Windows Server 2012
by Microsoft
CVEs (3,338)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-26161 | Hig | 0.51 | 7.8 | 0.00 | Apr 14, 2026 | Untrusted pointer dereference in Windows Sensor Data Service allows an authorized attacker to elevate privileges locally. | ||
| CVE-2026-26160 | Hig | 0.51 | 7.8 | 0.00 | Apr 14, 2026 | Missing authentication for critical function in Windows Remote Desktop Licensing Service allows an authorized attacker to elevate privileges locally. | ||
| CVE-2026-26159 | Hig | 0.51 | 7.8 | 0.00 | Apr 14, 2026 | Missing authentication for critical function in Windows Remote Desktop Licensing Service allows an authorized attacker to elevate privileges locally. | ||
| CVE-2026-26156 | Hig | 0.51 | 7.8 | 0.00 | Apr 14, 2026 | Heap-based buffer overflow in Windows Hyper-V allows an unauthorized attacker to execute code locally. | ||
| CVE-2026-26153 | Hig | 0.51 | 7.8 | 0.00 | Apr 14, 2026 | Out-of-bounds read in Windows Encrypting File System (EFS) allows an authorized attacker to elevate privileges locally. | ||
| CVE-2026-20930 | Hig | 0.51 | 7.8 | 0.00 | Apr 14, 2026 | Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Management Services allows an authorized attacker to elevate privileges locally. | ||
| CVE-2026-26128 | Hig | 0.51 | 7.8 | 0.00 | Mar 10, 2026 | Improper authentication in Windows SMB Server allows an authorized attacker to elevate privileges locally. | ||
| CVE-2026-25187 | Hig | 0.51 | 7.8 | 0.03 | Mar 10, 2026 | Improper link resolution before file access ('link following') in Winlogon allows an authorized attacker to elevate privileges locally. | ||
| CVE-2026-20864 | Hig | 0.51 | 7.8 | 0.01 | Jan 13, 2026 | Heap-based buffer overflow in Connected Devices Platform Service (Cdpsvc) allows an authorized attacker to elevate privileges locally. | ||
| CVE-2025-30388 | Hig | 0.51 | 7.8 | 0.03 | May 13, 2025 | Heap-based buffer overflow in Windows Win32K - GRFX allows an unauthorized attacker to execute code locally. | ||
| CVE-2025-21338 | Hig | 0.51 | 7.8 | 0.00 | Jan 14, 2025 | GDI+ Remote Code Execution Vulnerability | ||
| CVE-2024-38250 | Hig | 0.51 | 7.8 | 0.01 | Sep 10, 2024 | Windows Graphics Component Elevation of Privilege Vulnerability | ||
| CVE-2022-26926 | Hig | 0.51 | 7.8 | 0.03 | May 10, 2022 | Windows Address Book Remote Code Execution Vulnerability | ||
| CVE-2018-8484 | Hig | 0.51 | 7.8 | 0.01 | Oct 10, 2018 | An elevation of privilege vulnerability exists when the DirectX Graphics Kernel (DXGKRNL) driver improperly handles objects in memory, aka "DirectX Graphics Kernel Elevation of Privilege Vulnerability." This affects Windows Server 2012 R2, Windows RT 8.1, Windows Server 2012,… | ||
| CVE-2018-8455 | Hig | 0.51 | 7.8 | 0.01 | Sep 13, 2018 | An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory, aka "Windows Kernel Elevation of Privilege Vulnerability." This affects Windows Server 2012 R2, Windows RT 8.1, Windows Server 2016, Windows 8.1, Windows 10, Windows 10… | ||
| CVE-2018-8343 | Hig | 0.51 | 7.8 | 0.01 | Aug 15, 2018 | An elevation of privilege vulnerability exists in the Network Driver Interface Specification (NDIS) when ndis.sys fails to check the length of a buffer prior to copying memory to it, aka "Windows NDIS Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server… | ||
| CVE-2018-8313 | Hig | 0.51 | 7.8 | 0.01 | Jul 11, 2018 | An elevation of privilege vulnerability exists in the way that the Windows Kernel API enforces permissions, aka "Windows Elevation of Privilege Vulnerability." This affects Windows Server 2012 R2, Windows RT 8.1, Windows Server 2012, Windows Server 2016, Windows 8.1, Windows 10,… | ||
| CVE-2018-8282 | Hig | 0.51 | 7.8 | 0.01 | Jul 11, 2018 | An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008,… | ||
| CVE-2018-8164 | Hig | 0.51 | 7.8 | 0.01 | May 9, 2018 | An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server… | ||
| CVE-2018-1009 | Hig | 0.51 | 7.8 | 0.01 | Apr 12, 2018 | An elevation of privilege vulnerability exists when Windows improperly handles objects in memory and incorrectly maps kernel memory, aka "Microsoft DirectX Graphics Kernel Subsystem Elevation of Privilege Vulnerability." This affects Windows Server 2012 R2, Windows RT 8.1,… |
- risk 0.51cvss 7.8epss 0.00
Untrusted pointer dereference in Windows Sensor Data Service allows an authorized attacker to elevate privileges locally.
