CVSS: 10.0EPSS: 1%CPEs: 2EXPL: 1CVE-2019-5685
https://notcve.org/view.php?id=CVE-2019-5685
NVIDIA Windows GPU Display Driver (all versions) contains a vulnerability in DirectX drivers, in which a specially crafted shader can cause an out of bounds access to a shader local temporary array, which may lead to denial of service or code execution. Windows GPU Display Driver de NVIDIA (todas las versiones) contiene una vulnerabilidad en los controladores DirectX, en la que un shader especialmente diseñado puede causar un acceso fuera de límites a una matriz temporal local de un shader, lo que puede conllevar a la denegación de servicio o la ejecución del código. • https://nvidia.custhelp.com/app/answers/detail/a_id/4841 https://support.lenovo.com/us/en/product_security/LEN-28096 https://www.talosintelligence.com/vulnerability_reports/TALOS-2019-0812 • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 1%CPEs: 2EXPL: 1CVE-2019-5684
https://notcve.org/view.php?id=CVE-2019-5684
NVIDIA Windows GPU Display Driver (all versions) contains a vulnerability in DirectX drivers, in which a specially crafted shader can cause an out of bounds access of an input texture array, which may lead to denial of service or code execution. Windows GPU Display Driver de NVIDIA (todas las versiones) contiene una vulnerabilidad en los controladores DirectX, en la que un shader especialmente diseñado puede causar un acceso fuera de límites de una matriz de textura de entrada, lo que puede conllevar a la denegación de servicio o la ejecución del código. • http://www.vmware.com/security/advisories/VMSA-2019-0012.html https://nvidia.custhelp.com/app/answers/detail/a_id/4841 https://support.lenovo.com/us/en/product_security/LEN-28096 https://www.talosintelligence.com/vulnerability_reports/TALOS-2019-0779 • CWE-787: Out-of-bounds Write •
CVSS: 5.9EPSS: 0%CPEs: 2EXPL: 3CVE-2019-13603
https://notcve.org/view.php?id=CVE-2019-13603
An issue was discovered in the HID Global DigitalPersona (formerly Crossmatch) U.are.U 4500 Fingerprint Reader Windows Biometric Framework driver 5.0.0.5. ... Se detectó un problema en el controlador versión 5.0.0.5 del Framework Biometric de Windows del U.are.U 4500 Fingerprint Reader de HID Global DigitalPersona (anteriormente Crossmatch). • https://github.com/sungjungk/fp-scanner-hacking https://www.youtube.com/watch?v=Grirez2xeas https://www.youtube.com/watch?v=wEXJDyEOatM • CWE-330: Use of Insufficiently Random Values •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 1CVE-2019-0959 – Microsoft Windows - 'CmpAddRemoveContainerToCLFSLog' Arbitrary File/Directory Creation
https://notcve.org/view.php?id=CVE-2019-0959
An elevation of privilege vulnerability exists when the Windows Common Log File System (CLFS) driver improperly handles objects in memory, aka 'Windows Common Log File System Driver Elevation of Privilege Vulnerability'. ... Existe una vulnerabilidad de elevación de privilegios cuando el controlador de Common Log File System (CLFS) de Windows maneja inapropiadamente los objetos en la memoria, también se conoce como 'Windows Common Log File System Driver Elevation of Privilege Vulnerability'. • https://www.exploit-db.com/exploits/47028 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0959 •
CVSS: 10.0EPSS: 97%CPEs: 139EXPL: 43CVE-2019-0708 – Microsoft Remote Desktop Services Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2019-0708
The RDP termdd.sys driver improperly handles binds to internal-only channel MS_T120, allowing a malformed Disconnect Provider Indication message to cause a use-after-free. • https://www.exploit-db.com/exploits/47120 https://www.exploit-db.com/exploits/46946 https://www.exploit-db.com/exploits/47416 https://www.exploit-db.com/exploits/47683 https://github.com/k8gege/CVE-2019-0708 https://github.com/n1xbyte/CVE-2019-0708 https://github.com/victor0013/CVE-2019-0708 https://github.com/cbwang505/CVE-2019-0708-EXP-Windows https://github.com/Leoid/CVE-2019-0708 https://github.com/p0p0p0/CVE-2019-0708-exploit https://github.com/wora • CWE-416: Use After Free •