VYPR

Windows Server 2012

by Microsoft

CVEs (3,338)

  • CVE-2016-0178HigMay 11, 2016
    risk 0.59cvss 8.8epss 0.17

    The RPC NDR Engine in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 mishandles free operations, which allows remote attackers to execute arbitrary code…

  • CVE-2016-0101HigMar 9, 2016
    risk 0.59cvss 8.8epss 0.20

    Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allow remote attackers to execute arbitrary code via crafted media content, aka "Windows Media Parsing Remote Code Execution…

  • CVE-2016-0098HigMar 9, 2016
    risk 0.59cvss 8.8epss 0.20

    Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 allow remote attackers to execute arbitrary code via crafted media content, aka "Windows Media Parsing Remote Code Execution Vulnerability."

  • CVE-2013-0006HigJan 9, 2013
    risk 0.59cvss 8.8epss 0.28

    Microsoft XML Core Services (aka MSXML) 3.0, 5.0, and 6.0 does not properly parse XML content, which allows remote attackers to execute arbitrary code via a crafted web page, aka "MSXML Integer Truncation Vulnerability."

  • CVE-2024-43455HigSep 10, 2024
    risk 0.58cvss 8.8epss 0.02

    Windows Remote Desktop Licensing Service Spoofing Vulnerability

  • CVE-2018-8475HigSep 13, 2018
    risk 0.58cvss 8.8epss 0.15

    A remote code execution vulnerability exists when Windows does not properly handle specially crafted image files, aka "Windows Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows…

  • CVE-2017-8664HigAug 8, 2017
    risk 0.58cvss 8.8epss 0.04

    Windows Hyper-V in Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows a remote code execution vulnerability when it fails to properly validate input from a privileged user on a guest operating…

  • CVE-2016-3228HigJun 16, 2016
    risk 0.58cvss 8.8epss 0.13

    Microsoft Windows Server 2008 SP2 and R2 SP1 and Windows Server 2012 Gold and R2 allow remote authenticated users to execute arbitrary code via a crafted NetLogon request, aka "Windows Netlogon Memory Corruption Remote Code Execution Vulnerability."

  • CVE-2016-0015HigJan 13, 2016
    risk 0.58cvss 7.8epss 0.51

    DirectShow in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via a crafted file, aka "DirectShow Heap…

  • CVE-2026-47653HigJun 9, 2026
    risk 0.57cvss 8.8epss 0.01

    Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network.

  • CVE-2026-47289HigJun 9, 2026
    risk 0.57cvss 8.8epss 0.01

    Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network.

  • CVE-2026-42985HigJun 9, 2026
    risk 0.57cvss 8.8epss 0.01

    Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network.

  • CVE-2026-40403HigMay 12, 2026
    risk 0.57cvss 8.8epss 0.00

    Heap-based buffer overflow in Windows Win32K - GRFX allows an authorized attacker to execute code locally.

  • CVE-2026-34329HigMay 12, 2026
    risk 0.57cvss 8.8epss 0.00

    Heap-based buffer overflow in Windows Message Queuing allows an unauthorized attacker to execute code over an adjacent network.

  • CVE-2026-32225HigApr 14, 2026
    risk 0.57cvss 8.8epss 0.01

    Protection mechanism failure in Windows Shell allows an unauthorized attacker to bypass a security feature over a network.

  • CVE-2026-32157HigApr 14, 2026
    risk 0.57cvss 8.8epss 0.01

    Use after free in Remote Desktop Client allows an unauthorized attacker to execute code over a network.

  • CVE-2026-27928HigApr 14, 2026
    risk 0.57cvss 8.7epss 0.00

    Improper input validation in Windows Hello allows an unauthorized attacker to bypass a security feature over a network.

  • CVE-2026-26178HigApr 14, 2026
    risk 0.57cvss 8.8epss 0.00

    Integer size truncation in Windows Advanced Rasterization Platform (WARP) allows an unauthorized attacker to elevate privileges locally.

  • CVE-2026-26167HigApr 14, 2026
    risk 0.57cvss 8.8epss 0.00

    Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Push Notifications allows an authorized attacker to elevate privileges locally.

  • CVE-2018-8413HigOct 10, 2018
    risk 0.57cvss 7.8epss 0.46

    A remote code execution vulnerability exists when "Windows Theme API" does not properly decompress files, aka "Windows Theme API Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2019, Windows Server 2012,…

Page 5 of 167