- risk 0.51cvss 7.8epss 0.00
Missing authentication for critical function in Windows Remote Desktop Licensing Service allows an authorized attacker to elevate privileges locally.
- risk 0.51cvss 7.8epss 0.00
Missing authentication for critical function in Windows Remote Desktop Licensing Service allows an authorized attacker to elevate privileges locally.
- risk 0.51cvss 7.8epss 0.00
Heap-based buffer overflow in Windows Hyper-V allows an unauthorized attacker to execute code locally.
- risk 0.51cvss 7.8epss 0.00
Out-of-bounds read in Windows Encrypting File System (EFS) allows an authorized attacker to elevate privileges locally.
- risk 0.51cvss 7.8epss 0.00
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Management Services allows an authorized attacker to elevate privileges locally.
- risk 0.51cvss 7.8epss 0.00
Improper authentication in Windows SMB Server allows an authorized attacker to elevate privileges locally.
- risk 0.51cvss 7.8epss 0.03
Improper link resolution before file access ('link following') in Winlogon allows an authorized attacker to elevate privileges locally.
- risk 0.51cvss 7.8epss 0.01
Heap-based buffer overflow in Connected Devices Platform Service (Cdpsvc) allows an authorized attacker to elevate privileges locally.
- risk 0.51cvss 7.8epss 0.03
Heap-based buffer overflow in Windows Win32K - GRFX allows an unauthorized attacker to execute code locally.
- risk 0.51cvss 7.8epss 0.00
GDI+ Remote Code Execution Vulnerability
- risk 0.51cvss 7.8epss 0.01
Windows Graphics Component Elevation of Privilege Vulnerability
- risk 0.51cvss 7.8epss 0.03
Windows Address Book Remote Code Execution Vulnerability
- risk 0.51cvss 7.8epss 0.01
An elevation of privilege vulnerability exists when the DirectX Graphics Kernel (DXGKRNL) driver improperly handles objects in memory, aka "DirectX Graphics Kernel Elevation of Privilege Vulnerability." This affects Windows Server 2012 R2, Windows RT 8.1, Windows Server 2012,…
- risk 0.51cvss 7.8epss 0.01
An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory, aka "Windows Kernel Elevation of Privilege Vulnerability." This affects Windows Server 2012 R2, Windows RT 8.1, Windows Server 2016, Windows 8.1, Windows 10, Windows 10…
- risk 0.51cvss 7.8epss 0.01
An elevation of privilege vulnerability exists in the Network Driver Interface Specification (NDIS) when ndis.sys fails to check the length of a buffer prior to copying memory to it, aka "Windows NDIS Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server…
- risk 0.51cvss 7.8epss 0.01
An elevation of privilege vulnerability exists in the way that the Windows Kernel API enforces permissions, aka "Windows Elevation of Privilege Vulnerability." This affects Windows Server 2012 R2, Windows RT 8.1, Windows Server 2012, Windows Server 2016, Windows 8.1, Windows 10,…
- risk 0.51cvss 7.8epss 0.01
An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008,…
- risk 0.51cvss 7.8epss 0.01
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server…
- risk 0.51cvss 7.8epss 0.01
An elevation of privilege vulnerability exists when Windows improperly handles objects in memory and incorrectly maps kernel memory, aka "Microsoft DirectX Graphics Kernel Subsystem Elevation of Privilege Vulnerability." This affects Windows Server 2012 R2, Windows RT 8.1,…
Page 14 of 167