Vulnerability & Exploit Database

Displaying entries 141 - 150 of 144949 in total

Microsoft CVE-2019-0792: MS XML Remote Code Execution Vulnerability Vulnerability

  • Severity: 9
  • Published: April 09, 2019

A remote code execution vulnerability exists when the Microsoft XML Core Services MSXML parser processes user input. An attacker who successfully exploited the vulnerability could run malicious code remotely to take control of the user’s system. To exploit the vulnerability, an attacker could host a specially crafted website designed to ...

Microsoft CVE-2019-0791: MS XML Remote Code Execution Vulnerability Vulnerability

  • Severity: 9
  • Published: April 09, 2019

A remote code execution vulnerability exists when the Microsoft XML Core Services MSXML parser processes user input. An attacker who successfully exploited the vulnerability could run malicious code remotely to take control of the user’s system. To exploit the vulnerability, an attacker could host a specially crafted website designed to ...

Microsoft CVE-2019-0790: MS XML Remote Code Execution Vulnerability Vulnerability

  • Severity: 9
  • Published: April 09, 2019

A remote code execution vulnerability exists when the Microsoft XML Core Services MSXML parser processes user input. An attacker who successfully exploited the vulnerability could run malicious code remotely to take control of the user’s system. To exploit the vulnerability, an attacker could host a specially crafted website designed to ...

Microsoft CVE-2019-0786: SMB Server Elevation of Privilege Vulnerability Vulnerability

  • Severity: 7
  • Published: April 09, 2019

An elevation of privilege vulnerability exists in the Microsoft Server Message Block (SMB) Server when an attacker with valid credentials attempts to open a specially crafted file over the SMB protocol on the same machine. An attacker who successfully exploited this vulnerability could bypass certain security checks in the operating syst...

Microsoft CVE-2019-0764: Microsoft Browsers Tampering Vulnerability Vulnerability

  • Severity: 4
  • Published: April 09, 2019

A tampering vulnerability exists when Microsoft browsers do not properly validate input under specific conditions. An attacker who exploited the vulnerability could pass custom command line parameters. In a web-based attack scenario, an attacker could host a specially crafted website designed to appear as a legitimate website to the user...

Microsoft CVE-2019-0753: Scripting Engine Memory Corruption Vulnerability Vulnerability

  • Severity: 8
  • Published: April 09, 2019

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the sa...

Microsoft CVE-2019-0752: Scripting Engine Memory Corruption Vulnerability Vulnerability

  • Severity: 8
  • Published: April 09, 2019

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the sa...

Microsoft CVE-2019-0739: Scripting Engine Memory Corruption Vulnerability Vulnerability

  • Severity: 8
  • Published: April 09, 2019

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same ...

Microsoft CVE-2019-0735: Windows CSRSS Elevation of Privilege Vulnerability Vulnerability

  • Severity: 7
  • Published: April 09, 2019

An elevation of privilege vulnerability exists when the Windows Client Server Run-Time Subsystem (CSRSS) fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code. An attacker could then install programs; view, change, or delete data; or create new accounts with full us...

Microsoft CVE-2019-0732: Windows Security Feature Bypass Vulnerability Vulnerability

  • Severity: 5
  • Published: April 09, 2019

A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard when Windows improperly handles calls to the LUAFV driver (luafv.sys). An attacker who successfully exploited this vulnerability could circumvent a User Mode Code Integrity (UMCI) policy on the machine. To exploit the vulnerabil...