CVSS: 6.5EPSS: 7%CPEs: 20EXPL: 0CVE-2019-1465 – Microsoft Windows EMF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2019-1465
An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1466, CVE-2019-1467. Hay una vulnerabilidad de divulgación de información cuando el componente GDI de Windows revela inapropiadamente el contenido de su memoria, también se conoce como "Windows GDI Information Disclosure Vulnerability". Este ID de CVE es diferente de CVE-2019-1466, CVE-2019-1467. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Microsoft Windows. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1465 https://www.zerodayinitiative.com/advisories/ZDI-19-1008 • CWE-125: Out-of-bounds Read •
CVSS: 6.5EPSS: 7%CPEs: 20EXPL: 0CVE-2019-1466 – Microsoft Windows EMF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2019-1466
An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1465, CVE-2019-1467. Hay una vulnerabilidad de divulgación de información cuando el componente GDI de Windows revela inapropiadamente el contenido de su memoria, también se conoce como "Windows GDI Information Disclosure Vulnerability". Este ID de CVE es diferente de CVE-2019-1465, CVE-2019-1467. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Microsoft Windows. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1466 https://www.zerodayinitiative.com/advisories/ZDI-19-1007 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 97%CPEs: 11EXPL: 5CVE-2019-1458 – Microsoft Win32k Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2019-1458
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. Hay una vulnerabilidad de elevación de privilegios en Windows cuando el componente Win32k no puede manejar apropiadamente los objetos en memoria, también se conoce como "Win32k Elevation of Privilege Vulnerability". A privilege escalation vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k EoP. • https://www.exploit-db.com/exploits/48180 https://github.com/rip1s/CVE-2019-1458 http://packetstormsecurity.com/files/156651/Microsoft-Windows-WizardOpium-Local-Privilege-Escalation.html http://packetstormsecurity.com/files/159569/Microsoft-Windows-Uninitialized-Variable-Local-Privilege-Escalation.html https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1458 https://github.com/unamer/CVE-2019-1458 https://github.com/piotrflorczyk/cve-2019-1458_POC https://securelist.com/windows-0-day& •
CVSS: 7.5EPSS: 0%CPEs: 19EXPL: 0CVE-2019-1453
https://notcve.org/view.php?id=CVE-2019-1453
A denial of service vulnerability exists in Remote Desktop Protocol (RDP) when an attacker connects to the target system using RDP and sends specially crafted requests, aka 'Windows Remote Desktop Protocol (RDP) Denial of Service Vulnerability'. Hay una vulnerabilidad de denegación de servicio en Remote Desktop Protocol (RDP) cuando un atacante se conecta con el sistema de destino mediante RDP y envía peticiones especialmente diseñadas, también se conoce como "Windows Remote Desktop Protocol (RDP) Denial of Service Vulnerability". • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1453 •
CVSS: 8.8EPSS: 5%CPEs: 18EXPL: 0CVE-2019-1456 – Microsoft Windows Kernel Type 1 Font Processing Stack-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2019-1456
A remote code execution vulnerability exists in Microsoft Windows when the Windows Adobe Type Manager Library improperly handles specially crafted OpenType fonts, aka 'OpenType Font Parsing Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1419. Se presenta una vulnerabilidad de ejecución de código remota en Microsoft Windows cuando la Windows Adobe Type Manager Library maneja inapropiadamente las fuentes OpenType especialmente diseñadas, también se conoce como "OpenType Font Parsing Remote Code Execution Vulnerability". Este ID de CVE es diferente de CVE-2019-1419. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Windows. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1456 https://www.zerodayinitiative.com/advisories/ZDI-19-986 • CWE-787: Out-of-bounds Write •