Windows Server 2016
by Microsoft
CVEs (3,555)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-0186 | Med | 0.38 | 5.8 | 0.05 | Apr 12, 2017 | A denial of service vulnerability exists when Microsoft Hyper-V Network Switch running on a Windows 10, Windows 8.1, Windows Server 2012, Windows Server 2012 R2, or Windows Server 2016 host server fails to properly validate input from a privileged user on a guest operating… | ||
| CVE-2017-0185 | Med | 0.38 | 5.8 | 0.06 | Apr 12, 2017 | A denial of service vulnerability exists when Microsoft Hyper-V Network Switch running on a Windows 10, Windows 8.1, Windows Server 2012, Windows Server 2012 R2, or Windows Server 2016 host server fails to properly validate input from a privileged user on a guest operating… | ||
| CVE-2017-0183 | Med | 0.38 | 5.8 | 0.04 | Apr 12, 2017 | A denial of service vulnerability exists when Microsoft Hyper-V Network Switch running on a Windows 10, Windows Server 2008 R2, Windows 8.1, Windows Server 2012 R2, or Windows Server 2016 host server fails to properly validate input from a privileged user on a guest operating… | ||
| CVE-2017-0182 | Med | 0.38 | 5.8 | 0.04 | Apr 12, 2017 | A denial of service vulnerability exists when Microsoft Hyper-V Network Switch running on a Windows 10, Windows Server 2008 R2, Windows 8.1, Windows Server 2012 R2, or Windows Server 2016 host server fails to properly validate input from a privileged user on a guest operating… | ||
| CVE-2017-0179 | Med | 0.38 | 5.8 | 0.04 | Apr 12, 2017 | A denial of service vulnerability exists when Microsoft Hyper-V running on a Windows 10, Windows 8.1, Windows Server 2012 R2, or Windows Server 2016 host server fails to properly validate input from a privileged user on a guest operating system, aka "Hyper-V Denial of Service… | ||
| CVE-2026-23670 | Med | 0.37 | 5.7 | 0.00 | Apr 14, 2026 | Untrusted pointer dereference in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to bypass a security feature locally. | ||
| CVE-2024-20692 | Med | 0.37 | 5.7 | 0.01 | Jan 9, 2024 | Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability | ||
| CVE-2023-21693 | Med | 0.37 | 5.7 | 0.01 | Feb 14, 2023 | Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability | ||
| CVE-2022-30223 | Med | 0.37 | 5.7 | 0.01 | Jul 12, 2022 | Windows Hyper-V Information Disclosure Vulnerability | ||
| CVE-2022-22711 | Med | 0.37 | 5.7 | 0.00 | Jul 12, 2022 | Windows BitLocker Information Disclosure Vulnerability | ||
| CVE-2021-38632 | Med | 0.37 | 5.7 | 0.01 | Sep 15, 2021 | BitLocker Security Feature Bypass Vulnerability | ||
| CVE-2021-28444 | Med | 0.37 | 5.7 | 0.02 | Apr 13, 2021 | Windows Hyper-V Security Feature Bypass Vulnerability | ||
| CVE-2021-27079 | Med | 0.37 | 5.7 | 0.03 | Apr 13, 2021 | Windows Media Photo Codec Information Disclosure Vulnerability | ||
| CVE-2021-1708 | Med | 0.37 | 5.7 | 0.03 | Jan 12, 2021 | Windows GDI+ Information Disclosure Vulnerability | ||
| CVE-2020-1599 | Med | 0.37 | 5.5 | 0.19 | Nov 11, 2020 | Windows Spoofing Vulnerability | ||
| CVE-2018-8472 | Med | 0.37 | 5.5 | 0.19 | Oct 10, 2018 | An information disclosure vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory, allowing an attacker to retrieve information from a targeted system, aka "Windows GDI Information Disclosure Vulnerability." This affects Windows… | ||
| CVE-2017-11853 | Med | 0.37 | 5.5 | 0.11 | Nov 15, 2017 | Windows kernel in Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and RT 8.1, Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016, and Windows Server, version 1709 allows an attacker to log in and run a specially crafted… | ||
| CVE-2017-11816 | Med | 0.37 | 5.5 | 0.20 | Oct 13, 2017 | The Microsoft Windows Graphics Device Interface (GDI) on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an information disclosure… | ||
| CVE-2017-0215 | Med | 0.37 | 5.3 | 0.36 | Jun 15, 2017 | Microsoft Windows 10 1607 and Windows Server 2016 allow an attacker to exploit a security feature bypass vulnerability in Device Guard that could allow the attacker to inject malicious code into a Windows PowerShell session, aka "Device Guard Code Integrity Policy Security… | ||
