Vulnerability & Exploit Database

Displaying entries 111 - 120 of 140656 in total

Microsoft CVE-2019-0561: Microsoft Word Information Disclosure Vulnerability Vulnerability

  • Severity: 4
  • Published: January 08, 2019

An information disclosure vulnerability exists when Microsoft Word macro buttons are used improperly. An attacker who successfully exploited this vulnerability could read arbitrary files from a targeted system. To exploit the vulnerability, an attacker could craft a special document file and convince the user to open it. An attacker must...

Microsoft CVE-2019-0560: Microsoft Office Information Disclosure Vulnerability Vulnerability

  • Severity: 4
  • Published: January 08, 2019

An information disclosure vulnerability exists when Microsoft Office improperly discloses the contents of its memory. An attacker who exploited the vulnerability could use the information to compromise the user’s computer or data. To exploit the vulnerability, an attacker could craft a special document file and then convince the user to ...

Microsoft CVE-2019-0559: Microsoft Outlook Information Disclosure Vulnerability Vulnerability

  • Severity: 4
  • Published: January 08, 2019

An information disclosure vulnerability exists when Microsoft Outlook improperly handles certain types of messages. An attacker who successfully exploited this vulnerability could gather information about the victim. An attacker could exploit this vulnerability by sending a specially crafted email to the victim. The update addresses the ...

Microsoft CVE-2019-0558: Microsoft Office SharePoint XSS Vulnerability Vulnerability

  • Severity: 3
  • Published: January 08, 2019

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server. The attacker who successfully ex...

Microsoft CVE-2019-0557: Microsoft Office SharePoint XSS Vulnerability Vulnerability

  • Severity: 3
  • Published: January 08, 2019

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server. The attacker who successfully ex...

Microsoft CVE-2019-0556: Microsoft Office SharePoint XSS Vulnerability Vulnerability

  • Severity: 3
  • Published: January 08, 2019

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server. The attacker who successfully ex...

Microsoft CVE-2019-0555: Microsoft XmlDocument Elevation of Privilege Vulnerability Vulnerability

  • Severity: 4
  • Published: January 08, 2019

An elevation of privilege vulnerability exists in the Microsoft XmlDocument class that could allow an attacker to escape from the AppContainer sandbox in the browser. An attacker who successfully exploited this vulnerability could gain elevated privileges and break out of the Edge AppContainer sandbox. The vulnerability by itself does no...

Microsoft CVE-2019-0554: Windows Kernel Information Disclosure Vulnerability Vulnerability

  • Severity: 2
  • Published: January 08, 2019

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially ...

Microsoft CVE-2019-0553: Windows Subsystem for Linux Information Disclosure Vulnerability Vulnerability

  • Severity: 2
  • Published: January 08, 2019

An information disclosure vulnerability exists when Windows Subsystem for Linux improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. A attacker could exploit this vulnerability by running a specially crafted application. The updat...

Microsoft CVE-2019-0552: Windows COM Elevation of Privilege Vulnerability Vulnerability

  • Severity: 5
  • Published: January 08, 2019

An elevation of privilege exists in Windows COM Desktop Broker. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges. To exploit the vulnerability, an attacker could run a specially crafted application that could exploit the vulnerability. This vulnerability by itself does not allow a...