakra Scripting Engine Memory Corruption Vulnerability |
Vulnerability Affects |
Microsoft Edge Microsoft ChakraCore
|
Details |
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.
|
Intrusion Protection System (IPS) Response |
Sig ID: Under Review |
Other Detections |
AV: N/A Skeptic: Under Review |
ID and Rating |
CAN/CVE ID: CVE-2019-1144 BID: 109503 Microsoft Rating: Critical |
Vulnerability Type |
Microsoft Graphics Remote Code Execution Vulnerability |
Vulnerability Affects |
A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system.
|
Details |
Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2019-1145 BID: 109515 Microsoft Rating: Critical |
Vulnerability Type |
Microsoft Graphics Remote Code Execution Vulnerability |
Vulnerability Affects |
A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system.
|
Details |
Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2019-1149 BID: 109520 Microsoft Rating: Critical |
Vulnerability Type |
Microsoft Graphics Remote Code Execution Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903 Microsoft Office 2019 for Mac
|
Details |
A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system.
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2019-1150 BID: 109516 Microsoft Rating: Critical |
Vulnerability Type |
Microsoft Graphics Remote Code Execution Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903
|
Details |
A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system.
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2019-1151 BID: 109519 Microsoft Rating: Critical |
Vulnerability Type |
Microsoft Graphics Remote Code Execution Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903 Microsoft Office 2019 for Mac
|
Details |
A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system.
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2019-1152 BID: 109517 Microsoft Rating: Critical |
Vulnerability Type |
Microsoft Graphics Remote Code Execution Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903
|
Details |
A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system.
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2019-1181 BID: 109556 Microsoft Rating: Critical |
Vulnerability Type |
Remote Desktop Services Remote Code Execution Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903
|
Details |
A remote code execution vulnerability exists in Remote Desktop Services - formerly known as Terminal Services - when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests. This vulnerability is pre-authentication and requires no user interaction.
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2019-1182 BID: 109559 Microsoft Rating: Critical |
Vulnerability Type |
Remote Desktop Services Remote Code Execution Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903
|
Details |
A remote code execution vulnerability exists in Remote Desktop Services - formerly known as Terminal Services - when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests. This vulnerability is pre-authentication and requires no user interaction.
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2019-1183 BID: 109566 Microsoft Rating: Critical |
Vulnerability Type |
Windows VBScript Engine Remote Code Execution Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 1709 Microsoft Windows Server 1803 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows Server 1903
|
Details |
A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2019-1188 BID: 109590 Microsoft Rating: Critical |
Vulnerability Type |
LNK Remote Code Execution Vulnerability |
Vulnerability Affects |
Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903 Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems
|
Details |
A remote code execution vulnerability exists in Microsoft Windows that could allow remote code execution if a . LNK file is processed.
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2019-1194 BID: 109584 Microsoft Rating: Critical |
Vulnerability Type |
Scripting Engine Memory Corruption Vulnerability |
Vulnerability Affects |
Microsoft Internet Explorer 11 Microsoft Internet Explorer 10 Microsoft Internet Explorer 9
|
Details |
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2019-1195 BID: 109580 Microsoft Rating: Critical |
Vulnerability Type |
Chakra Scripting Engine Memory Corruption Vulnerability |
Vulnerability Affects |
Microsoft Edge Microsoft ChakraCore
|
Details |
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.
|
Intrusion Protection System (IPS) Response |
Sig ID: Under Review |
Other Detections |
AV: N/A Skeptic: Under Review |
ID and Rating |
CAN/CVE ID: CVE-2019-1196 BID: 109578 Microsoft Rating: Critical |
Vulnerability Type |
Chakra Scripting Engine Memory Corruption Vulnerability |
Vulnerability Affects |
Microsoft Edge Microsoft ChakraCore |
Details |
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.
|
Intrusion Protection System (IPS) Response |
Sig ID: Under Review |
Other Detections |
AV: N/A Skeptic: Under Review |
ID and Rating |
CAN/CVE ID: CVE-2019-1197 BID: 109576 Microsoft Rating: Critical |
Vulnerability Type |
Chakra Scripting Engine Memory Corruption Vulnerability |
Vulnerability Affects |
Microsoft Edge Microsoft ChakraCore |
Details |
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.
