CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 2 and 2.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
101 CVE-2019-2544 200 +Info 2019-01-16 2019-01-22
2.1
None Local Low Not required Partial None None
Vulnerability in the Oracle Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). Supported versions that are affected are 10 and 11. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Solaris accessible data. CVSS 3.0 Base Score 4.0 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).
102 CVE-2019-2527 284 2019-01-16 2019-06-11
2.1
None Local Low Not required None None Partial
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are prior to 5.2.26 and prior to 6.0.4. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle VM VirtualBox. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H).
103 CVE-2019-2506 284 2019-01-16 2019-06-11
2.1
None Local Low Not required Partial None None
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are prior to 5.2.24 and prior to 6.0.2. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle VM VirtualBox accessible data. CVSS 3.0 Base Score 3.8 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N).
104 CVE-2019-2505 284 2019-01-16 2019-06-11
2.1
None Local Low Not required Partial None None
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are prior to 5.2.24 and prior to 6.0.2. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle VM VirtualBox accessible data. CVSS 3.0 Base Score 3.8 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N).
105 CVE-2019-2504 284 2019-01-16 2019-06-11
2.1
None Local Low Not required Partial None None
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are prior to 5.2.24 and prior to 6.0.2. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle VM VirtualBox accessible data. CVSS 3.0 Base Score 3.8 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N).
106 CVE-2019-2501 284 2019-01-16 2019-06-11
2.1
None Local Low Not required Partial None None
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are prior to 5.2.24 and prior to 6.0.2. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle VM VirtualBox accessible data. CVSS 3.0 Base Score 3.8 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N).
107 CVE-2019-2493 284 2019-01-16 2019-01-18
2.6
None Remote High Not required None Partial None
Vulnerability in the PeopleSoft Enterprise CS Campus Community component of Oracle PeopleSoft Products (subcomponent: Frameworks). Supported versions that are affected are 9.0 and 9.2. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise CS Campus Community. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of PeopleSoft Enterprise CS Campus Community accessible data. CVSS 3.0 Base Score 3.1 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N).
108 CVE-2019-2451 284 2019-01-16 2019-06-11
2.1
None Local Low Not required Partial None None
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are prior to 5.2.24 and prior to 6.0.2. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.0 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N).
109 CVE-2019-2450 284 2019-01-16 2019-06-11
2.1
None Local Low Not required Partial None None
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are prior to 5.2.24 and prior to 6.0.2. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.0 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N).
110 CVE-2019-2449 284 DoS 2019-01-16 2019-05-16
2.6
None Remote High Not required None None Partial
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). The supported version that is affected is Java SE: 8u192. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 3.1 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L).
111 CVE-2019-2448 284 2019-01-16 2019-06-11
2.1
None Local Low Not required Partial None None
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are prior to 5.2.24 and prior to 6.0.2. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.0 Base Score 5.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N).
112 CVE-2019-2446 284 2019-01-16 2019-06-11
2.1
None Local Low Not required Partial None None
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are prior to 5.2.24 and prior to 6.0.2. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.0 Base Score 5.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N).
113 CVE-2019-2119 200 +Info 2019-07-08 2019-07-09
2.1
None Local Low Not required Partial None None
In multiple functions of key_store_service.cpp, there is a possible Information Disclosure due to improper locking. This could lead to local information disclosure of protected data with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-8.0 Android-8.1 Android-9. Android ID: A-131622568.
114 CVE-2019-2118 200 +Info 2019-07-08 2019-07-09
2.1
None Local Low Not required Partial None None
In various functions of Parcel.cpp, there are uninitialized or partially initialized stack variables. These could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-8.0 Android-8.1 Android-9. Android ID: A-130161842.
115 CVE-2019-2117 200 +Info 2019-07-08 2019-07-09
2.1
None Local Low Not required Partial None None
In checkQueryPermission of TelephonyProvider.java, there is a possible disclosure of secure data due to a missing permission check. This could lead to local information disclosure about carrier systems with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9. Android ID: A-124107808.
