Windows Server 2012
by Microsoft
CVEs (3,338)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-49727 | Hig | 0.46 | 7.0 | 0.00 | Jul 8, 2025 | Heap-based buffer overflow in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally. | ||
| CVE-2025-49678 | Hig | 0.46 | 7.0 | 0.00 | Jul 8, 2025 | Null pointer dereference in Windows NTFS allows an authorized attacker to elevate privileges locally. | ||
| CVE-2025-48821 | Hig | 0.46 | 7.1 | 0.00 | Jul 8, 2025 | Use after free in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges over an adjacent network. | ||
| CVE-2025-48819 | Hig | 0.46 | 7.1 | 0.00 | Jul 8, 2025 | Sensitive data storage in improperly locked memory in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges over an adjacent network. | ||
| CVE-2025-47975 | Hig | 0.46 | 7.0 | 0.00 | Jul 8, 2025 | Double free in Windows SSDP Service allows an authorized attacker to elevate privileges locally. | ||
| CVE-2025-27468 | Hig | 0.46 | 7.0 | 0.00 | May 13, 2025 | Improper privilege management in Windows Secure Kernel Mode allows an authorized attacker to elevate privileges locally. | ||
| CVE-2025-27732 | Hig | 0.46 | 7.0 | 0.00 | Apr 8, 2025 | Sensitive data storage in improperly locked memory in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally. | ||
| CVE-2025-27478 | Hig | 0.46 | 7.0 | 0.00 | Apr 8, 2025 | Heap-based buffer overflow in Windows Local Security Authority (LSA) allows an authorized attacker to elevate privileges locally. | ||
| CVE-2025-26665 | Hig | 0.46 | 7.0 | 0.00 | Apr 8, 2025 | Sensitive data storage in improperly locked memory in Windows upnphost.dll allows an authorized attacker to elevate privileges locally. | ||
| CVE-2025-21191 | Hig | 0.46 | 7.0 | 0.00 | Apr 8, 2025 | Time-of-check time-of-use (toctou) race condition in Windows Local Security Authority (LSA) allows an authorized attacker to elevate privileges locally. | ||
| CVE-2025-21419 | Hig | 0.46 | 7.1 | 0.01 | Feb 11, 2025 | Windows Setup Files Cleanup Elevation of Privilege Vulnerability | ||
| CVE-2024-49084 | Hig | 0.46 | 7.0 | 0.00 | Dec 12, 2024 | Windows Kernel Elevation of Privilege Vulnerability | ||
| CVE-2024-43535 | Hig | 0.46 | 7.0 | 0.01 | Oct 8, 2024 | Windows Kernel-Mode Driver Elevation of Privilege Vulnerability | ||
| CVE-2024-38030 | Med | 0.46 | 6.5 | 0.51 | Jul 9, 2024 | Windows Themes Spoofing Vulnerability | ||
| CVE-2024-38022 | Hig | 0.46 | 7.0 | 0.01 | Jul 9, 2024 | Windows Image Acquisition Elevation of Privilege Vulnerability | ||
| CVE-2024-30090 | Hig | 0.46 | 7.0 | 0.02 | Jun 11, 2024 | Microsoft Streaming Service Elevation of Privilege Vulnerability | ||
| CVE-2024-30084 | Hig | 0.46 | 7.0 | 0.06 | Jun 11, 2024 | Windows Kernel-Mode Driver Elevation of Privilege Vulnerability | ||
| CVE-2024-29062 | Hig | 0.46 | 7.1 | 0.01 | Apr 9, 2024 | Secure Boot Security Feature Bypass Vulnerability | ||
| CVE-2024-26242 | Hig | 0.46 | 7.0 | 0.00 | Apr 9, 2024 | Windows Telephony Server Elevation of Privilege Vulnerability | ||
| CVE-2024-20689 | Hig | 0.46 | 7.1 | 0.01 | Apr 9, 2024 | Secure Boot Security Feature Bypass Vulnerability |
- risk 0.46cvss 7.0epss 0.00
Heap-based buffer overflow in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally.
- risk 0.46cvss 7.0epss 0.00
Null pointer dereference in Windows NTFS allows an authorized attacker to elevate privileges locally.
- risk 0.46cvss 7.1epss 0.00
Use after free in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges over an adjacent network.
- risk 0.46cvss 7.1epss 0.00
Sensitive data storage in improperly locked memory in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges over an adjacent network.
- risk 0.46cvss 7.0epss 0.00
Double free in Windows SSDP Service allows an authorized attacker to elevate privileges locally.
- risk 0.46cvss 7.0epss 0.00
Improper privilege management in Windows Secure Kernel Mode allows an authorized attacker to elevate privileges locally.
- risk 0.46cvss 7.0epss 0.00
Sensitive data storage in improperly locked memory in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally.
- risk 0.46cvss 7.0epss 0.00
Heap-based buffer overflow in Windows Local Security Authority (LSA) allows an authorized attacker to elevate privileges locally.
- risk 0.46cvss 7.0epss 0.00
Sensitive data storage in improperly locked memory in Windows upnphost.dll allows an authorized attacker to elevate privileges locally.
- risk 0.46cvss 7.0epss 0.00
Time-of-check time-of-use (toctou) race condition in Windows Local Security Authority (LSA) allows an authorized attacker to elevate privileges locally.
- risk 0.46cvss 7.1epss 0.01
Windows Setup Files Cleanup Elevation of Privilege Vulnerability
- risk 0.46cvss 7.0epss 0.00
Windows Kernel Elevation of Privilege Vulnerability
- risk 0.46cvss 7.0epss 0.01
Windows Kernel-Mode Driver Elevation of Privilege Vulnerability
- risk 0.46cvss 6.5epss 0.51
Windows Themes Spoofing Vulnerability
- risk 0.46cvss 7.0epss 0.01
Windows Image Acquisition Elevation of Privilege Vulnerability
- risk 0.46cvss 7.0epss 0.02
Microsoft Streaming Service Elevation of Privilege Vulnerability
- risk 0.46cvss 7.0epss 0.06
Windows Kernel-Mode Driver Elevation of Privilege Vulnerability
- risk 0.46cvss 7.1epss 0.01
Secure Boot Security Feature Bypass Vulnerability
- risk 0.46cvss 7.0epss 0.00
Windows Telephony Server Elevation of Privilege Vulnerability
- risk 0.46cvss 7.1epss 0.01
Secure Boot Security Feature Bypass Vulnerability
Page 97 of 167