|
Intrusion Protection System (IPS) Response |
Sig ID: Under Review |
Other Detections |
AV: N/A Skeptic: Under Review |
ID and Rating |
CAN/CVE ID: CVE-2019-1199 BID: 109544 Microsoft Rating: Critical |
Vulnerability Type |
Microsoft Outlook Memory Corruption Vulnerability |
Vulnerability Affects |
Microsoft Office 2019 for 32-bit editions Microsoft Office 2019 for 64-bit editions Microsoft Office 365 ProPlus for 32-bit Systems Microsoft Office 365 ProPlus for 64-bit Systems
|
Details |
A remote code execution vulnerability exists in Microsoft Outlook when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user.
|
Intrusion Protection System (IPS) Response |
Sig ID: Under Review |
Other Detections |
AV: N/A Skeptic: Under Review |
ID and Rating |
CAN/CVE ID: CVE-2019-1200 BID: 109545 Microsoft Rating: Critical |
Vulnerability Type |
Microsoft Outlook Remote Code Execution Vulnerability |
Vulnerability Affects |
Microsoft Office 2010 (32-bit edition) SP2 Microsoft Office 2010 (64-bit edition) SP2 Microsoft Office 2013 RT Service Pack 1 Microsoft Office 2013 Service Pack 1 (32-bit editions) Microsoft Office 2013 Service Pack 1 (64-bit editions) Microsoft Office 2016 (32-bit edition) Microsoft Office 2016 (64-bit edition) Microsoft Office 2019 for 32-bit editions Microsoft Office 2019 for 64-bit editions Microsoft Outlook 2010 (32-bit editions) Service Pack 2 Microsoft Outlook 2010 (64-bit editions) Service Pack 2 Microsoft Outlook 2013 RT Service Pack 1 Microsoft Outlook 2013 Service Pack 1 (32-bit editions) Microsoft Outlook 2013 Service Pack 1 (64-bit editions) Microsoft Outlook 2016 (32-bit editions) Microsoft Outlook 2016 (64-bit editions) Microsoft Office 365 ProPlus for 32-bit Systems Microsoft Office 365 ProPlus for 64-bit Systems
|
Details |
A remote code execution vulnerability exists in Microsoft Outlook software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user.
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2019-1201 BID: 109546 Microsoft Rating: Critical |
Vulnerability Type |
Microsoft Word Remote Code Execution Vulnerability |
Vulnerability Affects |
Microsoft Office 2010 (32-bit edition) SP2 Microsoft Office 2010 (64-bit edition) SP2 Microsoft Office 2013 RT Service Pack 1 Microsoft Office 2013 Service Pack 1 (32-bit editions) Microsoft Office 2013 Service Pack 1 (64-bit editions) Microsoft Office 2016 (32-bit edition) Microsoft Office 2016 (64-bit edition) Microsoft Office 2016 for Mac Microsoft Office 2019 for 32-bit editions Microsoft Office 2019 for 64-bit editions Microsoft Office 2019 for Mac Microsoft Office Online Server Microsoft SharePoint Enterprise Server 2013 Service Pack 1 Microsoft SharePoint Enterprise Server 2016 Microsoft SharePoint Server 2019 Microsoft Word 2010 Service Pack 2 (32-bit editions) Microsoft Word 2010 Service Pack 2 (64-bit editions) Microsoft Word 2013 RT Service Pack 1 Microsoft Word 2013 Service Pack 1 (32-bit editions) Microsoft Word 2013 Service Pack 1 (64-bit editions) Microsoft Word 2016 (32-bit edition) Microsoft Word 2016 (64-bit edition) Microsoft Office 365 ProPlus for 32-bit Systems Microsoft Office 365 ProPlus for 64-bit Systems
|
Details |
A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user.
|
Intrusion Protection System (IPS) Response |
Sig ID: Under Review |
Other Detections |
AV: N/A Skeptic: Under Review |
ID and Rating |
CAN/CVE ID: CVE-2019-1205 BID: 109552 Microsoft Rating: Critical |
Vulnerability Type |
Microsoft Word Remote Code Execution Vulnerability |
Vulnerability Affects |
Microsoft Office 2019 for 32-bit editions Microsoft Office 2019 for 64-bit editions Microsoft Office 365 ProPlus for 32-bit Systems Microsoft Office 365 ProPlus for 64-bit Systems
|
Details |
A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user.