| CVE-2017-0007 | Med | 0.37 | 5.5 | 0.11 | Mar 17, 2017 | Device Guard in Microsoft Windows 10 Gold, 1511, 1607, and Windows Server 2016 allows remote attackers to modify PowerShell script without invalidating associated signatures, aka "PowerShell Security Feature Bypass Vulnerability." |
- risk 0.38cvss 5.8epss 0.05
A denial of service vulnerability exists when Microsoft Hyper-V Network Switch running on a Windows 10, Windows 8.1, Windows Server 2012, Windows Server 2012 R2, or Windows Server 2016 host server fails to properly validate input from a privileged user on a guest operating…
- risk 0.38cvss 5.8epss 0.06
A denial of service vulnerability exists when Microsoft Hyper-V Network Switch running on a Windows 10, Windows 8.1, Windows Server 2012, Windows Server 2012 R2, or Windows Server 2016 host server fails to properly validate input from a privileged user on a guest operating…
- risk 0.38cvss 5.8epss 0.04
A denial of service vulnerability exists when Microsoft Hyper-V Network Switch running on a Windows 10, Windows Server 2008 R2, Windows 8.1, Windows Server 2012 R2, or Windows Server 2016 host server fails to properly validate input from a privileged user on a guest operating…
- risk 0.38cvss 5.8epss 0.04
A denial of service vulnerability exists when Microsoft Hyper-V Network Switch running on a Windows 10, Windows Server 2008 R2, Windows 8.1, Windows Server 2012 R2, or Windows Server 2016 host server fails to properly validate input from a privileged user on a guest operating…
- risk 0.38cvss 5.8epss 0.04
A denial of service vulnerability exists when Microsoft Hyper-V running on a Windows 10, Windows 8.1, Windows Server 2012 R2, or Windows Server 2016 host server fails to properly validate input from a privileged user on a guest operating system, aka "Hyper-V Denial of Service…
- risk 0.37cvss 5.7epss 0.00
Untrusted pointer dereference in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to bypass a security feature locally.
- risk 0.37cvss 5.7epss 0.01
Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability
- risk 0.37cvss 5.7epss 0.01
Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability
- risk 0.37cvss 5.7epss 0.01
Windows Hyper-V Information Disclosure Vulnerability
- risk 0.37cvss 5.7epss 0.00
Windows BitLocker Information Disclosure Vulnerability
- risk 0.37cvss 5.7epss 0.01
BitLocker Security Feature Bypass Vulnerability
- risk 0.37cvss 5.7epss 0.02
Windows Hyper-V Security Feature Bypass Vulnerability
- risk 0.37cvss 5.7epss 0.03
Windows Media Photo Codec Information Disclosure Vulnerability
- risk 0.37cvss 5.7epss 0.03
Windows GDI+ Information Disclosure Vulnerability
- risk 0.37cvss 5.5epss 0.19
Windows Spoofing Vulnerability
- risk 0.37cvss 5.5epss 0.19
An information disclosure vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory, allowing an attacker to retrieve information from a targeted system, aka "Windows GDI Information Disclosure Vulnerability." This affects Windows…
- risk 0.37cvss 5.5epss 0.11
Windows kernel in Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and RT 8.1, Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016, and Windows Server, version 1709 allows an attacker to log in and run a specially crafted…
- risk 0.37cvss 5.5epss 0.20
The Microsoft Windows Graphics Device Interface (GDI) on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an information disclosure…
- risk 0.37cvss 5.3epss 0.36
Microsoft Windows 10 1607 and Windows Server 2016 allow an attacker to exploit a security feature bypass vulnerability in Device Guard that could allow the attacker to inject malicious code into a Windows PowerShell session, aka "Device Guard Code Integrity Policy Security…
- risk 0.37cvss 5.5epss 0.11
Device Guard in Microsoft Windows 10 Gold, 1511, 1607, and Windows Server 2016 allows remote attackers to modify PowerShell script without invalidating associated signatures, aka "PowerShell Security Feature Bypass Vulnerability."
Page 100 of 178