Microsoft Windows vulnerabilities

CVE-2019-1434 [HIGH] CVE-2019-1434: An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka 'Win32k An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1393, CVE-2019-1394, CVE-2019-1395, CVE-2019-1396, CVE-2019-1408.

CVE-2019-1422 [HIGH] CVE-2019-1422: An elevation of privilege vulnerability exists in the way that the iphlpsvc An elevation of privilege vulnerability exists in the way that the iphlpsvc.dll handles file creation allowing for a file overwrite, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1420, CVE-2019-1423.

CVE-2019-1407 [HIGH] CVE-2019-1407: An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handle An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handles objects in memory, aka 'Windows Graphics Component Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1433, CVE-2019-1435, CVE-2019-1437, CVE-2019-1438.

CVE-2019-1380 [HIGH] CWE-367 CVE-2019-1380: A local elevation of privilege vulnerability exists in how splwow64.exe handles certain calls, aka ' A local elevation of privilege vulnerability exists in how splwow64.exe handles certain calls, aka 'Microsoft splwow64 Elevation of Privilege Vulnerability'.

CVE-2019-1392 [HIGH] CVE-2019-1392: An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle obje An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'.

CVE-2019-1408 [HIGH] CVE-2019-1408: An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1393, CVE-2019-1394, CVE-2019-1395, CVE-2019-1396, CVE-2019-1434.

CVE-2019-1437 [HIGH] CVE-2019-1437: An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handles objects in memory, aka 'Windows Graphics Compone An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handles objects in memory, aka 'Windows Graphics Component Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1407, CVE-2019-1433, CVE-2019-1435, CVE-2019-1438.

CVE-2019-1411 [MEDIUM] CWE-125 CVE-2019-1411: An information disclosure vulnerability exists when DirectWrite improperly discloses the contents of An information disclosure vulnerability exists when DirectWrite improperly discloses the contents of its memory, aka 'DirectWrite Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1432.

CVE-2019-1412 [MEDIUM] CWE-125 CVE-2019-1412: An information disclosure vulnerability exists in Windows Adobe Type Manager Font Driver (ATMFD.dll) An information disclosure vulnerability exists in Windows Adobe Type Manager Font Driver (ATMFD.dll) when it fails to properly handle objects in memory, aka 'OpenType Font Driver Information Disclosure Vulnerability'.

CVE-2019-1324 [MEDIUM] CWE-200 CVE-2019-1324: An information disclosure vulnerability exists when the Windows TCP/IP stack improperly handles IPv6 An information disclosure vulnerability exists when the Windows TCP/IP stack improperly handles IPv6 flowlabel filled in packets, aka 'Windows TCP/IP Information Disclosure Vulnerability'.

CVE-2019-1399 [MEDIUM] CVE-2019-1399: A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate input from a privileged user on a guest op A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate input from a privileged user on a guest operating system, aka 'Windows Hyper-V Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-0712, CVE-2019-1309, CVE-2019-1310.

CVE-2019-0712 [MEDIUM] CWE-20 CVE-2019-0712: A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fail A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system, aka 'Windows Hyper-V Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-1309, CVE-2019-1310, CVE-2019-1399.

CVE-2019-1310 [MEDIUM] CVE-2019-1310: A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged use A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system, aka 'Windows Hyper-V Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-0712, CVE-2019-1309, CVE-2019-1399.

CVE-2019-1374 [MEDIUM] CWE-200 CVE-2019-1374: An information disclosure vulnerability exists in the way Windows Error Reporting (WER) handles obje An information disclosure vulnerability exists in the way Windows Error Reporting (WER) handles objects in memory, aka 'Windows Error Reporting Information Disclosure Vulnerability'.

CVE-2019-1381 [MEDIUM] CWE-200 CVE-2019-1381: An information disclosure vulnerability exists when the Windows Servicing Stack allows access to unp An information disclosure vulnerability exists when the Windows Servicing Stack allows access to unprivileged file locations, aka 'Microsoft Windows Information Disclosure Vulnerability'.

CVE-2019-1439 [MEDIUM] CWE-200 CVE-2019-1439: An information disclosure vulnerability exists when the Windows GDI component improperly discloses t An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'.

CVE-2019-1440 [MEDIUM] CVE-2019-1440: An information disclosure vulnerability exists when the win32k component improperly provides kernel information, aka 'Win32k Information Disclosure Vu An information disclosure vulnerability exists when the win32k component improperly provides kernel information, aka 'Win32k Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1436.

CVE-2019-1382 [MEDIUM] CVE-2019-1382: An elevation of privilege vulnerability exists when ActiveX Installer service may allow access to fi An elevation of privilege vulnerability exists when ActiveX Installer service may allow access to files without proper authentication, aka 'Microsoft ActiveX Installer Service Elevation of Privilege Vulnerability'.

CVE-2019-1436 [MEDIUM] CWE-200 CVE-2019-1436: An information disclosure vulnerability exists when the win32k component improperly provides kernel An information disclosure vulnerability exists when the win32k component improperly provides kernel information, aka 'Win32k Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1440.

CVE-2019-1432 [MEDIUM] CVE-2019-1432: An information disclosure vulnerability exists when DirectWrite improperly discloses the contents of its memory, aka 'DirectWrite Information Disclosu An information disclosure vulnerability exists when DirectWrite improperly discloses the contents of its memory, aka 'DirectWrite Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1411.