Windows Server 2012
by Microsoft
CVEs (3,338)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2014-0254 | 0.03 | — | 0.33 | Feb 12, 2014 | The IPv6 implementation in Microsoft Windows 8, Windows Server 2012, and Windows RT does not properly validate packets, which allows remote attackers to cause a denial of service (system hang) via crafted ICMPv6 Router Advertisement packets, aka "TCP/IP Version 6 (IPv6) Denial… | |||
| CVE-2013-5058 | 0.03 | — | 0.03 | Dec 11, 2013 | Integer overflow in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 allows local users to gain privileges via a… | |||
| CVE-2013-3940 | 0.03 | — | 0.34 | Nov 13, 2013 | Integer overflow in the Graphics Device Interface (GDI) in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows… | |||
| CVE-2013-3195 | 0.03 | — | 0.38 | Oct 9, 2013 | The DSA_InsertItem function in Comctl32.dll in the Windows common control library in Microsoft Windows XP SP2, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT does not properly allocate… | |||
| CVE-2013-3868 | 0.03 | — | 0.38 | Sep 11, 2013 | Microsoft Active Directory Lightweight Directory Service (AD LDS) on Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, and Windows 8 and Active Directory Services on Windows Server 2008 SP2 and R2 SP1 and Server 2012 allow remote attackers to cause a denial… | |||
| CVE-2013-3661 | 0.03 | — | 0.04 | May 24, 2013 | The EPATHOBJ::bFlatten function in win32k.sys in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT does not check whether linked-list traversal is… | |||
| CVE-2013-0007 | 0.03 | — | 0.32 | Jan 9, 2013 | Microsoft XML Core Services (aka MSXML) 4.0, 5.0, and 6.0 does not properly parse XML content, which allows remote attackers to execute arbitrary code via a crafted web page, aka "MSXML XSLT Vulnerability." | |||
| CVE-2025-53145 | 0.02 | — | 0.06 | Aug 12, 2025 | Access of resource using incompatible type ('type confusion') in Windows Message Queuing allows an authorized attacker to execute code over a network. | |||
| CVE-2025-53144 | 0.02 | — | 0.06 | Aug 12, 2025 | Access of resource using incompatible type ('type confusion') in Windows Message Queuing allows an authorized attacker to execute code over a network. | |||
| CVE-2025-27486 | 0.02 | — | 0.02 | Apr 8, 2025 | Uncontrolled resource consumption in Windows Standards-Based Storage Management Service allows an unauthorized attacker to deny service over a network. | |||
| CVE-2025-27485 | 0.02 | — | 0.02 | Apr 8, 2025 | Uncontrolled resource consumption in Windows Standards-Based Storage Management Service allows an unauthorized attacker to deny service over a network. | |||
| CVE-2025-26652 | 0.02 | — | 0.02 | Apr 8, 2025 | Uncontrolled resource consumption in Windows Standards-Based Storage Management Service allows an unauthorized attacker to deny service over a network. | |||
| CVE-2025-27479 | 0.02 | — | 0.02 | Apr 8, 2025 | Insufficient resource pool in Windows Kerberos allows an unauthorized attacker to deny service over a network. | |||
| CVE-2025-27473 | 0.02 | — | 0.02 | Apr 8, 2025 | Uncontrolled resource consumption in Windows HTTP.sys allows an unauthorized attacker to deny service over a network. | |||
| CVE-2025-27470 | 0.02 | — | 0.02 | Apr 8, 2025 | Uncontrolled resource consumption in Windows Standards-Based Storage Management Service allows an unauthorized attacker to deny service over a network. | |||
| CVE-2025-26680 | 0.02 | — | 0.02 | Apr 8, 2025 | Uncontrolled resource consumption in Windows Standards-Based Storage Management Service allows an unauthorized attacker to deny service over a network. | |||
| CVE-2025-21277 | 0.02 | — | 0.38 | Jan 14, 2025 | Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability | |||
| CVE-2024-43454 | 0.02 | — | 0.21 | Sep 10, 2024 | Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability | |||
| CVE-2024-38071 | 0.02 | — | 0.36 | Jul 9, 2024 | Windows Remote Desktop Licensing Service Denial of Service Vulnerability | |||