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2019-1213 BID: 109528 Microsoft Rating: Critical |
Vulnerability Type |
Windows DHCP Server Remote Code Execution Vulnerability |
Vulnerability Affects |
Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2
|
Details |
A memory corruption vulnerability exists in the Windows Server DHCP service when an attacker sends specially crafted packets to a DHCP server. An attacker who successfully exploited the vulnerability could run arbitrary code on the DHCP server.
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2019-1222 BID: 109635 Microsoft Rating: Critical |
Vulnerability Type |
Remote Desktop Services Remote Code Execution Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows Server 1803 Microsoft Windows Server 1903 Microsoft Windows Server 2019
|
Details |
A remote code execution vulnerability exists in Remote Desktop Services - formerly known as Terminal Services - when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests. This vulnerability is pre-authentication and requires no user interaction.
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2019-1226 BID: 109623 Microsoft Rating: Critical |
Vulnerability Type |
Remote Desktop Services Remote Code Execution Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903
|
Details |
A remote code execution vulnerability exists in Remote Desktop Services - formerly known as Terminal Services - when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests. This vulnerability is pre-authentication and requires no user interaction.
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: ADV190023 BID: Microsoft Rating: Important |
Vulnerability Type |
Microsoft Guidance for Enabling LDAP Channel Binding and LDAP Signing |
Vulnerability Affects |
Advisory: See Microsoft.com |
Details |
Advisory: See Microsoft.com |
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2019-0714 BID: 109534 Microsoft Rating: Important |
Vulnerability Type |
Windows Hyper-V Denial of Service Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903 Microsoft Hyper-V
|
Details |
A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system. An attacker who successfully exploited the vulnerability could cause the host server to crash.
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2019-0715 BID: 109538 Microsoft Rating: Important |
Vulnerability Type |
Windows Hyper-V Denial of Service Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903 Microsoft Hyper-V
|
Details |
A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system. An attacker who successfully exploited the vulnerability could cause the host server to crash.
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2019-0716 BID: 109558 Microsoft Rating: Important |
Vulnerability Type |
Windows Denial of Service Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Rt 8.1 - Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903
|
Details |
A denial of service vulnerability exists when Windows improperly handles objects in memory. An attacker who successfully exploited the vulnerability could cause a target system to stop responding.
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2019-0717 BID: 109548 Microsoft Rating: Important |
Vulnerability Type |
Windows Hyper-V Denial of Service Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows Server 2019 Microsoft Hyper-V
|
Details |
A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system. An attacker who successfully exploited the vulnerability could cause the host server to crash.
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2019-0718 BID: 109549 Microsoft Rating: Important |
Vulnerability Type |
Windows Hyper-V Denial of Service Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Rt 8.1 - Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903 Microsoft Hyper-V
|
Details |
A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system. An attacker who successfully exploited the vulnerability could cause the host server to crash.
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2019-0723 BID: 109554 Microsoft Rating: Important |
Vulnerability Type |
Windows Hyper-V Denial of Service Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903 Microsoft Hyper-V
|
Details |
A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system. An attacker who successfully exploited the vulnerability could cause the host server to crash.
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2019-1030 BID: 109555 Microsoft Rating: Important |
Vulnerability Type |
Microsoft Edge Information Disclosure Vulnerability |
Vulnerability Affects |
Microsoft Edge
|
Details |
A security bypass vulnerability exists when Microsoft Edge improperly handles requests of different origins and improperly handles browser cookies. An attacker who successfully exploited this vulnerability could trick a browser into overwriting a secure cookie with an insecure cookie.
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2019-1057 BID: 109589 Microsoft Rating: Important |
Vulnerability Type |
MS XML Remote Code Execution Vulnerability |
Vulnerability Affects |
Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2012 R2 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows Server 1803 Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows Server 2019 Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows Server 1903 Microsoft Windows Server 2012
|
Details |
A remote code execution vulnerability exists when the Microsoft XML Core Services MSXML parser processes user input. An attacker who successfully exploited the vulnerability could run malicious code remotely to take control of the user's system.
