Windows Server 2016
by Microsoft
CVEs (3,555)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-36012 | Med | 0.35 | 5.3 | 0.02 | Dec 12, 2023 | DHCP Server Service Information Disclosure Vulnerability | ||
| CVE-2023-36801 | Med | 0.35 | 5.3 | 0.01 | Sep 12, 2023 | DHCP Server Service Information Disclosure Vulnerability | ||
| CVE-2023-35384 | Med | 0.35 | 5.4 | 0.02 | Aug 8, 2023 | Windows HTML Platforms Security Feature Bypass Vulnerability | ||
| CVE-2023-29355 | Med | 0.35 | 5.3 | 0.01 | Jun 14, 2023 | DHCP Server Service Information Disclosure Vulnerability | ||
| CVE-2023-21699 | Med | 0.35 | 5.3 | 0.01 | Feb 14, 2023 | Windows Internet Storage Name Service (iSNS) Server Information Disclosure Vulnerability | ||
| CVE-2023-21682 | Med | 0.35 | 5.3 | 0.01 | Jan 10, 2023 | Windows Point-to-Point Protocol (PPP) Information Disclosure Vulnerability | ||
| CVE-2023-21525 | Med | 0.35 | 5.3 | 0.02 | Jan 10, 2023 | Remote Procedure Call Runtime Denial of Service Vulnerability | ||
| CVE-2022-30154 | Med | 0.35 | 5.3 | 0.02 | Jun 15, 2022 | Microsoft File Server Shadow Copy Agent Service (RVSS) Elevation of Privilege Vulnerability | ||
| CVE-2022-24503 | Med | 0.35 | 5.4 | 0.02 | Mar 9, 2022 | Remote Desktop Protocol Client Information Disclosure Vulnerability | ||
| CVE-2022-21924 | Med | 0.35 | 5.3 | 0.03 | Jan 11, 2022 | Workstation Service Remote Protocol Security Feature Bypass Vulnerability | ||
| CVE-2022-21913 | Med | 0.35 | 5.3 | 0.03 | Jan 11, 2022 | Local Security Authority (Domain Policy) Remote Protocol Security Feature Bypass | ||
| CVE-2021-41361 | Med | 0.35 | 5.4 | 0.01 | Oct 13, 2021 | Active Directory Federation Server Spoofing Vulnerability | ||
| CVE-2021-33757 | Med | 0.35 | 5.3 | 0.03 | Jul 14, 2021 | Windows Security Account Manager Remote Protocol Security Feature Bypass Vulnerability | ||
| CVE-2021-26414 | Med | 0.35 | 4.8 | 0.50 | Jun 8, 2021 | Windows DCOM Server Security Feature Bypass | ||
| CVE-2020-16922 | Med | 0.35 | 5.3 | 0.01 | Oct 16, 2020 | A spoofing vulnerability exists when Windows incorrectly validates file signatures. An attacker who successfully exploited this vulnerability could bypass security features and load improperly signed files. In an attack scenario, an attacker could bypass security… | ||
| CVE-2020-1596 | Med | 0.35 | 5.4 | 0.01 | Sep 11, 2020 | A information disclosure vulnerability exists when TLS components use weak hash algorithms. An attacker who successfully exploited this vulnerability could obtain information to further compromise a users's encrypted transmission channel. To exploit the vulnerability,… | ||
| CVE-2019-0948 | Med | 0.35 | 4.7 | 0.13 | Jun 12, 2019 | An information disclosure vulnerability exists in the Windows Event Viewer (eventvwr.msc) when it improperly parses XML input containing a reference to an external entity. An attacker who successfully exploited this vulnerability could read arbitrary files via an XML external… | ||
| CVE-2018-8547 | Med | 0.35 | 5.4 | 0.02 | Nov 14, 2018 | A cross-site-scripting (XSS) vulnerability exists when an open source customization for Microsoft Active Directory Federation Services (AD FS) does not properly sanitize a specially crafted web request to an affected AD FS server, aka "Active Directory Federation Services XSS… | ||
| CVE-2018-8417 | Med | 0.35 | 5.3 | 0.02 | Nov 14, 2018 | A security feature bypass vulnerability exists in Microsoft JScript that could allow an attacker to bypass Device Guard, aka "Microsoft JScript Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows 10, Windows Server 2019, Windows 10 Servers. | ||
