The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.
| ID | Description | Priority | Modified date |
|---|---|---|---|
| CVE-2019-0673 | A remote code execution vulnerability exists when the Microsoft Office Access Connectivity Engine improperly handles objects in memory, aka \'Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability\'. This CVE ID is unique from CVE-2019-0671, CVE-2019-0672, CVE-2019-0674, CVE-2019-0675. | HIGH | Mar 22, 2019 |
| CVE-2019-0672 | A remote code execution vulnerability exists when the Microsoft Office Access Connectivity Engine improperly handles objects in memory, aka \'Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability\'. This CVE ID is unique from CVE-2019-0671, CVE-2019-0673, CVE-2019-0674, CVE-2019-0675. | HIGH | Mar 22, 2019 |
| CVE-2019-0671 | A remote code execution vulnerability exists when the Microsoft Office Access Connectivity Engine improperly handles objects in memory, aka \'Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability\'. This CVE ID is unique from CVE-2019-0672, CVE-2019-0673, CVE-2019-0674, CVE-2019-0675. | HIGH | Mar 22, 2019 |
| CVE-2019-0670 | A spoofing vulnerability exists in Microsoft SharePoint when the application does not properly parse HTTP content, aka \'Microsoft SharePoint Spoofing Vulnerability\'. | MEDIUM | Mar 22, 2019 |
| CVE-2019-0669 | An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory, aka \'Microsoft Excel Information Disclosure Vulnerability\'. | MEDIUM | Mar 22, 2019 |
| CVE-2019-0668 | An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka \'Microsoft SharePoint Elevation of Privilege Vulnerability\'. | MEDIUM | Mar 22, 2019 |
| CVE-2019-0667 | A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka \'Windows VBScript Engine Remote Code Execution Vulnerability\'. This CVE ID is unique from CVE-2019-0665, CVE-2019-0666, CVE-2019-0772. | HIGH | Apr 9, 2019 |
| CVE-2019-0666 | A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka \'Windows VBScript Engine Remote Code Execution Vulnerability\'. This CVE ID is unique from CVE-2019-0665, CVE-2019-0667, CVE-2019-0772. | HIGH | Apr 9, 2019 |
| CVE-2019-0665 | A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka \'Windows VBScript Engine Remote Code Execution Vulnerability\'. This CVE ID is unique from CVE-2019-0666, CVE-2019-0667, CVE-2019-0772. | HIGH | Apr 9, 2019 |
| CVE-2019-0664 | An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka \'Windows GDI Information Disclosure Vulnerability\'. This CVE ID is unique from CVE-2019-0602, CVE-2019-0615, CVE-2019-0616, CVE-2019-0619, CVE-2019-0660. | MEDIUM | Mar 22, 2019 |
| CVE-2019-0663 | An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory.To exploit this vulnerability, an authenticated attacker could run a specially crafted application, aka \'Windows Kernel Information Disclosure Vulnerability\'. This CVE ID is unique from CVE-2019-0621, CVE-2019-0661. | LOW | Mar 22, 2019 |
| CVE-2019-0662 | A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory, aka \'GDI+ Remote Code Execution Vulnerability\'. This CVE ID is unique from CVE-2019-0618. | HIGH | Mar 22, 2019 |
| CVE-2019-0661 | An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka \'Windows Kernel Information Disclosure Vulnerability\'. This CVE ID is unique from CVE-2019-0621, CVE-2019-0663. | LOW | Mar 22, 2019 |
| CVE-2019-0660 | An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka \'Windows GDI Information Disclosure Vulnerability\'. This CVE ID is unique from CVE-2019-0602, CVE-2019-0615, CVE-2019-0616, CVE-2019-0619, CVE-2019-0664. | MEDIUM | Mar 22, 2019 |
| CVE-2019-0659 | An elevation of privilege vulnerability exists when the Storage Service improperly handles file operations, aka \'Windows Storage Service Elevation of Privilege Vulnerability\'. | MEDIUM | Mar 22, 2019 |
| CVE-2019-0658 | An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Microsoft Edge, aka \'Scripting Engine Information Disclosure Vulnerability\'. This CVE ID is unique from CVE-2019-0648. | MEDIUM | Mar 22, 2019 |
