Exposure of sensitive information to an unauthorized actor in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.
Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.
Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.
External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing over a network.
External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing over a network.
Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an unauthorized attacker to perform spoofing over a network.
NTLM Hash Disclosure Spoofing Vulnerability
Windows Themes Spoofing Vulnerability
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.
Active Directory Federation Server Spoofing Vulnerability
Windows NTLM Spoofing Vulnerability
An information disclosure vulnerability exists when Microsoft Project reads out of bound memory due to an uninitialized variable, aka 'Microsoft Project Information Disclosure Vulnerability'.
Microsoft Office Spoofing Vulnerability
<p>An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise a user’s system.</p> <p>There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document or by convincing a user to visit an untrusted webpage.</p> <p>The update addresses the vulnerability by correcting how the Windows GDI component handles objects in memory.</p>
Improper access control in Microsoft Edge for Android allows an unauthorized attacker to bypass a security feature over a network.
Exposure of sensitive information to an unauthorized actor in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network.
Server-side request forgery (ssrf) in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network.
<p>An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise a user’s system.</p> <p>There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document or by convincing a user to visit an untrusted webpage.</p> <p>The update addresses the vulnerability by correcting how the Windows GDI component handles objects in memory.</p>
An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-0774, CVE-2020-0874, CVE-2020-0879, CVE-2020-0882.
Windows NTLM Spoofing Vulnerability
Windows Mixed Reality Developer Tools Information Disclosure Vulnerability
Windows Autopilot Device Management and Enrollment Client Spoofing Vulnerability
Windows Graphics Component Information Disclosure Vulnerability
Windows Graphics Component Information Disclosure Vulnerability
Microsoft SharePoint Information Disclosure Vulnerability
Windows HTML Platforms Security Feature Bypass Vulnerability
Skype Extension for Chrome Information Disclosure Vulnerability
An information disclosure vulnerability exists when DirectWrite improperly discloses the contents of its memory, aka 'DirectWrite Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1432.
NTLM Hash Disclosure Spoofing Vulnerability
Windows Graphics Component Information Disclosure Vulnerability
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
An information disclosure vulnerability exists when DirectWrite improperly discloses the contents of its memory, aka 'DirectWrite Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1411.
An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1466, CVE-2019-1467.
Out-of-bounds read in Remote Desktop Client allows an unauthorized attacker to disclose information over a network.
An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1465, CVE-2019-1466.
Microsoft Office Spoofing Vulnerability
.NET and Visual Studio Information Disclosure Vulnerability
An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1465, CVE-2019-1467.
Microsoft Outlook Spoofing Vulnerability
Microsoft Edge (Chromium-based) Information Disclosure Vulnerability
Windows Themes Spoofing Vulnerability
An information disclosure vulnerability exists when Microsoft Edge based on Edge HTML improperly handles objects in memory, aka 'Microsoft Edge based on Edge HTML Information Disclosure Vulnerability'.
An information disclosure vulnerability exists when Microsoft Edge based on Edge HTML improperly handles objects in memory, aka 'Microsoft Edge based on Edge HTML Information Disclosure Vulnerability'.
An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1252.
An information disclosure vulnerability exists when DirectWrite improperly discloses the contents of its memory, aka 'DirectWrite Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1244, CVE-2019-1251.
An information disclosure vulnerability exists when DirectWrite improperly discloses the contents of its memory, aka 'DirectWrite Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1245, CVE-2019-1251.
An information disclosure vulnerability exists in Lync 2013, aka 'Lync 2013 Information Disclosure Vulnerability'.
An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1286.