Windows Server 2012
by Microsoft
CVEs (3,338)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-0166 | Hig | 0.53 | 8.1 | 0.06 | Apr 12, 2017 | An elevation of privilege vulnerability exists in Windows when LDAP request buffer lengths are improperly calculated. In a remote attack scenario, an attacker could exploit this vulnerability by running a specially crafted application to send malicious traffic to a Domain… | ||
| CVE-2016-3396 | Hig | 0.53 | 7.8 | 0.24 | Oct 14, 2016 | Graphics Device Interface (aka GDI or GDI+) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; Office 2007 SP3; Office 2010 SP2; Word Viewer; Skype for… | ||
| CVE-2016-3237 | Hig | 0.53 | 7.5 | 0.17 | Aug 9, 2016 | Kerberos in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607 allows man-in-the-middle attackers to bypass authentication via vectors related to a… | ||
| CVE-2016-3203 | Hig | 0.53 | 7.8 | 0.33 | Jun 16, 2016 | Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows 10 Gold and 1511, and Microsoft Edge allow remote attackers to execute arbitrary code via a crafted PDF document, aka "Windows PDF Remote Code Execution Vulnerability." | ||
| CVE-2016-0179 | Hig | 0.53 | 7.8 | 0.24 | May 11, 2016 | Windows Shell in Microsoft Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via a crafted web site, aka "Windows Shell Remote Code Execution Vulnerability." | ||
| CVE-2016-0091 | Hig | 0.53 | 7.8 | 0.24 | Mar 9, 2016 | OLE in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via a crafted file, aka "Windows OLE Memory Remote… | ||
| CVE-2016-0058 | Hig | 0.53 | 7.8 | 0.23 | Feb 10, 2016 | Buffer overflow in the PDF Library in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, and Windows 10 allows remote attackers to execute arbitrary code via a crafted PDF document that triggers API calls, aka "Microsoft PDF Library Buffer Overflow Vulnerability." | ||
| CVE-2016-0046 | Hig | 0.53 | 7.8 | 0.26 | Feb 10, 2016 | Windows Reader in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, and Windows 10 allows remote attackers to execute arbitrary code via a crafted Reader file, aka "Microsoft Windows Reader Vulnerability." | ||
| CVE-2013-3129 | Hig | 0.53 | 7.8 | 0.32 | Jul 10, 2013 | Microsoft .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, and 4.5; Silverlight 5 before 5.1.20513.0; win32k.sys in the kernel-mode drivers, and GDI+, DirectWrite, and Journal, in Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1,… | ||
| CVE-2026-33826 | Hig | 0.52 | 8.0 | 0.01 | Apr 14, 2026 | Improper input validation in Windows Active Directory allows an authorized attacker to execute code over an adjacent network. | ||
| CVE-2026-27912 | Hig | 0.52 | 8.0 | 0.00 | Apr 14, 2026 | Improper authorization in Windows Kerberos allows an authorized attacker to elevate privileges over an adjacent network. | ||
| CVE-2026-20931 | Hig | 0.52 | 8.0 | 0.01 | Jan 13, 2026 | External control of file name or path in Windows Telephony Service allows an authorized attacker to elevate privileges over an adjacent network. | ||
| CVE-2024-20654 | Hig | 0.52 | 8.0 | 0.02 | Jan 9, 2024 | Microsoft ODBC Driver Remote Code Execution Vulnerability | ||
| CVE-2023-36425 | Hig | 0.52 | 8.0 | 0.01 | Nov 14, 2023 | Windows Distributed File System (DFS) Remote Code Execution Vulnerability | ||
| CVE-2023-36594 | Hig | 0.52 | 7.8 | 0.12 | Oct 10, 2023 | Windows Graphics Component Elevation of Privilege Vulnerability | ||
| CVE-2023-36900 | Hig | 0.52 | 7.8 | 0.12 | Aug 8, 2023 | Windows Common Log File System Driver Elevation of Privilege Vulnerability | ||
| CVE-2023-35359 | Hig | 0.52 | 7.8 | 0.11 | Aug 8, 2023 | Windows Kernel Elevation of Privilege Vulnerability | ||