| CVE-2019-0657 | A vulnerability exists in certain .Net Framework API\'s and Visual Studio in the way they parse URL\'s, aka \'.NET Framework and Visual Studio Spoofing Vulnerability\'. | MEDIUM | Mar 22, 2019 |
| CVE-2019-0656 | An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka \'Windows Kernel Elevation of Privilege Vulnerability\'. | MEDIUM | Mar 22, 2019 |
| CVE-2019-0655 | A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka \'Scripting Engine Memory Corruption Vulnerability\'. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0593, CVE-2019-0605, CVE-2019-0607, CVE-2019-0610, CVE-2019-0640, CVE-2019-0642, CVE-2019-0644, CVE-2019-0651, CVE-2019-0652. | HIGH | Mar 22, 2019 |
| CVE-2019-0654 | A spoofing vulnerability exists when Microsoft browsers improperly handles specific redirects, aka \'Microsoft Browser Spoofing Vulnerability\'. | MEDIUM | Mar 22, 2019 |
| CVE-2019-0653 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none | -- | Nov 7, 2023 |
| CVE-2019-0652 | A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka \'Scripting Engine Memory Corruption Vulnerability\'. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0593, CVE-2019-0605, CVE-2019-0607, CVE-2019-0610, CVE-2019-0640, CVE-2019-0642, CVE-2019-0644, CVE-2019-0651, CVE-2019-0655. | HIGH | Mar 22, 2019 |
| CVE-2019-0651 | A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka \'Scripting Engine Memory Corruption Vulnerability\'. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0593, CVE-2019-0605, CVE-2019-0607, CVE-2019-0610, CVE-2019-0640, CVE-2019-0642, CVE-2019-0644, CVE-2019-0652, CVE-2019-0655. | HIGH | Mar 22, 2019 |
| CVE-2019-0650 | A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka \'Microsoft Edge Memory Corruption Vulnerability\'. This CVE ID is unique from CVE-2019-0634, CVE-2019-0645. | HIGH | Mar 22, 2019 |
| CVE-2019-0649 | A vulnerability exists in Microsoft Chakra JIT server, aka \'Scripting Engine Elevation of Privileged Vulnerability\'. | MEDIUM | Mar 22, 2019 |
| CVE-2019-0648 | An information disclosure vulnerability exists when Chakra improperly discloses the contents of its memory, which could provide an attacker with information to further compromise the user\'s computer or data.To exploit the vulnerability, an attacker must know the memory address of where the object was created.The update addresses the vulnerability by changing the way certain functions handle objects in memory, aka Scripting Engine Information Disclosure Vulnerability. This CVE ID is unique from CVE-2019-0658. | MEDIUM | Mar 22, 2019 |
| CVE-2019-0647 | An information disclosure vulnerability exists when Team Foundation Server does not properly handle variables marked as secret, aka Team Foundation Server Information Disclosure Vulnerability. This affects Team. | Medium | Jan 19, 2019 |
| CVE-2019-0646 | A Cross-site Scripting (XSS) vulnerability exists when Team Foundation Server does not properly sanitize user provided input, aka Team Foundation Server Cross-site Scripting Vulnerability. This affects Team. | Low | Jan 22, 2019 |
| CVE-2019-0645 | A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka \'Microsoft Edge Memory Corruption Vulnerability\'. This CVE ID is unique from CVE-2019-0634, CVE-2019-0650. | HIGH | Mar 22, 2019 |
| CVE-2019-0644 | A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka \'Scripting Engine Memory Corruption Vulnerability\'. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0593, CVE-2019-0605, CVE-2019-0607, CVE-2019-0610, CVE-2019-0640, CVE-2019-0642, CVE-2019-0651, CVE-2019-0652, CVE-2019-0655. | HIGH | Mar 22, 2019 |
| CVE-2019-0643 | An information disclosure vulnerability exists in the way that Microsoft Edge handles cross-origin requests, aka \'Microsoft Edge Information Disclosure Vulnerability\'. | MEDIUM | Mar 22, 2019 |
| CVE-2019-0642 | A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka \'Scripting Engine Memory Corruption Vulnerability\'. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0593, CVE-2019-0605, CVE-2019-0607, CVE-2019-0610, CVE-2019-0640, CVE-2019-0644, CVE-2019-0651, CVE-2019-0652, CVE-2019-0655. | HIGH | Mar 22, 2019 |
