Vulnerabilities (CVE)

Filtered by vendor Microsoft Subscribe
Filtered by product Windows
Total 5095 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-32461 2 Microsoft, Trendmicro 2 Windows, Password Manager 2021-07-23 7.2 HIGH 7.8 HIGH
Trend Micro Password Manager (Consumer) version 5.0.0.1217 and below is vulnerable to an Integer Truncation Privilege Escalation vulnerability which could allow a local attacker to trigger a buffer overflow and escalate privileges on affected installations. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
CVE-2021-32462 2 Microsoft, Trendmicro 2 Windows, Password Manager 2021-07-23 9.0 HIGH 8.8 HIGH
Trend Micro Password Manager (Consumer) version 5.0.0.1217 and below is vulnerable to an Exposed Hazardous Function Remote Code Execution vulnerability which could allow an unprivileged client to manipulate the registry and escalate privileges to SYSTEM on affected installations. Authentication is required to exploit this vulnerability.
CVE-2021-1051 2 Microsoft, Nvidia 2 Windows, Gpu Driver 2021-07-23 6.6 MEDIUM 8.4 HIGH
NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape in which a local user can get elevated privileges to modify display configuration data, which may result in denial of service of the display.
CVE-2019-11049 2 Microsoft, Php 2 Windows, Php 2021-07-22 7.5 HIGH 9.8 CRITICAL
In PHP versions 7.3.x below 7.3.13 and 7.4.0 on Windows, when supplying custom headers to mail() function, due to mistake introduced in commit 78f4b4a2dcf92ddbccea1bb95f8390a18ac3342e, if the header is supplied in lowercase, this can result in double-freeing certain memory locations.
CVE-2020-7061 2 Microsoft, Php 2 Windows, Php 2021-07-22 6.4 MEDIUM 9.1 CRITICAL
In PHP versions 7.3.x below 7.3.15 and 7.4.x below 7.4.3, while extracting PHAR files on Windows using phar extension, certain content inside PHAR file could lead to one-byte read past the allocated buffer. This could potentially lead to information disclosure or crash.
CVE-2021-34481 1 Microsoft 1 Windows 2021-07-22 4.6 MEDIUM 7.8 HIGH
Windows Print Spooler Elevation of Privilege Vulnerability
CVE-2019-8195 3 Adobe, Apple, Microsoft 4 Acrobat Dc, Acrobat Reader Dc, Mac Os and 1 more 2021-07-21 10.0 HIGH 9.8 CRITICAL
Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an untrusted pointer dereference vulnerability. Successful exploitation could lead to arbitrary code execution .
CVE-2019-7960 3 Adobe, Apple, Microsoft 3 Animate Cc, Mac Os, Windows 2021-07-21 4.4 MEDIUM 7.8 HIGH
Adobe Animate CC versions 19.2.1 and earlier have an insecure library loading (dll hijacking) vulnerability. Successful exploitation could lead to privilege escalation.
CVE-2019-9794 2 Microsoft, Mozilla 4 Windows, Firefox, Firefox Esr and 1 more 2021-07-21 7.5 HIGH 9.8 CRITICAL
A vulnerability was discovered where specific command line arguments are not properly discarded during Firefox invocation as a shell handler for URLs. This could be used to retrieve and execute files whose location is supplied through these command line arguments if Firefox is configured as the default URI handler for a given URI scheme in third party applications and these applications insufficiently sanitize URL data. *Note: This issue only affects Windows operating systems. Other operating systems are unaffected.*. This vulnerability affects Thunderbird < 60.6, Firefox ESR < 60.6, and Firefox < 66.
CVE-2019-7941 3 Adobe, Linux, Microsoft 3 Campaign, Linux Kernel, Windows 2021-07-21 5.0 MEDIUM 7.5 HIGH
Adobe Campaign Classic version 18.10.5-8984 and earlier versions have an Information Exposure Through an Error Message vulnerability. Successful exploitation could lead to Information Disclosure in the context of the current user.
CVE-2019-7051 3 Adobe, Apple, Microsoft 4 Acrobat Dc, Acrobat Reader Dc, Mac Os and 1 more 2021-07-21 10.0 HIGH 9.8 CRITICAL
Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an untrusted pointer dereference vulnerability. Successful exploitation could lead to arbitrary code execution .
CVE-2019-5686 2 Microsoft, Nvidia 2 Windows, Gpu Driver 2021-07-21 4.9 MEDIUM 5.5 MEDIUM
NVIDIA Windows GPU Display Driver (all versions) contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape in which the software uses an API function or data structure in a way that relies on properties that are not always guaranteed to be valid, which may lead to denial of service.
CVE-2019-5859 2 Google, Microsoft 2 Chrome, Windows 2021-07-21 6.8 MEDIUM 8.8 HIGH
Insufficient filtering in URI schemes in Google Chrome on Windows prior to 76.0.3809.87 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
CVE-2019-7066 3 Adobe, Apple, Microsoft 4 Acrobat Dc, Acrobat Reader Dc, Mac Os and 1 more 2021-07-21 10.0 HIGH 9.8 CRITICAL
Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an untrusted pointer dereference vulnerability. Successful exploitation could lead to arbitrary code execution .
CVE-2019-7042 3 Adobe, Apple, Microsoft 4 Acrobat Dc, Acrobat Reader Dc, Mac Os and 1 more 2021-07-21 9.3 HIGH 8.8 HIGH
Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an untrusted pointer dereference vulnerability. Successful exploitation could lead to arbitrary code execution .
CVE-2019-8063 3 Adobe, Apple, Microsoft 3 Creative Cloud, Mac Os X, Windows 2021-07-21 5.0 MEDIUM 7.5 HIGH
Creative Cloud Desktop Application 4.6.1 and earlier versions have an insecure transmission of sensitive data vulnerability. Successful exploitation could lead to information leakage.
CVE-2019-18895 2 Microsoft, Scanguard 2 Windows, Scanguard Antivirus 2021-07-21 4.6 MEDIUM 7.8 HIGH
Scanguard through 2019-11-12 on Windows has Insecure Permissions for the installation directory, leading to privilege escalation via a Trojan horse executable file.
CVE-2019-5694 2 Microsoft, Nvidia 2 Windows, Gpu Driver 2021-07-21 4.4 MEDIUM 6.5 MEDIUM
NVIDIA Windows GPU Display Driver, R390 driver version, contains a vulnerability in NVIDIA Control Panel in which it incorrectly loads Windows system DLLs without validating the path or signature (also known as a binary planting or DLL preloading attack), which may lead to denial of service or information disclosure through code execution. The attacker requires local system access.
CVE-2019-16460 3 Adobe, Apple, Microsoft 4 Acrobat Dc, Acrobat Reader Dc, Mac Os and 1 more 2021-07-21 10.0 HIGH 9.8 CRITICAL
Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.011.30152 and earlier, 2017.011.30155 and earlier version, 2017.011.30152 and earlier, and 2015.006.30505 and earlier have an untrusted pointer dereference vulnerability. Successful exploitation could lead to arbitrary code execution .
CVE-2019-6984 2 Foxitsoftware, Microsoft 2 3d, Windows 2021-07-21 4.3 MEDIUM 6.5 MEDIUM
An issue was discovered in Foxit 3D Plugin Beta before 9.4.0.16807 for Foxit Reader and PhantomPDF. The application could encounter a Use-After-Free or Type Confusion and crash during handling of certain PDF files that embed specifically crafted 3D content, due to the use of a wild pointer.