VYPR

Windows Server 2012

by Microsoft

CVEs (3,338)

  • CVE-2017-0075HigMar 17, 2017
    risk 0.50cvss 7.6epss 0.13

    Hyper-V in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows guest OS users to execute arbitrary code on the host OS via a crafted application,…

  • CVE-2017-0014HigMar 17, 2017
    risk 0.50cvss 7.5epss 0.18

    The Windows Graphics Component in Microsoft Office 2010 SP2; Windows Server 2008 R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to execute arbitrary code via a…

  • CVE-2016-7237MedNov 10, 2016
    risk 0.50cvss 6.5epss 0.65

    Local Security Authority Subsystem Service (LSASS) in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows remote…

  • CVE-2016-3375HigSep 14, 2016
    risk 0.50cvss 7.5epss 0.17

    The OLE Automation mechanism and VBScript scripting engine in Microsoft Internet Explorer 9 through 11, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 allow…

  • CVE-2016-0044HigFeb 10, 2016
    risk 0.50cvss 7.5epss 0.14

    Sync Framework in Microsoft Windows 8.1, Windows Server 2012 R2, and Windows RT 8.1 allows remote attackers to cause a denial of service (SyncShareSvc service outage) via crafted "change batch" data, aka "Windows DLL Loading Denial of Service Vulnerability."

  • CVE-2026-44801HigJun 9, 2026
    risk 0.49cvss 7.5epss 0.00

    Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network.

  • CVE-2026-42909HigJun 9, 2026
    risk 0.49cvss 7.5epss 0.00

    Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network.

  • CVE-2026-40406HigMay 12, 2026
    risk 0.49cvss 7.5epss 0.01

    Use after free in Windows TCP/IP allows an unauthorized attacker to disclose information over a network.

  • CVE-2026-35424HigMay 12, 2026
    risk 0.49cvss 7.5epss 0.01

    Missing release of memory after effective lifetime in Windows Internet Key Exchange (IKE) Protocol allows an unauthorized attacker to deny service over a network.

  • CVE-2026-33096HigApr 14, 2026
    risk 0.49cvss 7.5epss 0.01

    Out-of-bounds read in Windows HTTP.sys allows an unauthorized attacker to deny service over a network.

  • CVE-2026-32071HigApr 14, 2026
    risk 0.49cvss 7.5epss 0.01

    Null pointer dereference in Windows Local Security Authority Subsystem Service (LSASS) allows an unauthorized attacker to deny service over a network.

  • CVE-2026-26154HigApr 14, 2026
    risk 0.49cvss 7.5epss 0.01

    Improper input validation in Windows Server Update Service allows an unauthorized attacker to perform tampering over a network.

  • CVE-2026-20921HigJan 13, 2026
    risk 0.49cvss 7.5epss 0.01

    Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SMB Server allows an authorized attacker to elevate privileges over a network.

  • CVE-2025-26687HigApr 8, 2025
    risk 0.49cvss 7.5epss 0.01

    Use after free in Windows Win32K - GRFX allows an unauthorized attacker to elevate privileges over a network.

  • CVE-2023-29335HigMay 9, 2023
    risk 0.49cvss 7.5epss 0.01

    Microsoft Word Security Feature Bypass Vulnerability

  • CVE-2018-8493HigOct 10, 2018
    risk 0.49cvss 7.5epss 0.08

    An information disclosure vulnerability exists when the Windows TCP/IP stack improperly handles fragmented IP packets, aka "Windows TCP/IP Information Disclosure Vulnerability." This affects Windows Server 2012 R2, Windows RT 8.1, Windows Server 2016, Windows 8.1, Windows 10,…

  • CVE-2018-8335HigSep 13, 2018
    risk 0.49cvss 7.5epss 0.09

    A denial of service vulnerability exists in the Microsoft Server Block Message (SMB) when an attacker sends specially crafted requests to the server, aka "Windows SMB Denial of Service Vulnerability." This affects Windows Server 2012 R2, Windows RT 8.1, Windows Server 2012,…

  • CVE-2018-8251HigJun 14, 2018
    risk 0.49cvss 7.5epss 0.07

    A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory, aka "Media Foundation Memory Corruption Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2012, Windows 8.1, Windows Server…

  • CVE-2018-8134HigMay 9, 2018
    risk 0.49cvss 7.0epss 0.03

    An elevation of privilege vulnerability exists in the way that the Windows Kernel API enforces permissions, aka "Windows Elevation of Privilege Vulnerability." This affects Windows Server 2012 R2, Windows RT 8.1, Windows Server 2016, Windows 8.1, Windows 10, Windows 10 Servers.

  • CVE-2017-11788HigNov 15, 2017
    risk 0.49cvss 7.5epss 0.08

    Windows Search in Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows server, version 1709 allows an unauthenticated attacker to remotely send specially…

Page 19 of 167