| CVE-2022-35756 | Hig | 0.52 | 7.8 | 0.11 | May 31, 2023 | Windows Kerberos Elevation of Privilege Vulnerability | ||
| CVE-2023-21818 | Hig | 0.52 | 7.5 | 0.43 | Feb 14, 2023 | Windows Secure Channel Denial of Service Vulnerability | ||
| CVE-2022-34689 | Hig | 0.52 | 7.5 | 0.38 | Oct 11, 2022 | Windows CryptoAPI Spoofing Vulnerability |
- risk 0.53cvss 8.1epss 0.06
An elevation of privilege vulnerability exists in Windows when LDAP request buffer lengths are improperly calculated. In a remote attack scenario, an attacker could exploit this vulnerability by running a specially crafted application to send malicious traffic to a Domain…
- risk 0.53cvss 7.8epss 0.24
Graphics Device Interface (aka GDI or GDI+) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; Office 2007 SP3; Office 2010 SP2; Word Viewer; Skype for…
- risk 0.53cvss 7.5epss 0.17
Kerberos in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607 allows man-in-the-middle attackers to bypass authentication via vectors related to a…
- risk 0.53cvss 7.8epss 0.33
Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows 10 Gold and 1511, and Microsoft Edge allow remote attackers to execute arbitrary code via a crafted PDF document, aka "Windows PDF Remote Code Execution Vulnerability."
- risk 0.53cvss 7.8epss 0.24
Windows Shell in Microsoft Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via a crafted web site, aka "Windows Shell Remote Code Execution Vulnerability."
- risk 0.53cvss 7.8epss 0.24
OLE in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via a crafted file, aka "Windows OLE Memory Remote…
- risk 0.53cvss 7.8epss 0.23
Buffer overflow in the PDF Library in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, and Windows 10 allows remote attackers to execute arbitrary code via a crafted PDF document that triggers API calls, aka "Microsoft PDF Library Buffer Overflow Vulnerability."
- risk 0.53cvss 7.8epss 0.26
Windows Reader in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, and Windows 10 allows remote attackers to execute arbitrary code via a crafted Reader file, aka "Microsoft Windows Reader Vulnerability."
- risk 0.53cvss 7.8epss 0.32
Microsoft .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, and 4.5; Silverlight 5 before 5.1.20513.0; win32k.sys in the kernel-mode drivers, and GDI+, DirectWrite, and Journal, in Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1,…
- risk 0.52cvss 8.0epss 0.01
Improper input validation in Windows Active Directory allows an authorized attacker to execute code over an adjacent network.
- risk 0.52cvss 8.0epss 0.00
Improper authorization in Windows Kerberos allows an authorized attacker to elevate privileges over an adjacent network.
- risk 0.52cvss 8.0epss 0.01
External control of file name or path in Windows Telephony Service allows an authorized attacker to elevate privileges over an adjacent network.
- risk 0.52cvss 8.0epss 0.02
Microsoft ODBC Driver Remote Code Execution Vulnerability
- risk 0.52cvss 8.0epss 0.01
Windows Distributed File System (DFS) Remote Code Execution Vulnerability
- risk 0.52cvss 7.8epss 0.12
Windows Graphics Component Elevation of Privilege Vulnerability
- risk 0.52cvss 7.8epss 0.12
Windows Common Log File System Driver Elevation of Privilege Vulnerability
- risk 0.52cvss 7.8epss 0.11
Windows Kernel Elevation of Privilege Vulnerability
- risk 0.52cvss 7.8epss 0.11
Windows Kerberos Elevation of Privilege Vulnerability
- risk 0.52cvss 7.5epss 0.43
Windows Secure Channel Denial of Service Vulnerability
- risk 0.52cvss 7.5epss 0.38
Windows CryptoAPI Spoofing Vulnerability
Page 27 of 167