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2019-1078 BID: 109502 Microsoft Rating: Important |
Vulnerability Type |
Microsoft Graphics Component Information Disclosure Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903
|
Details |
An information disclosure vulnerability exists when the Windows Graphics component improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user's system.
|
Intrusion Protection System (IPS) Response |
Sig ID: Under Review |
Other Detections |
AV: N/A Skeptic: Under Review |
ID and Rating |
CAN/CVE ID: CVE-2019-1143 BID: 109512 Microsoft Rating: Important |
Vulnerability Type |
Windows Graphics Component Information Disclosure Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903
|
Details |
An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise a user's system.
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2019-1146 BID: 109539 Microsoft Rating: Important |
Vulnerability Type |
Jet Database Engine Remote Code Execution Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 1803 Microsoft Windows Server 2019 Microsoft Windows Server 2016 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2012 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 1903
|
Details |
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2019-1147 BID: 109540 Microsoft Rating: Important |
Vulnerability Type |
Jet Database Engine Remote Code Execution Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 1803 Microsoft Windows Server 2019 Microsoft Windows Server 2016 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2012 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 1903
|
Details |
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2019-1148 BID: 109522 Microsoft Rating: Important |
Vulnerability Type |
Microsoft Graphics Component Information Disclosure Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903
|
Details |
An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user's system.
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2019-1153 BID: 109524 Microsoft Rating: Important |
Vulnerability Type |
Microsoft Graphics Component Information Disclosure Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903 Microsoft Office 2019 for Mac
|
Details |
An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user's system.
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2019-1154 BID: 109525 Microsoft Rating: Important |
Vulnerability Type |
Windows Graphics Component Information Disclosure Vulnerability |
Vulnerability Affects |
Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1
|
Details |
An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise a user's system.
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2019-1155 BID: 109541 Microsoft Rating: Important |
Vulnerability Type |
Jet Database Engine Remote Code Execution Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 1803 Microsoft Windows Server 2019 Microsoft Windows Server 2016 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2012 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 1903
|
Details |
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2019-1156 BID: 109542 Microsoft Rating: Important |
Vulnerability Type |
Jet Database Engine Remote Code Execution Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 1803 Microsoft Windows Server 2019 Microsoft Windows Server 2016 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2012 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 1903
|
Details |
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2019-1157 BID: 109543 Microsoft Rating: Important |
Vulnerability Type |
Jet Database Engine Remote Code Execution Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 1803 Microsoft Windows Server 2019 Microsoft Windows Server 2016 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2012 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 1903
|
Details |
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2019-1158 BID: 109526 Microsoft Rating: Important |
Vulnerability Type |
Windows Graphics Component Information Disclosure Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903
|
Details |
An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise a user's system.
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2019-1159 BID: 109518 Microsoft Rating: Important |
Vulnerability Type |
Windows Kernel Elevation of Privilege Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Rt 8.1 - Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903 Microsoft Windows Server 2008 R2 for x64-based Systems SP1
|
Details |
A privilege escalation vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.
|
Intrusion Protection System (IPS) Response |
Sig ID: Under Review |
Other Detections |
AV: N/A Skeptic: Under Review |
ID and Rating |
CAN/CVE ID: CVE-2019-1160 BID: 109622 Microsoft Rating: Important |
Vulnerability Type |
Azure DevOps Server Information Disclosure Vulnerability |
Vulnerability Affects |
Microsoft Azure DevOps Server 2019.0.1
|
Details |
An information disclosure vulnerability exists when Azure DevOps Server build pipelines return secret parameters from the server. An attacker who successfully exploited this vulnerability could export hidden parameters from the pipeline service.