| CVE-2019-0641 | A security feature bypass vulnerability exists in Microsoft Edge handles whitelisting, aka \'Microsoft Edge Security Feature Bypass Vulnerability\'. | MEDIUM | Mar 22, 2019 |
| CVE-2019-0640 | A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka \'Scripting Engine Memory Corruption Vulnerability\'. This CVE ID is unique from CVE-2019-0590, CVE-2019-0591, CVE-2019-0593, CVE-2019-0605, CVE-2019-0607, CVE-2019-0610, CVE-2019-0642, CVE-2019-0644, CVE-2019-0651, CVE-2019-0652, CVE-2019-0655. | HIGH | Mar 22, 2019 |
| CVE-2019-0639 | A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka \'Scripting Engine Memory Corruption Vulnerability\'. This CVE ID is unique from CVE-2019-0609, CVE-2019-0680, CVE-2019-0769, CVE-2019-0770, CVE-2019-0771, CVE-2019-0773, CVE-2019-0783. | HIGH | Apr 9, 2019 |
| CVE-2019-0638 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none | -- | Nov 7, 2023 |
| CVE-2019-0637 | A security feature bypass vulnerability exists when Windows Defender Firewall incorrectly applies firewall profiles to cellular network connections, aka \'Windows Defender Firewall Security Feature Bypass Vulnerability\'. | MEDIUM | Mar 22, 2019 |
| CVE-2019-0636 | An information vulnerability exists when Windows improperly discloses file information, aka \'Windows Information Disclosure Vulnerability\'. | LOW | Mar 22, 2019 |
| CVE-2019-0635 | An information disclosure vulnerability exists when Windows Hyper-V on a host operating system fails to properly validate input from an authenticated user on a guest operating system, aka \'Windows Hyper-V Information Disclosure Vulnerability\'. | MEDIUM | Mar 22, 2019 |
| CVE-2019-0634 | A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka \'Microsoft Edge Memory Corruption Vulnerability\'. This CVE ID is unique from CVE-2019-0645, CVE-2019-0650. | HIGH | Mar 22, 2019 |
| CVE-2019-0633 | A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 2.0 (SMBv2) server handles certain requests, aka \'Windows SMB Remote Code Execution Vulnerability\'. This CVE ID is unique from CVE-2019-0630. | HIGH | Mar 22, 2019 |
| CVE-2019-0632 | A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard, aka \'Windows Security Feature Bypass Vulnerability\'. This CVE ID is unique from CVE-2019-0627, CVE-2019-0631. | MEDIUM | Mar 22, 2019 |
| CVE-2019-0631 | A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard, aka \'Windows Security Feature Bypass Vulnerability\'. This CVE ID is unique from CVE-2019-0627, CVE-2019-0632. | MEDIUM | Mar 22, 2019 |
| CVE-2019-0630 | A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 2.0 (SMBv2) server handles certain requests, aka \'Windows SMB Remote Code Execution Vulnerability\'. This CVE ID is unique from CVE-2019-0633. | HIGH | Mar 22, 2019 |
| CVE-2019-0629 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none | -- | Nov 7, 2023 |
| CVE-2019-0628 | An information disclosure vulnerability exists when the win32k component improperly provides kernel information, aka \'Win32k Information Disclosure Vulnerability\'. | LOW | Mar 22, 2019 |
| CVE-2019-0627 | A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard, aka \'Windows Security Feature Bypass Vulnerability\'. This CVE ID is unique from CVE-2019-0631, CVE-2019-0632. | MEDIUM | Mar 22, 2019 |
| CVE-2019-0626 | A memory corruption vulnerability exists in the Windows Server DHCP service when an attacker sends specially crafted packets to a DHCP server, aka \'Windows DHCP Server Remote Code Execution Vulnerability\'. | HIGH | Mar 22, 2019 |
| CVE-2019-0625 | A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka \'Jet Database Engine Remote Code Execution Vulnerability\'. This CVE ID is unique from CVE-2019-0595, CVE-2019-0596, CVE-2019-0597, CVE-2019-0598, CVE-2019-0599. | HIGH | Mar 22, 2019 |
| CVE-2019-0624 | A spoofing vulnerability exists when a Skype for Business 2015 server does not properly sanitize a specially crafted request, aka Skype for Business 2015 Spoofing Vulnerability. This affects Skype. | Low | Jan 22, 2019 |
