Windows Server 2016
by Microsoft
CVEs (3,555)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-41371 | Med | 0.29 | 4.4 | 0.01 | Nov 10, 2021 | Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability | ||
| CVE-2021-38631 | Med | 0.29 | 4.4 | 0.02 | Nov 10, 2021 | Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability | ||
| CVE-2021-28447 | Med | 0.29 | 4.4 | 0.02 | Apr 13, 2021 | Windows Early Launch Antimalware Driver Security Feature Bypass Vulnerability | ||
| CVE-2021-27094 | Med | 0.29 | 4.4 | 0.01 | Apr 13, 2021 | Windows Early Launch Antimalware Driver Security Feature Bypass Vulnerability | ||
| CVE-2020-1589 | Med | 0.29 | 4.4 | 0.01 | Sep 11, 2020 | An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. To exploit this vulnerability, an… | ||
| CVE-2019-0941 | Med | 0.29 | 4.4 | 0.03 | Jun 12, 2019 | A denial of service exists in Microsoft IIS Server when the optional request filtering feature improperly handles requests. An attacker who successfully exploited this vulnerability could perform a temporary denial of service against pages configured to use request filtering. To… | ||
| CVE-2018-8201 | Med | 0.29 | 4.5 | 0.02 | Jun 14, 2018 | A security feature bypass vulnerability exists in Device Guard that could allow an attacker to inject malicious code into a Windows PowerShell session, aka "Device Guard Code Integrity Policy Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows 10,… | ||
| CVE-2017-11818 | Med | 0.29 | 4.5 | 0.01 | Oct 13, 2017 | The Microsoft Windows Storage component on Microsoft Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows a security feature bypass vulnerability when it fails to validate an integrity-level check, aka… | ||
| CVE-2017-0164 | Med | 0.29 | 4.4 | 0.04 | Apr 12, 2017 | A denial of service vulnerability exists in Windows 10 1607 and Windows Server 2016 Active Directory when an authenticated attacker sends malicious search queries, aka "Active Directory Denial of Service Vulnerability." | ||
| CVE-2017-0154 | Med | 0.29 | 4.4 | 0.11 | Mar 17, 2017 | Microsoft Internet Explorer 11 on Windows 10, 1511, and 1606 and Windows Server 2016 does not enforce cross-domain policies, allowing attackers to access information from one domain and inject it into another via a crafted application, aka, "Internet Explorer Elevation of… | ||
| CVE-2017-0057 | Med | 0.29 | 4.3 | 0.14 | Mar 17, 2017 | DNS client in Microsoft Windows 8.1; Windows Server 2012 R2, Windows RT 8.1; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 fails to properly process DNS queries, which allows remote attackers to obtain sensitive information via (1) convincing a workstation user to… | ||
| CVE-2023-21729 | Med | 0.28 | 4.3 | 0.01 | Apr 11, 2023 | Remote Procedure Call Runtime Information Disclosure Vulnerability | ||
| CVE-2023-24911 | Med | 0.28 | 4.3 | 0.01 | Mar 14, 2023 | Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability | ||
| CVE-2022-37981 | Med | 0.28 | 4.3 | 0.02 | Oct 11, 2022 | Windows Event Logging Service Denial of Service Vulnerability | ||
| CVE-2021-24082 | Med | 0.28 | 4.3 | 0.02 | Feb 25, 2021 | Microsoft.PowerShell.Utility Module WDAC Security Feature Bypass Vulnerability | ||
| CVE-2019-1172 | Med | 0.28 | 4.3 | 0.04 | Aug 14, 2019 | An information disclosure vulnerability exists in Azure Active Directory (AAD) Microsoft Account (MSA) during the login request session. An attacker who successfully exploited the vulnerability could take over a user's account. To exploit the vulnerability, an attacker would… | ||
| CVE-2018-8320 | Med | 0.28 | 4.3 | 0.05 | Oct 10, 2018 | A security feature bypass vulnerability exists in DNS Global Blocklist feature, aka "Windows DNS Security Feature Bypass Vulnerability." This affects Windows Server 2012 R2, Windows Server 2008, Windows Server 2012, Windows Server 2019, Windows Server 2016, Windows Server 2008… | ||