| CVE-2024-30090 | 0.02 | — | 0.02 | Jun 11, 2024 | Microsoft Streaming Service Elevation of Privilege Vulnerability |
- CVE-2014-0254Feb 12, 2014risk 0.03cvss —epss 0.33
The IPv6 implementation in Microsoft Windows 8, Windows Server 2012, and Windows RT does not properly validate packets, which allows remote attackers to cause a denial of service (system hang) via crafted ICMPv6 Router Advertisement packets, aka "TCP/IP Version 6 (IPv6) Denial…
- CVE-2013-5058Dec 11, 2013risk 0.03cvss —epss 0.03
Integer overflow in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 allows local users to gain privileges via a…
- CVE-2013-3940Nov 13, 2013risk 0.03cvss —epss 0.34
Integer overflow in the Graphics Device Interface (GDI) in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows…
- CVE-2013-3195Oct 9, 2013risk 0.03cvss —epss 0.38
The DSA_InsertItem function in Comctl32.dll in the Windows common control library in Microsoft Windows XP SP2, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT does not properly allocate…
- CVE-2013-3868Sep 11, 2013risk 0.03cvss —epss 0.38
Microsoft Active Directory Lightweight Directory Service (AD LDS) on Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, and Windows 8 and Active Directory Services on Windows Server 2008 SP2 and R2 SP1 and Server 2012 allow remote attackers to cause a denial…
- CVE-2013-3661May 24, 2013risk 0.03cvss —epss 0.04
The EPATHOBJ::bFlatten function in win32k.sys in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT does not check whether linked-list traversal is…
- CVE-2013-0007Jan 9, 2013risk 0.03cvss —epss 0.32
Microsoft XML Core Services (aka MSXML) 4.0, 5.0, and 6.0 does not properly parse XML content, which allows remote attackers to execute arbitrary code via a crafted web page, aka "MSXML XSLT Vulnerability."
- CVE-2025-53145Aug 12, 2025risk 0.02cvss —epss 0.06
Access of resource using incompatible type ('type confusion') in Windows Message Queuing allows an authorized attacker to execute code over a network.
- CVE-2025-53144Aug 12, 2025risk 0.02cvss —epss 0.06
Access of resource using incompatible type ('type confusion') in Windows Message Queuing allows an authorized attacker to execute code over a network.
- CVE-2025-27486Apr 8, 2025risk 0.02cvss —epss 0.02
Uncontrolled resource consumption in Windows Standards-Based Storage Management Service allows an unauthorized attacker to deny service over a network.
- CVE-2025-27485Apr 8, 2025risk 0.02cvss —epss 0.02
Uncontrolled resource consumption in Windows Standards-Based Storage Management Service allows an unauthorized attacker to deny service over a network.
- CVE-2025-26652Apr 8, 2025risk 0.02cvss —epss 0.02
Uncontrolled resource consumption in Windows Standards-Based Storage Management Service allows an unauthorized attacker to deny service over a network.
- CVE-2025-27479Apr 8, 2025risk 0.02cvss —epss 0.02
Insufficient resource pool in Windows Kerberos allows an unauthorized attacker to deny service over a network.
- CVE-2025-27473Apr 8, 2025risk 0.02cvss —epss 0.02
Uncontrolled resource consumption in Windows HTTP.sys allows an unauthorized attacker to deny service over a network.
- CVE-2025-27470Apr 8, 2025risk 0.02cvss —epss 0.02
Uncontrolled resource consumption in Windows Standards-Based Storage Management Service allows an unauthorized attacker to deny service over a network.
- CVE-2025-26680Apr 8, 2025risk 0.02cvss —epss 0.02
Uncontrolled resource consumption in Windows Standards-Based Storage Management Service allows an unauthorized attacker to deny service over a network.
- CVE-2025-21277Jan 14, 2025risk 0.02cvss —epss 0.38
Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
- CVE-2024-43454Sep 10, 2024risk 0.02cvss —epss 0.21
Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability
- CVE-2024-38071Jul 9, 2024risk 0.02cvss —epss 0.36
Windows Remote Desktop Licensing Service Denial of Service Vulnerability
- CVE-2024-30090Jun 11, 2024risk 0.02cvss —epss 0.02
Microsoft Streaming Service Elevation of Privilege Vulnerability
Page 117 of 167