Windows Server 2012
by Microsoft
CVEs (3,338)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-40377 | Hig | 0.51 | 7.8 | 0.00 | May 12, 2026 | Heap-based buffer overflow in Windows Cryptographic Services allows an authorized attacker to elevate privileges locally. | ||
| CVE-2026-35421 | Hig | 0.51 | 7.8 | 0.01 | May 12, 2026 | Heap-based buffer overflow in Windows GDI allows an unauthorized attacker to execute code locally. | ||
| CVE-2026-35420 | Hig | 0.51 | 7.8 | 0.00 | May 12, 2026 | Heap-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges locally. | ||
| CVE-2026-35417 | Hig | 0.51 | 7.8 | 0.00 | May 12, 2026 | Use after free in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally. | ||
| CVE-2026-34351 | Hig | 0.51 | 7.8 | 0.00 | May 12, 2026 | Concurrent execution using shared resource with improper synchronization ('race condition') in Windows TCP/IP allows an authorized attacker to elevate privileges locally. | ||
| CVE-2026-34344 | Hig | 0.51 | 7.8 | 0.00 | May 12, 2026 | Access of resource using incompatible type ('type confusion') in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. | ||
| CVE-2026-34343 | Hig | 0.51 | 7.8 | 0.00 | May 12, 2026 | Heap-based buffer overflow in Windows Application Identity (AppID) Subsystem allows an authorized attacker to elevate privileges locally. | ||
| CVE-2026-34337 | Hig | 0.51 | 7.8 | 0.00 | May 12, 2026 | Use after free in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally. | ||
| CVE-2026-34336 | Hig | 0.51 | 7.8 | 0.00 | May 12, 2026 | Integer overflow or wraparound in Windows DWM Core Library allows an authorized attacker to elevate privileges locally. | ||
| CVE-2026-34330 | Hig | 0.51 | 7.8 | 0.00 | May 12, 2026 | Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally. | ||
| CVE-2026-33841 | Hig | 0.51 | 7.8 | 0.00 | May 12, 2026 | Heap-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges locally. | ||
| CVE-2026-33838 | Hig | 0.51 | 7.8 | 0.00 | May 12, 2026 | Double free in Windows Message Queuing allows an authorized attacker to elevate privileges locally. | ||
| CVE-2026-33837 | Hig | 0.51 | 7.8 | 0.02 | May 12, 2026 | Heap-based buffer overflow in Windows TCP/IP allows an authorized attacker to elevate privileges locally. | ||
| CVE-2026-33835 | Hig | 0.51 | 7.8 | 0.02 | May 12, 2026 | Use after free in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally. | ||
| CVE-2026-33834 | Hig | 0.51 | 7.8 | 0.00 | May 12, 2026 | Improper access control in Windows Event Logging Service allows an authorized attacker to elevate privileges locally. | ||
| CVE-2026-33101 | Hig | 0.51 | 7.8 | 0.00 | Apr 14, 2026 | Use after free in Windows Print Spooler Components allows an authorized attacker to elevate privileges locally. | ||
| CVE-2026-33098 | Hig | 0.51 | 7.8 | 0.00 | Apr 14, 2026 | Use after free in Windows Container Isolation FS Filter Driver allows an authorized attacker to elevate privileges locally. | ||
| CVE-2026-32183 | Hig | 0.51 | 7.8 | 0.01 | Apr 14, 2026 | Improper neutralization of special elements used in a command ('command injection') in Windows Snipping Tool allows an unauthorized attacker to execute code locally. | ||
| CVE-2026-32165 | Hig | 0.51 | 7.8 | 0.00 | Apr 14, 2026 | Use after free in Windows User Interface Core allows an authorized attacker to elevate privileges locally. | ||
| CVE-2026-32164 | Hig | 0.51 | 7.8 | 0.00 | Apr 14, 2026 | Concurrent execution using shared resource with improper synchronization ('race condition') in Windows User Interface Core allows an authorized attacker to elevate privileges locally. |
- risk 0.51cvss 7.8epss 0.00
Heap-based buffer overflow in Windows Cryptographic Services allows an authorized attacker to elevate privileges locally.
- risk 0.51cvss 7.8epss 0.01
Heap-based buffer overflow in Windows GDI allows an unauthorized attacker to execute code locally.
- risk 0.51cvss 7.8epss 0.00
Heap-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges locally.
- risk 0.51cvss 7.8epss 0.00
Use after free in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally.
- risk 0.51cvss 7.8epss 0.00
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows TCP/IP allows an authorized attacker to elevate privileges locally.
- risk 0.51cvss 7.8epss 0.00
Access of resource using incompatible type ('type confusion') in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
- risk 0.51cvss 7.8epss 0.00
Heap-based buffer overflow in Windows Application Identity (AppID) Subsystem allows an authorized attacker to elevate privileges locally.
- risk 0.51cvss 7.8epss 0.00
Use after free in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally.
- risk 0.51cvss 7.8epss 0.00
Integer overflow or wraparound in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.
- risk 0.51cvss 7.8epss 0.00
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally.
- risk 0.51cvss 7.8epss 0.00
Heap-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges locally.
- risk 0.51cvss 7.8epss 0.00
Double free in Windows Message Queuing allows an authorized attacker to elevate privileges locally.
- risk 0.51cvss 7.8epss 0.02
Heap-based buffer overflow in Windows TCP/IP allows an authorized attacker to elevate privileges locally.
- risk 0.51cvss 7.8epss 0.02
Use after free in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally.
- risk 0.51cvss 7.8epss 0.00
Improper access control in Windows Event Logging Service allows an authorized attacker to elevate privileges locally.
- risk 0.51cvss 7.8epss 0.00
Use after free in Windows Print Spooler Components allows an authorized attacker to elevate privileges locally.
- risk 0.51cvss 7.8epss 0.00
Use after free in Windows Container Isolation FS Filter Driver allows an authorized attacker to elevate privileges locally.
- risk 0.51cvss 7.8epss 0.01
Improper neutralization of special elements used in a command ('command injection') in Windows Snipping Tool allows an unauthorized attacker to execute code locally.
- risk 0.51cvss 7.8epss 0.00
Use after free in Windows User Interface Core allows an authorized attacker to elevate privileges locally.
- risk 0.51cvss 7.8epss 0.00
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows User Interface Core allows an authorized attacker to elevate privileges locally.
Page 31 of 167