VYPR

Windows Server 2012

by Microsoft

CVEs (3,338)

  • CVE-2016-7237MedNov 10, 2016
    risk 0.50cvss 6.5epss 0.65

    Local Security Authority Subsystem Service (LSASS) in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows remote…

  • CVE-2016-3375HigSep 14, 2016
    risk 0.50cvss 7.5epss 0.17

    The OLE Automation mechanism and VBScript scripting engine in Microsoft Internet Explorer 9 through 11, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 allow…

  • CVE-2016-0044HigFeb 10, 2016
    risk 0.50cvss 7.5epss 0.14

    Sync Framework in Microsoft Windows 8.1, Windows Server 2012 R2, and Windows RT 8.1 allows remote attackers to cause a denial of service (SyncShareSvc service outage) via crafted "change batch" data, aka "Windows DLL Loading Denial of Service Vulnerability."

  • CVE-2026-44801HigJun 9, 2026
    risk 0.49cvss 7.5epss 0.00

    Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network.

  • CVE-2026-42909HigJun 9, 2026
    risk 0.49cvss 7.5epss 0.00

    Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network.

  • CVE-2026-40406HigMay 12, 2026
    risk 0.49cvss 7.5epss 0.01

    Use after free in Windows TCP/IP allows an unauthorized attacker to disclose information over a network.

  • CVE-2026-35424HigMay 12, 2026
    risk 0.49cvss 7.5epss 0.01

    Missing release of memory after effective lifetime in Windows Internet Key Exchange (IKE) Protocol allows an unauthorized attacker to deny service over a network.

  • CVE-2026-33096HigApr 14, 2026
    risk 0.49cvss 7.5epss 0.01

    Out-of-bounds read in Windows HTTP.sys allows an unauthorized attacker to deny service over a network.

  • CVE-2026-32071HigApr 14, 2026
    risk 0.49cvss 7.5epss 0.01

    Null pointer dereference in Windows Local Security Authority Subsystem Service (LSASS) allows an unauthorized attacker to deny service over a network.

  • CVE-2026-26154HigApr 14, 2026
    risk 0.49cvss 7.5epss 0.01

    Improper input validation in Windows Server Update Service allows an unauthorized attacker to perform tampering over a network.

  • CVE-2026-20921HigJan 13, 2026
    risk 0.49cvss 7.5epss 0.01

    Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SMB Server allows an authorized attacker to elevate privileges over a network.

  • CVE-2025-49716HigJul 8, 2025
    risk 0.49cvss 7.5epss 0.01

    Uncontrolled resource consumption in Windows Netlogon allows an unauthorized attacker to deny service over a network.

  • CVE-2025-48814HigJul 8, 2025
    risk 0.49cvss 7.5epss 0.01

    Missing authentication for critical function in Windows Remote Desktop Licensing Service allows an unauthorized attacker to bypass a security feature over a network.

  • CVE-2025-33068HigJun 10, 2025
    risk 0.49cvss 7.5epss 0.01

    Uncontrolled resource consumption in Windows Standards-Based Storage Management Service allows an unauthorized attacker to deny service over a network.

  • CVE-2025-33056HigJun 10, 2025
    risk 0.49cvss 7.5epss 0.01

    Improper access control in Microsoft Local Security Authority Server (lsasrv) allows an unauthorized attacker to deny service over a network.

  • CVE-2025-32724HigJun 10, 2025
    risk 0.49cvss 7.5epss 0.02

    Uncontrolled resource consumption in Windows Local Security Authority Subsystem Service (LSASS) allows an unauthorized attacker to deny service over a network.

  • CVE-2025-29969HigMay 13, 2025
    risk 0.49cvss 7.5epss 0.01

    Time-of-check time-of-use (toctou) race condition in Windows Fundamentals allows an authorized attacker to execute code over a network.

  • CVE-2025-29831HigMay 13, 2025
    risk 0.49cvss 7.5epss 0.01

    Use after free in Remote Desktop Gateway Service allows an unauthorized attacker to execute code over a network.

  • CVE-2025-29810HigApr 8, 2025
    risk 0.49cvss 7.5epss 0.02

    Improper access control in Active Directory Domain Services allows an authorized attacker to elevate privileges over a network.

  • CVE-2025-27486HigApr 8, 2025
    risk 0.49cvss 7.5epss 0.02

    Uncontrolled resource consumption in Windows Standards-Based Storage Management Service allows an unauthorized attacker to deny service over a network.

Page 78 of 167