116 CVE-2019-2113 264 Bypass 2019-07-08 2019-07-09
2.1
None Local Low Not required None Partial None
In setup wizard there is a bypass of some checks when wifi connection is skipped. This could lead to factory reset protection bypass with no additional privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-9. Android ID: A-122597079.
117 CVE-2019-2104 200 +Info 2019-07-08 2019-07-09
2.1
None Local Low Not required Partial None None
In HIDL, safe_union, and other C++ structs/unions being sent to application processes, there are uninitialized fields. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-8.0 Android-8.1 Android-9. Android ID: A-131356202
118 CVE-2019-1880 345 Bypass 2019-06-05 2019-06-07
2.1
None Local Low Not required None Partial None
A vulnerability in the BIOS upgrade utility of Cisco Unified Computing System (UCS) C-Series Rack Servers could allow an authenticated, local attacker to install compromised BIOS firmware on an affected device. The vulnerability is due to insufficient validation of the firmware image file. An attacker could exploit this vulnerability by executing the BIOS upgrade utility with a specific set of options. A successful exploit could allow the attacker to bypass the firmware signature-verification process and install compromised BIOS firmware on an affected device.
119 CVE-2019-1835 22 Dir. Trav. 2019-04-17 2019-04-19
2.1
None Local Low Not required Partial None None
A vulnerability in the CLI of Cisco Aironet Access Points (APs) could allow an authenticated, local attacker to access sensitive information stored in an AP. The vulnerability is due to improper sanitization of user-supplied input in specific CLI commands. An attacker could exploit this vulnerability by accessing the CLI of an affected AP with administrator privileges and issuing crafted commands that result in directory traversal. A successful exploit could allow the attacker to view system files on the affected device, which could contain sensitive information. Software versions 8.8 and 8.9 are affected.
120 CVE-2019-1808 347 2019-05-15 2019-05-20
2.1
None Local Low Not required None Partial None
A vulnerability in the Image Signature Verification feature of Cisco NX-OS Software could allow an authenticated, local attacker with administrator-level credentials to install a malicious software patch on an affected device. The vulnerability is due to improper verification of digital signatures for patch images. An attacker could exploit this vulnerability by loading an unsigned software patch on an affected device. A successful exploit could allow the attacker to boot a malicious software patch image.
121 CVE-2019-1762 200 +Info 2019-03-27 2019-04-02
2.1
None Local Low Not required Partial None None
A vulnerability in the Secure Storage feature of Cisco IOS and IOS XE Software could allow an authenticated, local attacker to access sensitive system information on an affected device. The vulnerability is due to improper memory operations performed at encryption time, when affected software handles configuration updates. An attacker could exploit this vulnerability by retrieving the contents of specific memory locations of an affected device. A successful exploit could result in the disclosure of keying materials that are part of the device configuration, which can be used to recover critical system information.
122 CVE-2019-1731 200 +Info 2019-05-15 2019-05-17
2.1
None Local Low Not required Partial None None
A vulnerability in the SSH CLI key management functionality of Cisco NX-OS Software could allow an authenticated, local attacker to expose a user's private SSH key to all authenticated users on the targeted device. The attacker must authenticate with valid administrator device credentials. The vulnerability is due to incomplete error handling if a specific error type occurs during the SSH key export. An attacker could exploit this vulnerability by authenticating to the device and entering a crafted command at the CLI. A successful exploit could allow the attacker to expose a user's private SSH key. In addition, a similar type of error in the SSH key import could cause the passphrase-protected private SSH key to be imported unintentionally.
123 CVE-2019-1630 119 DoS Overflow Bypass 2019-06-19 2019-06-24
2.1
None Local Low Not required None None Partial
A vulnerability in the firmware signature checking program of Cisco Integrated Management Controller (IMC) could allow an authenticated, local attacker to cause a buffer overflow, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient checking of an input buffer. An attacker could exploit this vulnerability by passing a crafted file to the affected system. A successful exploit could inhibit an administrator's ability to access the system.
