Windows Server 2016
by Microsoft
CVEs (3,555)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-0043 | Med | 0.35 | 5.3 | 0.02 | Mar 17, 2017 | Active Directory Federation Services in Microsoft Windows 10 1607, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 Gold and R2, and Windows Server 2016 allows local users to obtain sensitive information via a crafted application, aka "Microsoft Active Directory… | ||
| CVE-2026-45655 | Med | 0.34 | 5.3 | 0.00 | Jun 9, 2026 | Protection mechanism failure in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack. | ||
| CVE-2026-42914 | Med | 0.34 | 5.3 | 0.01 | Jun 9, 2026 | Windows Kerberos Denial of Service Vulnerability | ||
| CVE-2018-8468 | Med | 0.34 | 4.7 | 0.12 | Sep 13, 2018 | An elevation of privilege vulnerability exists when Windows, allowing a sandbox escape, aka "Windows Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016,… | ||
| CVE-2017-11831 | Med | 0.34 | 4.7 | 0.03 | Nov 15, 2017 | Windows kernel in Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016, and Windows Server, version 1709 allows an attacker to log on to an affected system, and run a… | ||
| CVE-2017-8708 | Med | 0.34 | 4.7 | 0.04 | Sep 13, 2017 | The Windows kernel component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an information disclosure vulnerability when it… | ||
| CVE-2017-0259 | Med | 0.34 | 4.7 | 0.10 | May 12, 2017 | The Windows kernel in Microsoft Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows authenticated attackers to obtain sensitive information via a specially crafted document, aka "Windows Kernel Information… | ||
| CVE-2017-0258 | Med | 0.34 | 4.7 | 0.07 | May 12, 2017 | The Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows authenticated attackers to obtain sensitive information via a… | ||
| CVE-2017-0058 | Med | 0.34 | 4.7 | 0.04 | Apr 12, 2017 | A Win32k information disclosure vulnerability exists in Microsoft Windows when the win32k component improperly provides kernel information. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user's system, aka "Win32k… | ||
| CVE-2017-0121 | Med | 0.34 | 4.3 | 0.42 | Mar 17, 2017 | Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows remote attackers to obtain sensitive information from… | ||
| CVE-2021-1684 | Med | 0.33 | 5.0 | 0.02 | Jan 12, 2021 | Microsoft is aware of the "Impersonation in the Passkey Entry Protocol" vulnerability. For more information regarding the vulnerability, please see this statement from the Bluetooth SIG. To address the vulnerability, Microsoft has released a software update that… | ||
| CVE-2021-1683 | Med | 0.33 | 5.0 | 0.02 | Jan 12, 2021 | Microsoft is aware of the "Impersonation in the Passkey Entry Protocol" vulnerability. For more information regarding the vulnerability, please see this statement from the Bluetooth SIG. To address the vulnerability, Microsoft has released a software update that… | ||
| CVE-2021-1645 | Med | 0.33 | 5.0 | 0.07 | Jan 12, 2021 | Windows Docker Information Disclosure Vulnerability | ||
| CVE-2020-0837 | Med | 0.33 | 5.0 | 0.01 | Sep 11, 2020 | An elevation of privilege vulnerability exists when Active Directory Federation Services (ADFS) improperly handles multi-factor authentication requests. An attacker who successfully exploited this vulnerability could bypass some, but not all, of the authentication… | ||
| CVE-2017-8475 | Med | 0.33 | 5.0 | 0.04 | Jun 15, 2017 | Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an authenticated attacker to run a specially crafted application when the Windows kernel improperly initializes objects… | ||
| CVE-2017-8474 | Med | 0.33 | 5.0 | 0.04 | Jun 15, 2017 | The kernel in Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an authenticated attacker to obtain information via a specially crafted application.… | ||
| CVE-2017-0297 | Med | 0.33 | 5.0 | 0.04 | Jun 15, 2017 | The kernel in Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an authenticated attacker to obtain information via a specially crafted application.… | ||
| CVE-2017-0118 | Med | 0.33 | 4.3 | 0.23 | Mar 17, 2017 | Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows remote attackers to obtain sensitive information from… | ||
| CVE-2024-20662 | Med | 0.32 | 4.9 | 0.02 | Jan 9, 2024 | Windows Online Certificate Status Protocol (OCSP) Information Disclosure Vulnerability | ||
| CVE-2021-41337 | Med | 0.32 | 4.9 | 0.02 | Oct 13, 2021 | Active Directory Security Feature Bypass Vulnerability |
- risk 0.35cvss 5.3epss 0.02
Active Directory Federation Services in Microsoft Windows 10 1607, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 Gold and R2, and Windows Server 2016 allows local users to obtain sensitive information via a crafted application, aka "Microsoft Active Directory…
- risk 0.34cvss 5.3epss 0.00
Protection mechanism failure in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack.
- risk 0.34cvss 5.3epss 0.01
Windows Kerberos Denial of Service Vulnerability
- risk 0.34cvss 4.7epss 0.12
An elevation of privilege vulnerability exists when Windows, allowing a sandbox escape, aka "Windows Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016,…
- risk 0.34cvss 4.7epss 0.03
Windows kernel in Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016, and Windows Server, version 1709 allows an attacker to log on to an affected system, and run a…
- risk 0.34cvss 4.7epss 0.04
The Windows kernel component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an information disclosure vulnerability when it…
- risk 0.34cvss 4.7epss 0.10
The Windows kernel in Microsoft Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows authenticated attackers to obtain sensitive information via a specially crafted document, aka "Windows Kernel Information…
- risk 0.34cvss 4.7epss 0.07
The Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows authenticated attackers to obtain sensitive information via a…
- risk 0.34cvss 4.7epss 0.04
A Win32k information disclosure vulnerability exists in Microsoft Windows when the win32k component improperly provides kernel information. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user's system, aka "Win32k…
- risk 0.34cvss 4.3epss 0.42
Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows remote attackers to obtain sensitive information from…
- risk 0.33cvss 5.0epss 0.02
Microsoft is aware of the "Impersonation in the Passkey Entry Protocol" vulnerability. For more information regarding the vulnerability, please see this statement from the Bluetooth SIG. To address the vulnerability, Microsoft has released a software update that…
- risk 0.33cvss 5.0epss 0.02
Microsoft is aware of the "Impersonation in the Passkey Entry Protocol" vulnerability. For more information regarding the vulnerability, please see this statement from the Bluetooth SIG. To address the vulnerability, Microsoft has released a software update that…
- risk 0.33cvss 5.0epss 0.07
Windows Docker Information Disclosure Vulnerability
- risk 0.33cvss 5.0epss 0.01
An elevation of privilege vulnerability exists when Active Directory Federation Services (ADFS) improperly handles multi-factor authentication requests. An attacker who successfully exploited this vulnerability could bypass some, but not all, of the authentication…
- risk 0.33cvss 5.0epss 0.04
Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an authenticated attacker to run a specially crafted application when the Windows kernel improperly initializes objects…
- risk 0.33cvss 5.0epss 0.04
The kernel in Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an authenticated attacker to obtain information via a specially crafted application.…
- risk 0.33cvss 5.0epss 0.04
The kernel in Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an authenticated attacker to obtain information via a specially crafted application.…
- risk 0.33cvss 4.3epss 0.23
Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows remote attackers to obtain sensitive information from…
- risk 0.32cvss 4.9epss 0.02
Windows Online Certificate Status Protocol (OCSP) Information Disclosure Vulnerability
- risk 0.32cvss 4.9epss 0.02
Active Directory Security Feature Bypass Vulnerability
Page 116 of 178