| CVE-2018-8492 | Med | 0.35 | 5.3 | 0.02 | Oct 10, 2018 | A security feature bypass vulnerability exists in Device Guard that could allow an attacker to inject malicious code into a Windows PowerShell session, aka "Device Guard Code Integrity Policy Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows 10,… |
- risk 0.35cvss 5.3epss 0.02
DHCP Server Service Information Disclosure Vulnerability
- risk 0.35cvss 5.3epss 0.01
DHCP Server Service Information Disclosure Vulnerability
- risk 0.35cvss 5.4epss 0.02
Windows HTML Platforms Security Feature Bypass Vulnerability
- risk 0.35cvss 5.3epss 0.01
DHCP Server Service Information Disclosure Vulnerability
- risk 0.35cvss 5.3epss 0.01
Windows Internet Storage Name Service (iSNS) Server Information Disclosure Vulnerability
- risk 0.35cvss 5.3epss 0.01
Windows Point-to-Point Protocol (PPP) Information Disclosure Vulnerability
- risk 0.35cvss 5.3epss 0.02
Remote Procedure Call Runtime Denial of Service Vulnerability
- risk 0.35cvss 5.3epss 0.02
Microsoft File Server Shadow Copy Agent Service (RVSS) Elevation of Privilege Vulnerability
- risk 0.35cvss 5.4epss 0.02
Remote Desktop Protocol Client Information Disclosure Vulnerability
- risk 0.35cvss 5.3epss 0.03
Workstation Service Remote Protocol Security Feature Bypass Vulnerability
- risk 0.35cvss 5.3epss 0.03
Local Security Authority (Domain Policy) Remote Protocol Security Feature Bypass
- risk 0.35cvss 5.4epss 0.01
Active Directory Federation Server Spoofing Vulnerability
- risk 0.35cvss 5.3epss 0.03
Windows Security Account Manager Remote Protocol Security Feature Bypass Vulnerability
- risk 0.35cvss 4.8epss 0.50
Windows DCOM Server Security Feature Bypass
- risk 0.35cvss 5.3epss 0.01
A spoofing vulnerability exists when Windows incorrectly validates file signatures. An attacker who successfully exploited this vulnerability could bypass security features and load improperly signed files. In an attack scenario, an attacker could bypass security…
- risk 0.35cvss 5.4epss 0.01
A information disclosure vulnerability exists when TLS components use weak hash algorithms. An attacker who successfully exploited this vulnerability could obtain information to further compromise a users's encrypted transmission channel. To exploit the vulnerability,…
- risk 0.35cvss 4.7epss 0.13
An information disclosure vulnerability exists in the Windows Event Viewer (eventvwr.msc) when it improperly parses XML input containing a reference to an external entity. An attacker who successfully exploited this vulnerability could read arbitrary files via an XML external…
- risk 0.35cvss 5.4epss 0.02
A cross-site-scripting (XSS) vulnerability exists when an open source customization for Microsoft Active Directory Federation Services (AD FS) does not properly sanitize a specially crafted web request to an affected AD FS server, aka "Active Directory Federation Services XSS…
- risk 0.35cvss 5.3epss 0.02
A security feature bypass vulnerability exists in Microsoft JScript that could allow an attacker to bypass Device Guard, aka "Microsoft JScript Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows 10, Windows Server 2019, Windows 10 Servers.
- risk 0.35cvss 5.3epss 0.02
A security feature bypass vulnerability exists in Device Guard that could allow an attacker to inject malicious code into a Windows PowerShell session, aka "Device Guard Code Integrity Policy Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows 10,…
Page 113 of 178