124 CVE-2019-1628 191 DoS Overflow 2019-06-19 2019-06-24
2.1
None Local Low Not required None None Partial
A vulnerability in the web server of Cisco Integrated Management Controller (IMC) could allow an authenticated, local attacker to cause a buffer overflow, resulting in a denial of service (DoS) condition on an affected device. The vulnerability is due to incorrect bounds checking. An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected system. An exploit could allow the attacker to cause a buffer overflow, resulting in a process crash and DoS condition on the device.
125 CVE-2019-1589 200 +Info 2019-05-03 2019-05-09
2.1
None Local Low Not required Partial None None
A vulnerability in the Trusted Platform Module (TPM) functionality of software for Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an unauthenticated, local attacker with physical access to view sensitive information on an affected device. The vulnerability is due to a lack of proper data-protection mechanisms for disk encryption keys that are used within the partitions on an affected device hard drive. An attacker could exploit this vulnerability by obtaining physical access to the affected device to view certain cleartext keys. A successful exploit could allow the attacker to execute a custom boot process or conduct further attacks on an affected device.
126 CVE-2019-1586 320 +Info 2019-05-03 2019-05-07
2.1
None Local Low Not required Partial None None
A vulnerability in Cisco Application Policy Infrastructure Controller (APIC) Software could allow an unauthenticated, local attacker with physical access to obtain sensitive information from an affected device. The vulnerability is due to insecure removal of cleartext encryption keys stored on local partitions in the hard drive of an affected device. An attacker could exploit this vulnerability by retrieving data from the physical disk on the affected partition(s). A successful exploit could allow the attacker to retrieve encryption keys, possibly allowing the attacker to further decrypt other data and sensitive information on the device, which could lead to the disclosure of confidential information.
127 CVE-2019-1097 200 +Info 2019-07-15 2019-07-16
2.1
None Local Low Not required Partial None None
An information disclosure vulnerability exists when DirectWrite improperly discloses the contents of its memory, aka 'DirectWrite Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1093.
128 CVE-2019-1096 200 +Info 2019-07-15 2019-07-16
2.1
None Local Low Not required Partial None None
An information disclosure vulnerability exists when the win32k component improperly provides kernel information, aka 'Win32k Information Disclosure Vulnerability'.
129 CVE-2019-1093 200 +Info 2019-07-15 2019-07-16
2.1
None Local Low Not required Partial None None
An information disclosure vulnerability exists when DirectWrite improperly discloses the contents of its memory, aka 'DirectWrite Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1097.
130 CVE-2019-1091 200 +Info 2019-07-15 2019-07-16
2.1
None Local Low Not required Partial None None
An information disclosure vulnerability exists when Unistore.dll fails to properly handle objects in memory, aka 'Microsoft unistore.dll Information Disclosure Vulnerability'.
131 CVE-2019-1074 264 2019-07-15 2019-07-16
2.1
None Local Low Not required Partial None None
An elevation of privilege vulnerability exists in Microsoft Windows where certain folders, with local service privilege, are vulnerable to symbolic link attack. An attacker who successfully exploited this vulnerability could potentially access unauthorized information. The update addresses this vulnerability by not allowing symbolic links in these scenarios., aka 'Microsoft Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1082.
132 CVE-2019-1073 200 +Info 2019-07-15 2019-07-16
2.1
None Local Low Not required Partial None None
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1071.
133 CVE-2019-1071 200 +Info 2019-07-15 2019-07-16
2.1
None Local Low Not required Partial None None
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1073.
134 CVE-2019-1039 200 +Info 2019-06-12 2019-06-13
2.1
None Local Low Not required Partial None None
An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory.To exploit this vulnerability, an authenticated attacker could run a specially crafted application, aka 'Windows Kernel Information Disclosure Vulnerability'.
135 CVE-2019-0976 284 2019-05-16 2019-05-20
2.1
None Local Low Not required None Partial None
A tampering vulnerability exists in the NuGet Package Manager for Linux and Mac that could allow an authenticated attacker to modify contents of the intermediate build folder (by default "obj"), aka 'NuGet Package Manager Tampering Vulnerability'.