| CVE-2017-0192 | Med | 0.28 | 4.3 | 0.06 | Apr 12, 2017 | The Adobe Type Manager Font Driver (ATMFD.dll) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold , 1511, 1607, and 1703 allows an attacker to gain sensitive… | ||
| CVE-2022-29127 | Med | 0.27 | 4.2 | 0.01 | May 10, 2022 | BitLocker Security Feature Bypass Vulnerability | ||
| CVE-2022-24466 | Med | 0.27 | 4.1 | 0.01 | May 10, 2022 | Windows Hyper-V Security Feature Bypass Vulnerability |
- risk 0.29cvss 4.4epss 0.01
Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability
- risk 0.29cvss 4.4epss 0.02
Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability
- risk 0.29cvss 4.4epss 0.02
Windows Early Launch Antimalware Driver Security Feature Bypass Vulnerability
- risk 0.29cvss 4.4epss 0.01
Windows Early Launch Antimalware Driver Security Feature Bypass Vulnerability
- risk 0.29cvss 4.4epss 0.01
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. To exploit this vulnerability, an…
- risk 0.29cvss 4.4epss 0.03
A denial of service exists in Microsoft IIS Server when the optional request filtering feature improperly handles requests. An attacker who successfully exploited this vulnerability could perform a temporary denial of service against pages configured to use request filtering. To…
- risk 0.29cvss 4.5epss 0.02
A security feature bypass vulnerability exists in Device Guard that could allow an attacker to inject malicious code into a Windows PowerShell session, aka "Device Guard Code Integrity Policy Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows 10,…
- risk 0.29cvss 4.5epss 0.01
The Microsoft Windows Storage component on Microsoft Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows a security feature bypass vulnerability when it fails to validate an integrity-level check, aka…
- risk 0.29cvss 4.4epss 0.04
A denial of service vulnerability exists in Windows 10 1607 and Windows Server 2016 Active Directory when an authenticated attacker sends malicious search queries, aka "Active Directory Denial of Service Vulnerability."
- risk 0.29cvss 4.4epss 0.11
Microsoft Internet Explorer 11 on Windows 10, 1511, and 1606 and Windows Server 2016 does not enforce cross-domain policies, allowing attackers to access information from one domain and inject it into another via a crafted application, aka, "Internet Explorer Elevation of…
- risk 0.29cvss 4.3epss 0.14
DNS client in Microsoft Windows 8.1; Windows Server 2012 R2, Windows RT 8.1; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 fails to properly process DNS queries, which allows remote attackers to obtain sensitive information via (1) convincing a workstation user to…
- risk 0.28cvss 4.3epss 0.01
Remote Procedure Call Runtime Information Disclosure Vulnerability
- risk 0.28cvss 4.3epss 0.01
Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability
- risk 0.28cvss 4.3epss 0.02
Windows Event Logging Service Denial of Service Vulnerability
- risk 0.28cvss 4.3epss 0.02
Microsoft.PowerShell.Utility Module WDAC Security Feature Bypass Vulnerability
- risk 0.28cvss 4.3epss 0.04
An information disclosure vulnerability exists in Azure Active Directory (AAD) Microsoft Account (MSA) during the login request session. An attacker who successfully exploited the vulnerability could take over a user's account. To exploit the vulnerability, an attacker would…
- risk 0.28cvss 4.3epss 0.05
A security feature bypass vulnerability exists in DNS Global Blocklist feature, aka "Windows DNS Security Feature Bypass Vulnerability." This affects Windows Server 2012 R2, Windows Server 2008, Windows Server 2012, Windows Server 2019, Windows Server 2016, Windows Server 2008…
- risk 0.28cvss 4.3epss 0.06
The Adobe Type Manager Font Driver (ATMFD.dll) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold , 1511, 1607, and 1703 allows an attacker to gain sensitive…
- risk 0.27cvss 4.2epss 0.01
BitLocker Security Feature Bypass Vulnerability
- risk 0.27cvss 4.1epss 0.01
Windows Hyper-V Security Feature Bypass Vulnerability
Page 119 of 178