CVSS: 7.6EPSS: 4%CPEs: 16EXPL: 0CVE-2019-0665 – Microsoft Internet Explorer Attr nodeValue Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2019-0665
A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'Windows VBScript Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0666, CVE-2019-0667, CVE-2019-0772. Se presenta una vulnerabilidad de ejecución de código remota en la manera en que el motor VBScript maneja los objetos en la memoria, también se conoce como "Vulnerabilidad de ejecución de código remota en el motor VBScript de Windows". Este ID de CVE es diferente de los CVE-2019-0666, CVE-2019-0667, CVE-2019-0772. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0665 • CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 13%CPEs: 18EXPL: 0CVE-2019-0614 – Microsoft Windows gdiplus DoGdiCommentMultiFormats EMR_COMMENT_MULTIFORMATS Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2019-0614
An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0774. Se presenta una vulnerabilidad de divulgación de información cuando el componente GDI de Windows divulga inapropiadamente el contenido de su memoria, también se conoce como "Windows GDI Information Disclosure Vulnerability". Este ID de CVE es diferente de CVE-2019-0774. This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Microsoft Windows. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0614 •
CVSS: 6.5EPSS: 13%CPEs: 28EXPL: 0CVE-2019-0746 – Microsoft Chakra lastIndexOf Integer Underflow Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2019-0746
An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Microsoft Edge, aka 'Scripting Engine Information Disclosure Vulnerability'. Una vulnerabilidad de divulgación de información existe cuando el motor de scripting no maneja adecuadamente los objetos en memoria en Microsoft Edge, también conocido como 'Scripting Engine Information Disclosure Vulnerability'. This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Microsoft Chakra. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the implementation of the lastIndexOf method in JavaScript. By performing actions in JavaScript, an attacker can trigger an integer underflow before reading memory. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0746 •
CVSS: 9.8EPSS: 29%CPEs: 14EXPL: 0CVE-2019-0603 – Microsoft Windows Deployment Services TFTP Server Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2019-0603
A remote code execution vulnerability exists in the way that Windows Deployment Services TFTP Server handles objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code with elevated permissions on a target system. To exploit the vulnerability, an attacker could create a specially crafted request, causing Windows to execute arbitrary code with elevated permissions. The security update addresses the vulnerability by correcting how Windows Deployment Services TFTP Server handles objects in memory, aka 'Windows Deployment Services TFTP Server Remote Code Execution Vulnerability'. Se presenta una vulnerabilidad de ejecución de código remota en la forma en que el servidor TFTP de Servicios de Implementación de Windows maneja los objetos en la memoria. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0603 •
CVSS: 6.5EPSS: 1%CPEs: 15EXPL: 0CVE-2019-0676 – Microsoft Internet Explorer Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2019-0676
An information disclosure vulnerability exists when Internet Explorer improperly handles objects in memory.An attacker who successfully exploited this vulnerability could test for the presence of files on disk, aka 'Internet Explorer Information Disclosure Vulnerability'. Existe una vulnerabilidad de divulgación de información cuando Internet Explorer gestiona inadecuadamente los objetos en la memoria. Un atacante que explote con éxito esta vulnerabilidad podría averiguar si existen archivos en el disco. Esto también se conoce como "Internet Explorer Information Disclosure Vulnerability'. An information disclosure vulnerability exists when Internet Explorer improperly handles objects in memory. • http://www.securityfocus.com/bid/106886 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0676 •