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2019-1161 BID: 109563 Microsoft Rating: Important |
Vulnerability Type |
Microsoft Defender Elevation of Privilege Vulnerability |
Vulnerability Affects |
Microsoft Exchange Server 2013 Microsoft Exchange Server 2016 Microsoft Forefront Endpoint Protection 2010 Microsoft Security Essentials Microsoft System Center 2012 Endpoint Protection Microsoft System Center 2012 R2 Endpoint Protection Microsoft System Center Endpoint Protection Microsoft Windows Defender
|
Details |
A privilege escalation vulnerability exists when the MpSigStub. exe for Defender allows file deletion in arbitrary locations.
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2019-1162 BID: 109569 Microsoft Rating: Important |
Vulnerability Type |
Windows ALPC Elevation of Privilege Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903
|
Details |
A privilege escalation vulnerability exists when Windows improperly handles calls to Advanced Local Procedure Call (ALPC). An attacker who successfully exploited this vulnerability could run arbitrary code in the security context of the local system.
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2019-1163 BID: 109573 Microsoft Rating: Important |
Vulnerability Type |
Windows File Signature Security Feature Bypass Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903
|
Details |
A security bypass exists when Windows incorrectly validates CAB file signatures. An attacker who successfully exploited this vulnerability could inject code into a CAB file without invalidating the file's signature.
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2019-1164 BID: 109521 Microsoft Rating: Important |
Vulnerability Type |
Windows Kernel Elevation of Privilege Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903
|
Details |
A privilege escalation vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.
|
Intrusion Protection System (IPS) Response |
Sig ID: Under Review |
Other Detections |
AV: N/A Skeptic: Under Review |
ID and Rating |
CAN/CVE ID: CVE-2019-1168 BID: 109577 Microsoft Rating: Important |
Vulnerability Type |
Microsoft Windows p2pimsvc Elevation of Privilege Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903
|
Details |
A privilege escalation exists in the p2pimsvc service where an attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges. To exploit this vulnerability, an attacker would first have to log on to the system.
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2019-1169 BID: 109632 Microsoft Rating: Important |
Vulnerability Type |
Win32k Elevation of Privilege Vulnerability |
Vulnerability Affects |
Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1
|
Details |
A privilege escalation vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2019-1170 BID: 109579 Microsoft Rating: Important |
Vulnerability Type |
Windows NTFS Elevation of Privilege Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1903
|
Details |
A privilege escalation vulnerability exists when reparse points are created by sandboxed processes allowing sandbox escape. An attacker who successfully exploited the vulnerability could use the sandbox escape to elevate privileges on an affected system.
|
Intrusion Protection System (IPS) Response |
Sig ID: Under Review |
Other Detections |
AV: N/A Skeptic: Under Review |
ID and Rating |
CAN/CVE ID: CVE-2019-1171 BID: 109582 Microsoft Rating: Important |
Vulnerability Type |
SymCrypt Information Disclosure Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903
|
Details |
An information disclosure vulnerability exists in SymCrypt during the OAEP decryption stage. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user's system.
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2019-1172 BID: 109628 Microsoft Rating: Important |
Vulnerability Type |
Windows Information Disclosure Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903
|
Details |
An information disclosure vulnerability exists in Azure Active Directory (AAD) Microsoft Account (MSA) during the login request session. An attacker who successfully exploited the vulnerability could take over a user's account.
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2019-1173 BID: 109511 Microsoft Rating: Important |
Vulnerability Type |
Windows Elevation of Privilege Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903
|
Details |
A privilege escalation vulnerability exists in the way that the PsmServiceExtHost. dll handles objects in memory.
|
Intrusion Protection System (IPS) Response |
Sig ID: Under Review |
Other Detections |
AV: N/A Skeptic: Under Review |
ID and Rating |
CAN/CVE ID: CVE-2019-1174 BID: 109513 Microsoft Rating: Important |
Vulnerability Type |
Windows Elevation of Privilege Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows Server 2019 Microsoft Windows Server 1903
|
Details |
A privilege escalation vulnerability exists in the way that the PsmServiceExtHost. dll handles objects in memory.
|
Intrusion Protection System (IPS) Response |
Sig ID: Under Review |
Other Detections |
AV: N/A Skeptic: Under Review |
ID and Rating |
CAN/CVE ID: CVE-2019-1175 BID: 109523 Microsoft Rating: Important |
Vulnerability Type |
Windows Elevation of Privilege Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903
|
Details |
A privilege escalation vulnerability exists in the way that the psmsrv. dll handles objects in memory.
