Microsoft : Security Vulnerabilities, CVEs, Published In November 2019 (Code Execution)
A remote code execution vulnerability exists in Microsoft Windows when the Windows Adobe Type Manager Library improperly handles specially crafted OpenType fonts, aka 'OpenType Font Parsing Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1419.
Max CVSS
8.8
EPSS Score
4.05%
Published
2019-11-12
Updated
2020-08-24
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'.
Max CVSS
9.3
EPSS Score
1.49%
Published
2019-11-12
Updated
2020-08-24
A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts, aka 'Win32k Graphics Remote Code Execution Vulnerability'.
Max CVSS
9.3
EPSS Score
5.02%
Published
2019-11-12
Updated
2019-11-14
A remote code execution vulnerability exists when Windows Media Foundation improperly parses specially crafted QuickTime media files.An attacker who successfully exploited this vulnerability could gain the same user rights as the local user, aka 'Microsoft Windows Media Foundation Remote Code Execution Vulnerability'.
Max CVSS
9.3
EPSS Score
1.07%
Published
2019-11-12
Updated
2020-08-24
CVE-2019-1429
Known exploited
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1426, CVE-2019-1427, CVE-2019-1428.
Max CVSS
7.6
EPSS Score
97.14%
Published
2019-11-12
Updated
2020-08-24
CISA KEV Added
2021-11-03
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge (HTML-based), aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1426, CVE-2019-1427, CVE-2019-1429.
Max CVSS
7.6
EPSS Score
2.13%
Published
2019-11-12
Updated
2020-08-24
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge (HTML-based), aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1426, CVE-2019-1428, CVE-2019-1429.
Max CVSS
7.6
EPSS Score
2.13%
Published
2019-11-12
Updated
2020-08-24
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge (HTML-based), aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1427, CVE-2019-1428, CVE-2019-1429.
Max CVSS
7.6
EPSS Score
2.13%
Published
2019-11-12
Updated
2020-08-24
A remote code execution vulnerability exists in Microsoft Windows when the Windows Adobe Type Manager Library improperly handles specially crafted OpenType fonts, aka 'OpenType Font Parsing Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1456.
Max CVSS
8.8
EPSS Score
8.07%
Published
2019-11-12
Updated
2020-08-24
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'.
Max CVSS
9.3
EPSS Score
1.49%
Published
2019-11-12
Updated
2020-08-24
A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system, aka 'Windows Hyper-V Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1389, CVE-2019-1397.
Max CVSS
8.4
EPSS Score
0.14%
Published
2019-11-12
Updated
2019-11-15
A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system, aka 'Windows Hyper-V Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1389, CVE-2019-1398.
Max CVSS
8.4
EPSS Score
0.14%
Published
2019-11-12
Updated
2020-09-28
A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'VBScript Remote Code Execution Vulnerability'.
Max CVSS
7.6
EPSS Score
1.16%
Published
2019-11-12
Updated
2020-08-24
A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system, aka 'Windows Hyper-V Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1397, CVE-2019-1398.
Max CVSS
8.4
EPSS Score
0.14%
Published
2019-11-12
Updated
2020-09-28
A remote code execution vulnerability exists in Microsoft Exchange through the deserialization of metadata via PowerShell, aka 'Microsoft Exchange Remote Code Execution Vulnerability'.
Max CVSS
9.8
EPSS Score
4.52%
Published
2019-11-12
Updated
2019-11-14
A remote code execution vulnerability exists when Windows Hyper-V Network Switch on a host server fails to properly validate input from an authenticated user on a guest operating system, aka 'Hyper-V Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0719.
Max CVSS
9.1
EPSS Score
0.97%
Published
2019-11-12
Updated
2019-11-14
A remote code execution vulnerability exists when Windows Hyper-V Network Switch on a host server fails to properly validate input from an authenticated user on a guest operating system, aka 'Hyper-V Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0721.
Max CVSS
9.1
EPSS Score
0.97%
Published
2019-11-12
Updated
2019-11-14
17 vulnerabilities found