Vulnerability & Exploit Database

Displaying entries 71 - 80 of 141697 in total

Microsoft CVE-2019-0641: Microsoft Edge Security Feature Bypass Vulnerability Vulnerability

  • Severity: 4
  • Published: February 12, 2019

A security feature bypass vulnerability exists in Microsoft Edge handles whitelisting. Edge depends on a default whitelist of sites where Adobe Flash will load without user interaction. Because the whitelist was not scheme-aware, an attacker could use a man in the middle attack to cause Flash policies to be bypassed and arbitrary Flash c...

Microsoft CVE-2019-0640: Scripting Engine Memory Corruption Vulnerability Vulnerability

  • Severity: 4
  • Published: February 12, 2019

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same ...

Microsoft CVE-2019-0637: Windows Defender Firewall Security Feature Bypass Vulnerability Vulnerability

  • Severity: 4
  • Published: February 12, 2019

A security feature bypass vulnerability exists when Windows Defender Firewall incorrectly applies firewall profiles to cellular network connections. This vulnerability occurs when Windows is connected to both an ethernet network and a cellular network. An attacker would have no way to trigger this vulnerability remotely, and this vulnera...

Microsoft CVE-2019-0636: Windows Information Disclosure Vulnerability Vulnerability

  • Severity: 4
  • Published: February 12, 2019

An information vulnerability exists when Windows improperly discloses file information. Successful exploitation of the vulnerability could allow the attacker to read the contents of files on disk. To exploit the vulnerability, an attacker would have to log onto an affected system and run a specially crafted application. The update addres...

Microsoft CVE-2019-0635: Windows Hyper-V Information Disclosure Vulnerability Vulnerability

  • Severity: 4
  • Published: February 12, 2019

An information disclosure vulnerability exists when Windows Hyper-V on a host operating system fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker on a guest operating system could run a specially crafted application that could cause the Hyper-V host operating...

Microsoft CVE-2019-0634: Microsoft Edge Memory Corruption Vulnerability Vulnerability

  • Severity: 4
  • Published: February 12, 2019

A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that enables an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the...

Microsoft CVE-2019-0633: Windows SMB Remote Code Execution Vulnerability Vulnerability

  • Severity: 4
  • Published: February 12, 2019

A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 2.0 (SMBv2) server handles certain requests. An attacker who successfully exploited the vulnerability could gain the ability to execute code on the target server. To exploit the vulnerability, in most situations, an authenticated attacker coul...

Microsoft CVE-2019-0632: Windows Security Feature Bypass Vulnerability Vulnerability

  • Severity: 4
  • Published: February 12, 2019

A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard. An attacker who successfully exploited this vulnerability could circumvent a User Mode Code Integrity (UMCI) policy on the machine. To exploit the vulnerability, an attacker would first have to access the local machine, and the...

Microsoft CVE-2019-0631: Windows Security Feature Bypass Vulnerability Vulnerability

  • Severity: 4
  • Published: February 12, 2019

A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard. An attacker who successfully exploited this vulnerability could circumvent a User Mode Code Integrity (UMCI) policy on the machine. To exploit the vulnerability, an attacker would first have to access the local machine, and the...

Microsoft CVE-2019-0630: Windows SMB Remote Code Execution Vulnerability Vulnerability

  • Severity: 4
  • Published: February 12, 2019

A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 2.0 (SMBv2) server handles certain requests. An attacker who successfully exploited the vulnerability could gain the ability to execute code on the target server. To exploit the vulnerability, in most situations, an authenticated attacker coul...