CVE-2019-0950

A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka ‘Microsoft SharePoint Spoofing Vulnerability’. This CVE ID is unique from CVE-2019-0949, CVE-2019-0951.

Source: CVE-2019-0950

CVE-2019-0951

A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka ‘Microsoft SharePoint Spoofing Vulnerability’. This CVE ID is unique from CVE-2019-0949, CVE-2019-0950.

Source: CVE-2019-0951

CVE-2019-0952

A remote code execution vulnerability exists in Microsoft SharePoint Server when it fails to properly identify and filter unsafe ASP.Net web controls, aka ‘Microsoft SharePoint Server Remote Code Execution Vulnerability’.

Source: CVE-2019-0952

CVE-2019-0980

A denial of service vulnerability exists when .NET Framework or .NET Core improperly handle web requests, aka ‘.Net Framework and .Net Core Denial of Service Vulnerability’. This CVE ID is unique from CVE-2019-0820, CVE-2019-0981.

Source: CVE-2019-0980

CVE-2019-0976

A tampering vulnerability exists in the NuGet Package Manager for Linux and Mac that could allow an authenticated attacker to modify contents of the intermediate build folder (by default “objâ€??), aka ‘NuGet Package Manager Tampering Vulnerability’.

Source: CVE-2019-0976

CVE-2019-0961

An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka ‘Windows GDI Information Disclosure Vulnerability’. This CVE ID is unique from CVE-2019-0758, CVE-2019-0882.

Source: CVE-2019-0961

CVE-2019-0963

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka ‘Microsoft Office SharePoint XSS Vulnerability’.

Source: CVE-2019-0963

CVE-2019-0971

An information disclosure vulnerability exists when Azure DevOps Server and Microsoft Team Foundation Server do not properly sanitize a specially crafted authentication request to an affected server, aka ‘Azure DevOps Server and Team Foundation Server Information Disclosure Vulnerability’.

Source: CVE-2019-0971

CVE-2019-0953

A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka ‘Microsoft Word Remote Code Execution Vulnerability’.

Source: CVE-2019-0953

CVE-2019-0937

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka ‘Chakra Scripting Engine Memory Corruption Vulnerability’. This CVE ID is unique from CVE-2019-0912, CVE-2019-0913, CVE-2019-0914, CVE-2019-0915, CVE-2019-0916, CVE-2019-0917, CVE-2019-0922, CVE-2019-0923, CVE-2019-0924, CVE-2019-0925, CVE-2019-0927, CVE-2019-0933.

Source: CVE-2019-0937