CVSS: 8.8EPSS: 4%CPEs: 20EXPL: 0CVE-2019-1208 – Microsoft Windows VBScript Array Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2019-1208
A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'VBScript Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1236. Se presenta una vulnerabilidad de ejecución de código remota en la manera en que el motor VBScript maneja los objetos en la memoria, también se conoce como "VBScript Remote Code Execution Vulnerability". Este ID de CVE es diferente de CVE-2019-1236. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Windows. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1208 https://www.zerodayinitiative.com/advisories/ZDI-19-831 • CWE-416: Use After Free •
CVSS: 6.5EPSS: 6%CPEs: 19EXPL: 1CVE-2019-1244 – Microsoft DirectWrite - Out-of-Bounds Read in sfac_GetSbitBitmap While Processing TTF Fonts
https://notcve.org/view.php?id=CVE-2019-1244
An information disclosure vulnerability exists when DirectWrite improperly discloses the contents of its memory, aka 'DirectWrite Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1245, CVE-2019-1251. Se presenta una vulnerabilidad de divulgación de información cuando DirectWrite divulga inapropiadamente el contenido de su memoria, también se conoce como "DirectWrite Information Disclosure Vulnerability". Este ID de CVE es diferente de CVE-2019-1245, CVE-2019-1251. Microsoft DirectWrite suffers from an out-of-bounds read in sfac_GetSbitBitmap while processing TTF fonts. • https://www.exploit-db.com/exploits/47382 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1244 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.5EPSS: 6%CPEs: 19EXPL: 1CVE-2019-1245 – Microsoft DirectWrite - Invalid Read in SplicePixel While Processing OTF Fonts
https://notcve.org/view.php?id=CVE-2019-1245
An information disclosure vulnerability exists when DirectWrite improperly discloses the contents of its memory, aka 'DirectWrite Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1244, CVE-2019-1251. Se presenta una vulnerabilidad de divulgación de información cuando DirectWrite divulga inapropiadamente el contenido de su memoria, también se conoce como "DirectWrite Information Disclosure Vulnerability". Este ID de CVE es diferente de CVE-2019-1244, CVE-2019-1251. Microsoft DirectWrite suffers from an invalid read in SplicePixel while processing OTF fonts. • https://www.exploit-db.com/exploits/47381 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1245 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.3EPSS: 1%CPEs: 19EXPL: 0CVE-2019-1243 – Microsoft Windows JET Database Engine Out-Of-Bounds Read Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2019-1243
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1240, CVE-2019-1241, CVE-2019-1242, CVE-2019-1246, CVE-2019-1247, CVE-2019-1248, CVE-2019-1249, CVE-2019-1250. Se presenta una vulnerabilidad de ejecución de código remota cuando el Windows Jet Database Engine maneja inapropiadamente los objetos en la memoria, también se conoce como "Jet Database Engine Remote Code Execution Vulnerability". Este ID de CVE es diferente de CVE-2019-1240, CVE-2019-1241, CVE-2019-1242, CVE-2019-1246, CVE-2019-1247, CVE-2019-1248, CVE-2019-1249, CVE- 2019-1250. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Windows. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1243 •
CVSS: 6.5EPSS: 27%CPEs: 19EXPL: 0CVE-2019-1252 – Microsoft Windows EMF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2019-1252
An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1286. Se presenta una vulnerabilidad de divulgación de información cuando el componente GDI de Windows revela inapropiadamente el contenido de su memoria, también se conoce como 'Vulnerabilidad de divulgación de información de Windows GDI'. Este ID de CVE es diferente de CVE-2019-1286. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Microsoft Windows. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1252 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •