CVE-2019-11397 CVSS:4.0
GetFile.aspx in Rapid4 RapidFlows Enterprise Application Builder 4.5M.23 (when used with .NET Framework 4.5) allows Local File Inclusion via the FileDesc parameter. (Last Update:2019-05-16) (Publish Update:2019-05-14)
CVE-2019-1167 CVSS:1.9
A security feature bypass vulnerability exists in Windows Defender Application Control (WDAC) which could allow an attacker to bypass WDAC enforcement, aka 'Windows Defender Application Control Security Feature Bypass Vulnerability'. (Last Update:2019-07-25) (Publish Update:2019-07-19)
CVE-2019-1152 CVSS:9.3
A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts, aka 'Microsoft Graphics Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1144, CVE-2019-1145, CVE-2019-1149, CVE-2019-1150, CVE-2019-1151. (Last Update:2019-08-16) (Publish Update:2019-08-14)
CVE-2019-1151 CVSS:9.3
A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts, aka 'Microsoft Graphics Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1144, CVE-2019-1145, CVE-2019-1149, CVE-2019-1150, CVE-2019-1152. (Last Update:2019-08-16) (Publish Update:2019-08-14)
CVE-2019-1150 CVSS:9.3
A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts, aka 'Microsoft Graphics Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1144, CVE-2019-1145, CVE-2019-1149, CVE-2019-1151, CVE-2019-1152. (Last Update:2019-08-16) (Publish Update:2019-08-14)
CVE-2019-1144 CVSS:9.3
A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts, aka 'Microsoft Graphics Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1145, CVE-2019-1149, CVE-2019-1150, CVE-2019-1151, CVE-2019-1152. (Last Update:2019-08-16) (Publish Update:2019-08-14)
CVE-2019-1137 CVSS:3.5
A cross-site-scripting (XSS) vulnerability exists when Microsoft Exchange Server does not properly sanitize a specially crafted web request to an affected Exchange server, aka 'Microsoft Exchange Server Spoofing Vulnerability'. (Last Update:2019-07-19) (Publish Update:2019-07-15)
CVE-2019-1136 CVSS:5.1
An elevation of privilege vulnerability exists in Microsoft Exchange Server, aka 'Microsoft Exchange Server Elevation of Privilege Vulnerability'. (Last Update:2019-07-19) (Publish Update:2019-07-15)
CVE-2019-1134 CVSS:3.5
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. (Last Update:2019-07-19) (Publish Update:2019-07-15)
CVE-2019-1132 CVSS:7.2
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. (Last Update:2019-07-19) (Publish Update:2019-07-15)
Click here for a complete list of security vulnerabilities. This vulnerability list widget is provided by www.cvedetails.com