|
Intrusion Protection System (IPS) Response |
Sig ID: Under Review |
Other Detections |
AV: N/A Skeptic: Under Review |
ID and Rating |
CAN/CVE ID: CVE-2019-1176 BID: 109529 Microsoft Rating: Important |
Vulnerability Type |
DirectX Elevation of Privilege Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903
|
Details |
A privilege escalation vulnerability exists when DirectX improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2019-1177 BID: 109530 Microsoft Rating: Important |
Vulnerability Type |
Windows Elevation of Privilege Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903
|
Details |
A privilege escalation vulnerability exists in the way that the rpcss. dll handles objects in memory.
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2019-1178 BID: 109533 Microsoft Rating: Important |
Vulnerability Type |
Windows Elevation of Privilege Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903
|
Details |
A privilege escalation vulnerability exists in the way that the ssdpsrv. dll handles objects in memory.
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2019-1179 BID: 109536 Microsoft Rating: Important |
Vulnerability Type |
Windows Elevation of Privilege Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903
|
Details |
A privilege escalation vulnerability exists in the way that the unistore. dll handles objects in memory.
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2019-1180 BID: 109537 Microsoft Rating: Important |
Vulnerability Type |
Windows Elevation of Privilege Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903
|
Details |
A privilege escalation vulnerability exists in the way that the wcmsvc. dll handles objects in memory.
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2019-1184 BID: 109568 Microsoft Rating: Important |
Vulnerability Type |
Windows Elevation of Privilege Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903
|
Details |
A privilege escalation vulnerability exists when Windows Core Shell COM Server Registrar improperly handles COM calls. An attacker who successfully exploited this vulnerability could potentially set certain items to run at a higher level and thereby elevate permissions.
|
Intrusion Protection System (IPS) Response |
Sig ID: Under Review |
Other Detections |
AV: N/A Skeptic: Under Review |
ID and Rating |
CAN/CVE ID: CVE-2019-1185 BID: 109571 Microsoft Rating: Important |
Vulnerability Type |
Windows Subsystem for Linux Elevation of Privilege Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows Server 1903
|
Details |
A privilege escalation vulnerability exists due to a stack corruption in Windows Subsystem for Linux. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2019-1186 BID: 109574 Microsoft Rating: Important |
Vulnerability Type |
Windows Elevation of Privilege Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows Server 1903 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows Server 1803 Microsoft Windows Server 2019
|
Details |
A privilege escalation vulnerability exists in the way that the wcmsvc. dll handles objects in memory.
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2019-1187 BID: 109591 Microsoft Rating: Important |
Vulnerability Type |
XmlLite runtime Denial of Service Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903
|
Details |
A denial of service vulnerability exists when the XmlLite runtime (XmlLite. dll) improperly parses XML input.
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2019-1190 BID: 109588 Microsoft Rating: Important |
Vulnerability Type |
Windows Image Elevation of Privilege Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows Server 1903 Microsoft Windows Server 2019
|
Details |
A privilege escalation vulnerability exists in the way that the Windows kernel image handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2019-1192 BID: 109586 Microsoft Rating: Important |
Vulnerability Type |
Microsoft Browsers Security Feature Bypass Vulnerability |
Vulnerability Affects |
Microsoft Edge Microsoft Internet Explorer 10 Microsoft Internet Explorer 11
|
Details |
A security bypass vulnerability exists when Microsoft browsers improperly handle requests of different origins. The vulnerability allows Microsoft browsers to bypass Same-Origin Policy (SOP) restrictions, and to allow requests that should otherwise be ignored.
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2019-1193 BID: 109585 Microsoft Rating: Important |
Vulnerability Type |
Microsoft Browser Memory Corruption Vulnerability |
Vulnerability Affects |
Microsoft Internet Explorer 11 Microsoft Internet Explorer 10 Microsoft Edge
|
Details |
A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory. The vulnerability could corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page.
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2019-1198 BID: 109587 Microsoft Rating: Important |
Vulnerability Type |
Microsoft Windows Elevation of Privilege Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903
|
Details |
A privilege escalation exists in SyncController. dll.
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2019-1202 BID: 109547 Microsoft Rating: Important |
Vulnerability Type |
Microsoft SharePoint Information Disclosure Vulnerability |
Vulnerability Affects |
Microsoft SharePoint Enterprise Server 2013 Service Pack 1 Microsoft SharePoint Enterprise Server 2016 Microsoft SharePoint Foundation 2010 SP2 Microsoft SharePoint Foundation 2013 SP1 Microsoft SharePoint Server 2019
|
Details |
An information disclosure vulnerabilty exists in the way Microsoft SharePoint handles session objects. A locally authenticated attacker who successfully exploited the vulnerability could hijack the session of another user.
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2019-1203 BID: 109550 Microsoft Rating: Important |
Vulnerability Type |
Microsoft Office SharePoint XSS Vulnerability |
Vulnerability Affects |
Microsoft SharePoint Enterprise Server 2013 Service Pack 1 Microsoft SharePoint Enterprise Server 2016 Microsoft SharePoint Foundation 2013 SP1 Microsoft SharePoint Server 2019
|
Details |
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server.
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2019-1204 BID: 109551 Microsoft Rating: Important |
Vulnerability Type |
Microsoft Outlook Elevation of Privilege Vulnerability |
Vulnerability Affects |
Microsoft Office 2010 (32-bit edition) SP2 Microsoft Office 2010 (64-bit edition) SP2 Microsoft Office 2013 RT Service Pack 1 Microsoft Office 2013 Service Pack 1 (32-bit editions) Microsoft Office 2013 Service Pack 1 (64-bit editions) Microsoft Office 2016 (32-bit edition) Microsoft Office 2016 (64-bit edition) Microsoft Office 2019 for 32-bit editions Microsoft Office 2019 for 64-bit editions Microsoft Outlook 2010 (32-bit editions) Service Pack 2 Microsoft Outlook 2010 (64-bit editions) Service Pack 2 Microsoft Outlook 2013 RT Service Pack 1 Microsoft Outlook 2013 Service Pack 1 (32-bit editions) Microsoft Outlook 2013 Service Pack 1 (64-bit editions) Microsoft Office 365 ProPlus for 32-bit Systems Microsoft Office 365 ProPlus for 64-bit Systems
|
Details |
A privilege escalation vulnerability exists when Microsoft Outlook initiates processing of incoming messages without sufficient validation of the formatting of the messages. An attacker who successfully exploited the vulnerability could attempt to force Outlook to load a local or remote message store (over SMB).
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2019-1206 BID: 109505 Microsoft Rating: Important |
Vulnerability Type |
Windows DHCP Server Denial of Service Vulnerability |
Vulnerability Affects |
Microsoft Windows Server 1903 Microsoft Windows Server 1803 Microsoft Windows Server 2019 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016
|
Details |
A memory corruption vulnerability exists in the Windows Server DHCP service when an attacker sends specially crafted packets to a DHCP failover server. An attacker who successfully exploited the vulnerability could cause the DHCP service to become nonresponsive.
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2019-1211 BID: 109629 Microsoft Rating: Important |
Vulnerability Type |
Git for Visual Studio Elevation of Privilege Vulnerability |
Vulnerability Affects |
Microsoft Visual Studio 2008
|
Details |
A privilege escalation vulnerability exists in Git for Visual Studio when it improperly parses configuration files. An attacker who successfully exploited the vulnerability could execute code in the context of another local user.
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2019-1212 BID: 109507 Microsoft Rating: Important |
Vulnerability Type |
Windows DHCP Server Denial of Service Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903
|
Details |
A memory corruption vulnerability exists in the Windows Server DHCP service when processing specially crafted packets. An attacker who successfully exploited the vulnerability could cause the DHCP server service to stop responding.
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2019-1218 BID: 109553 Microsoft Rating: Important |
Vulnerability Type |
Outlook iOS Spoofing Vulnerability |
Vulnerability Affects |
Outlook for iOS
|
Details |
A spoofing vulnerability exists in the way Microsoft Outlook iOS software parses specifically crafted email messages. An authenticated attacker could exploit the vulnerability by sending a specially crafted email message to a victim.
