VYPR

Windows Server 2012

by Microsoft

CVEs (3,338)

  • CVE-2026-21246Feb 10, 2026
    risk 0.00cvss epss 0.00

    Heap-based buffer overflow in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally.

  • CVE-2026-20936Jan 13, 2026
    risk 0.00cvss epss 0.00

    Out-of-bounds read in Windows NDIS allows an authorized attacker to disclose information with a physical attack.

  • CVE-2026-20929Jan 13, 2026
    risk 0.00cvss epss 0.01

    Improper access control in Windows HTTP.sys allows an authorized attacker to elevate privileges over a network.

  • CVE-2026-20872Jan 13, 2026
    risk 0.00cvss epss 0.19

    External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing over a network.

  • CVE-2026-20868Jan 13, 2026
    risk 0.00cvss epss 0.01

    Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.

  • CVE-2026-20849Jan 13, 2026
    risk 0.00cvss epss 0.01

    Reliance on untrusted inputs in a security decision in Windows Kerberos allows an authorized attacker to elevate privileges over a network.

  • CVE-2026-20848Jan 13, 2026
    risk 0.00cvss epss 0.01

    Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SMB Server allows an authorized attacker to elevate privileges over a network.

  • CVE-2026-20843Jan 13, 2026
    risk 0.00cvss epss 0.03

    Improper access control in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to elevate privileges locally.

  • CVE-2026-20940Jan 13, 2026
    risk 0.00cvss epss 0.00

    Heap-based buffer overflow in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally.

  • CVE-2026-20934Jan 13, 2026
    risk 0.00cvss epss 0.01

    Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SMB Server allows an authorized attacker to elevate privileges over a network.

  • CVE-2026-20927Jan 13, 2026
    risk 0.00cvss epss 0.01

    Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SMB Server allows an authorized attacker to deny service over a network.

  • CVE-2026-20926Jan 13, 2026
    risk 0.00cvss epss 0.01

    Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SMB Server allows an authorized attacker to elevate privileges over a network.

  • CVE-2026-20925Jan 13, 2026
    risk 0.00cvss epss 0.17

    External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing over a network.

  • CVE-2026-20922Jan 13, 2026
    risk 0.00cvss epss 0.01

    Heap-based buffer overflow in Windows NTFS allows an authorized attacker to execute code locally.

  • CVE-2026-20919Jan 13, 2026
    risk 0.00cvss epss 0.01

    Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SMB Server allows an authorized attacker to elevate privileges over a network.

  • CVE-2026-20875Jan 13, 2026
    risk 0.00cvss epss 0.02

    Null pointer dereference in Windows Local Security Authority Subsystem Service (LSASS) allows an unauthorized attacker to deny service over a network.

  • CVE-2026-20869Jan 13, 2026
    risk 0.00cvss epss 0.00

    Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Local Session Manager (LSM) allows an authorized attacker to elevate privileges locally.

  • CVE-2026-20860Jan 13, 2026
    risk 0.00cvss epss 0.08

    Access of resource using incompatible type ('type confusion') in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.

  • CVE-2026-20856Jan 13, 2026
    risk 0.00cvss epss 0.01

    Improper input validation in Windows Server Update Service allows an unauthorized attacker to execute code over a network.

  • CVE-2026-20847Jan 13, 2026
    risk 0.00cvss epss 0.01

    Exposure of sensitive information to an unauthorized actor in Windows Shell allows an authorized attacker to perform spoofing over a network.

Page 127 of 167