136 CVE-2019-0942 264 2019-05-16 2019-05-20
2.1
None Local Low Not required None Partial None
An elevation of privilege vulnerability exists in the Unified Write Filter (UWF) feature for Windows 10 when it improperly restricts access to the registry, aka 'Unified Write Filter Elevation of Privilege Vulnerability'.
137 CVE-2019-0886 200 +Info 2019-05-16 2019-05-17
2.7
None Local Network Low Single system Partial None None
An information disclosure vulnerability exists when Windows Hyper-V on a host operating system fails to properly validate input from an authenticated user on a guest operating system, aka 'Windows Hyper-V Information Disclosure Vulnerability'.
138 CVE-2019-0864 119 DoS Overflow 2019-05-16 2019-05-20
2.1
None Local Low Not required None None Partial
A denial of service vulnerability exists when .NET Framework improperly handles objects in heap memory, aka '.NET Framework Denial of Service Vulnerability'.
139 CVE-2019-0848 200 +Info 2019-04-09 2019-04-10
2.1
None Local Low Not required Partial None None
An information disclosure vulnerability exists when the win32k component improperly provides kernel information, aka 'Win32k Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0814.
140 CVE-2019-0844 200 +Info 2019-04-09 2019-04-10
2.1
None Local Low Not required Partial None None
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0840.
141 CVE-2019-0840 200 +Info 2019-04-09 2019-04-10
2.1
None Local Low Not required Partial None None
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0844.
142 CVE-2019-0839 200 +Info 2019-04-09 2019-05-08
2.1
None Local Low Not required Partial None None
An information disclosure vulnerability exists when the Terminal Services component improperly discloses the contents of its memory, aka 'Windows Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0838.
143 CVE-2019-0838 200 +Info 2019-04-09 2019-05-08
2.1
None Local Low Not required Partial None None
An information disclosure vulnerability exists when Windows Task Scheduler improperly discloses credentials to Windows Credential Manager, aka 'Windows Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0839.
144 CVE-2019-0837 200 +Info 2019-04-09 2019-04-10
2.1
None Local Low Not required Partial None None
An information disclosure vulnerability exists when DirectX improperly handles objects in memory, aka 'DirectX Information Disclosure Vulnerability'.
145 CVE-2019-0814 200 +Info 2019-04-09 2019-04-11
2.1
None Local Low Not required Partial None None
An information disclosure vulnerability exists when the win32k component improperly provides kernel information, aka 'Win32k Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0848.
146 CVE-2019-0796 264 2019-04-09 2019-05-08
2.1
None Local Low Not required None Partial None
An elevation of privilege vulnerability exists when Windows improperly handles calls to the LUAFV driver (luafv.sys), aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0730, CVE-2019-0731, CVE-2019-0805, CVE-2019-0836, CVE-2019-0841.
147 CVE-2019-0782 200 +Info 2019-04-08 2019-04-09
2.1
None Local Low Not required Partial None None
An information disclosure vulnerability exists when the Windows kernel fails to properly initialize a memory address, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0702, CVE-2019-0755, CVE-2019-0767, CVE-2019-0775.
148 CVE-2019-0776 200 +Info 2019-04-08 2019-04-09
2.1
None Local Low Not required Partial None None
An information disclosure vulnerability exists when the win32k component improperly provides kernel information, aka 'Win32k Information Disclosure Vulnerability'.
149 CVE-2019-0767 200 +Info 2019-04-08 2019-04-10
2.1
None Local Low Not required Partial None None
An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory.To exploit this vulnerability, an authenticated attacker could run a specially crafted application, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0702, CVE-2019-0755, CVE-2019-0775, CVE-2019-0782.
150 CVE-2019-0759 200 +Info 2019-04-08 2019-04-11
2.1
None Local Low Not required Partial None None
An information disclosure vulnerability exists when the Windows Print Spooler does not properly handle objects in memory, aka 'Windows Print Spooler Information Disclosure Vulnerability'.
Total number of vulnerabilities : 4610   Page : 1 2 3 (This Page)4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.