CVSS: 7.6EPSS: 2%CPEs: 23EXPL: 0CVE-2019-0609
https://notcve.org/view.php?id=CVE-2019-0609
A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-0639, CVE-2019-0680, CVE-2019-0769, CVE-2019-0770, CVE-2019-0771, CVE-2019-0773, CVE-2019-0783. Se presenta una vulnerabilidad de ejecución de código remota en la manera en que el motor de scripting maneja los objetos en la memoria de los navegadores de Microsoft, también se conoce como "Scripting Engine Memory Corruption Vulnerability". Este ID de CVE es diferente de los CVE-2019-0639, CVE-2019-0680, CVE-2019-0769, CVE-2019-0770, CVE-2019-0771, CVE-2019-0773, CVE-2019-0783. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0609 • CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 13%CPEs: 18EXPL: 0CVE-2019-0774 – Microsoft Windows gdiplus EMF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2019-0774
An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0614. Se presenta una vulnerabilidad de divulgación de información cuando el componente GDI de Windows divulga inapropiadamente el contenido de su memoria, también se conoce como “Windows GDI Information Disclosure Vulnerability”. Este ID de CVE es una vulnerabilidad diferente a CVE-2019-0614. This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Microsoft Windows. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0774 •
CVSS: 7.6EPSS: 4%CPEs: 18EXPL: 0CVE-2019-0784 – Microsoft Windows ADODB Integer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2019-0784
A remote code execution vulnerability exists in the way that the ActiveX Data objects (ADO) handles objects in memory, aka 'Windows ActiveX Remote Code Execution Vulnerability'. Se presenta una vulnerabilidad de ejecución de código remota en la manera en que los objetos de ActiveX Data (ADO) maneja los objetos en la memoria, también se conoce como "Windows ActiveX Remote Code Execution Vulnerability". This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. Interaction with a library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the module msado15.dll. Crafted data can trigger an integer overflow before allocating a buffer. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0784 • CWE-787: Out-of-bounds Write •
CVSS: 7.6EPSS: 14%CPEs: 18EXPL: 1CVE-2019-0667 – Microsoft Windows VBScript Array Uninitialized Pointer Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2019-0667
A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'Windows VBScript Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0665, CVE-2019-0666, CVE-2019-0772. Existe una vulnerabilidad de ejecución de código remota en la manera en que el motor VBScript maneja los objetos en la memoria, también se conoce como "Windows VBScript Engine Remote Code Execution Vulnerability". Este ID de CVE es diferente de los CVE-2019-0665, CVE-2019-0666, CVE-2019-0772. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft VBScript. • https://www.exploit-db.com/exploits/46568 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0667 • CWE-787: Out-of-bounds Write •
CVSS: 9.3EPSS: 2%CPEs: 18EXPL: 0CVE-2019-0617 – Microsoft Windows JET Database Engine Integer Underflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2019-0617
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. Se presenta una vulnerabilidad de ejecución de código remota cuando el motor de base de datos de Windows Jet maneja inapropiadamente los objetos en la memoria, también se conoce como "Jet Database Engine Remote Code Execution Vulnerability". This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the JET database engine. Crafted data in an MDB file can trigger an integer underflow before writing to memory. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0617 •