CVSS: 5.5EPSS: 0%CPEs: 18EXPL: 0CVE-2019-1382
https://notcve.org/view.php?id=CVE-2019-1382
An elevation of privilege vulnerability exists when ActiveX Installer service may allow access to files without proper authentication, aka 'Microsoft ActiveX Installer Service Elevation of Privilege Vulnerability'. Se presenta una vulnerabilidad de elevación de privilegios cuando el servicio ActiveX Installer puede permitir el acceso a los archivos sin la autenticación apropiada, también se conoce como "Microsoft ActiveX Installer Service Elevation of Privilege Vulnerability". • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1382 •
CVSS: 7.8EPSS: 0%CPEs: 14EXPL: 0CVE-2019-1380 – Microsoft Windows splwow64 Time-Of-Check Time-Of-Use Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2019-1380
A local elevation of privilege vulnerability exists in how splwow64.exe handles certain calls, aka 'Microsoft splwow64 Elevation of Privilege Vulnerability'. Se presenta una vulnerabilidad de elevación de privilegios local en la manera en que splwow64.exe maneja ciertas llamadas, también se conoce como 'Vulnerabilidad de elevación de privilegios de Microsoft splwow64'. This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the user-mode printer driver host process splwow64.exe. The code is subject to a time-of-check/time-of-use race condition when handling a call from a client. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1380 https://www.zerodayinitiative.com/advisories/ZDI-19-987 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 9.3EPSS: 1%CPEs: 19EXPL: 0CVE-2019-1358
https://notcve.org/view.php?id=CVE-2019-1358
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1359. Se presenta una vulnerabilidad de ejecución de código remota cuando el Windows Jet Database Engine maneja inapropiadamente los objetos en la memoria, también se conoce como "Jet Database Engine Remote Code Execution Vulnerability". Este ID de CVE es diferente de CVE-2019-1359. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1358 •
CVSS: 7.1EPSS: 5%CPEs: 19EXPL: 1CVE-2019-1346 – Microsoft Windows Kernel - Out-of-Bounds Read in CI!HashKComputeFirstPageHash While Parsing Malformed PE File
https://notcve.org/view.php?id=CVE-2019-1346
A denial of service vulnerability exists when Windows improperly handles objects in memory, aka 'Windows Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-1343, CVE-2019-1347. Se presenta una vulnerabilidad de denegación de servicio cuando Windows maneja inapropiadamente los objetos en la memoria, también se conoce como "Windows Denial of Service Vulnerability". Este ID de CVE es diferente de CVE-2019-1343, CVE-2019-1347. The Microsoft Windows kernel suffers from an out-of-bounds read vulnerability in CI! • https://www.exploit-db.com/exploits/47488 http://packetstormsecurity.com/files/154801/Microsoft-Windows-Kernel-CI-HashKComputeFirstPageHash-Out-Of-Bounds-Read.html https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1346 • CWE-125: Out-of-bounds Read •
CVSS: 7.1EPSS: 5%CPEs: 14EXPL: 1CVE-2019-1347 – Microsoft Windows Kernel - Out-of-Bounds Read in nt!MiRelocateImage While Parsing Malformed PE File
https://notcve.org/view.php?id=CVE-2019-1347
A denial of service vulnerability exists when Windows improperly handles objects in memory, aka 'Windows Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-1343, CVE-2019-1346. Se presenta una vulnerabilidad de denegación de servicio cuando Windows maneja inapropiadamente los objetos en la memoria, también se conoce como "Windows Denial of Service Vulnerability". Este ID de CVE es diferente de CVE-2019-1343, CVE-2019-1346. The Microsoft Windows kernel suffers from an out-of-bounds read vulnerability in nt! • https://www.exploit-db.com/exploits/47489 http://packetstormsecurity.com/files/154802/Microsoft-Windows-Kernel-nt-MiRelocateImage-Out-Of-Bounds-Read.html https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1347 • CWE-125: Out-of-bounds Read •