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2019-1223 BID: 109624 Microsoft Rating: Important |
Vulnerability Type |
Windows Remote Desktop Protocol (RDP) Denial of Service Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903
|
Details |
A denial of service vulnerability exists in Remote Desktop Protocol (RDP) when an attacker connects to the target system using RDP and sends specially crafted requests. An attacker who successfully exploited this vulnerability could cause the RDP service on the target system to stop responding.
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2019-1224 BID: 109626 Microsoft Rating: Important |
Vulnerability Type |
Remote Desktop Protocol Server Information Disclosure Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903
|
Details |
An information disclosure vulnerability exists when the Windows RDP server improperly discloses the contents of its memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the system.
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2019-1225 BID: 109627 Microsoft Rating: Important |
Vulnerability Type |
Remote Desktop Protocol Server Information Disclosure Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903
|
Details |
An information disclosure vulnerability exists when the Windows RDP server improperly discloses the contents of its memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the system.
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2019-1227 BID: 109631 Microsoft Rating: Important |
Vulnerability Type |
Windows Kernel Information Disclosure Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903
|
Details |
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user's system.
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2019-1228 BID: 109634 Microsoft Rating: Important |
Vulnerability Type |
Windows Kernel Information Disclosure Vulnerability |
Vulnerability Affects |
Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1
|
Details |
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user's system.
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2019-1229 BID: 109681 Microsoft Rating: Important |
Vulnerability Type |
Dynamics On-Premise Elevation of Privilege Vulnerability |
Vulnerability Affects |
Microsoft Dynamics 365 (on-premises) 9
|
Details |
An elevation of privilege vulnerability exists in Dynamics On-Premise v9. An attacker who successfully exploited the vulnerability could leverage a customizer privilege within Dynamics to gain control of the Web Role hosting the Dynamics installation.
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2019-9506 BID: 109509 Microsoft Rating: Important |
Vulnerability Type |
Encryption Key Negotiation of Bluetooth Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903
|
Details |
A Bluetooth BR/EDR (basic rate/enhanced data rate, known as "Bluetooth Classic") key negotiation vulnerability that exists at the hardware specification level of any BR/EDR Bluetooth device. An attacker could potentially be able to negotiate the offered key length down to 1 byte of entropy, from a maximum of 16 bytes.
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2019-9511 BID: 109625 Microsoft Rating: Important |
Vulnerability Type |
HTTP/2 Server Denial of Service Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903
|
Details |
A denial of service vulnerability exists in the HTTP/2 protocol stack (HTTP.sys) when HTTP.sys improperly parses specially crafted HTTP/2 requests.
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2019-9512 BID: 109637 Microsoft Rating: Important |
Vulnerability Type |
HTTP/2 Server Denial of Service Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903
|
Details |
A denial of service vulnerability exists in the HTTP/2 protocol stack (HTTP.sys) when HTTP.sys improperly parses specially crafted HTTP/2 requests.
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2019-9513 BID: 109633 Microsoft Rating: Important |
Vulnerability Type |
HTTP/2 Server Denial of Service Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903
|
Details |
A denial of service vulnerability exists in the HTTP/2 protocol stack (HTTP.sys) when HTTP.sys improperly parses specially crafted HTTP/2 requests.
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2019-9514 BID: 109636 Microsoft Rating: Important |
Vulnerability Type |
HTTP/2 Server Denial of Service Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903
|
Details |
A denial of service vulnerability exists in the HTTP/2 protocol stack (HTTP.sys) when HTTP.sys improperly parses specially crafted HTTP/2 requests.
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |
ID and Rating |
CAN/CVE ID: CVE-2019-9518 BID: 109639 Microsoft Rating: Important |
Vulnerability Type |
HTTP/2 Server Denial of Service Vulnerability |
Vulnerability Affects |
Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903
|
Details |
A denial of service vulnerability exists in the HTTP/2 protocol stack (HTTP.sys) when HTTP.sys improperly parses specially crafted HTTP/2 requests.
|
Intrusion Protection System (IPS) Response |
Sig ID: N/A |
Other Detections |
AV: N/A Skeptic: N/A |