Windows Server 2016
by Microsoft
CVEs (3,555)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-30036 | 0.01 | — | 0.02 | May 14, 2024 | Windows Deployment Services Information Disclosure Vulnerability | |||
| CVE-2024-30050 | 0.01 | — | 0.11 | May 14, 2024 | Windows Mark of the Web Security Feature Bypass Vulnerability | |||
| CVE-2024-30017 | 0.01 | — | 0.02 | May 14, 2024 | Windows Hyper-V Remote Code Execution Vulnerability | |||
| CVE-2024-30010 | 0.01 | — | 0.02 | May 14, 2024 | Windows Hyper-V Remote Code Execution Vulnerability | |||
| CVE-2024-26226 | 0.01 | — | 0.02 | Apr 9, 2024 | Windows Distributed File System (DFS) Information Disclosure Vulnerability | |||
| CVE-2024-26215 | 0.01 | — | 0.03 | Apr 9, 2024 | DHCP Server Service Denial of Service Vulnerability | |||
| CVE-2024-26211 | 0.01 | — | 0.04 | Apr 9, 2024 | Windows Remote Access Connection Manager Elevation of Privilege Vulnerability | |||
| CVE-2024-26209 | 0.01 | — | 0.15 | Apr 9, 2024 | Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability | |||
| CVE-2024-26202 | 0.01 | — | 0.02 | Apr 9, 2024 | DHCP Server Service Remote Code Execution Vulnerability | |||
| CVE-2024-26195 | 0.01 | — | 0.02 | Apr 9, 2024 | DHCP Server Service Remote Code Execution Vulnerability | |||
| CVE-2024-26183 | 0.01 | — | 0.02 | Apr 9, 2024 | Windows Kerberos Denial of Service Vulnerability | |||
| CVE-2024-20678 | 0.01 | — | 0.03 | Apr 9, 2024 | Remote Procedure Call Runtime Remote Code Execution Vulnerability | |||
| CVE-2024-26158 | 0.01 | — | 0.12 | Apr 9, 2024 | Microsoft Install Service Elevation of Privilege Vulnerability | |||
| CVE-2024-21407 | 0.01 | — | 0.16 | Mar 12, 2024 | Windows Hyper-V Remote Code Execution Vulnerability | |||
| CVE-2024-21357 | 0.01 | — | 0.27 | Feb 13, 2024 | Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability | |||
| CVE-2026-23674 | 0.00 | — | 0.01 | Mar 10, 2026 | Improper resolution of path equivalence in Windows MapUrlToZone allows an unauthorized attacker to bypass a security feature over a network. | |||
| CVE-2026-26111 | 0.00 | — | 0.01 | Mar 10, 2026 | Integer overflow or wraparound in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to execute code over a network. | |||
| CVE-2026-25190 | 0.00 | — | 0.01 | Mar 10, 2026 | Untrusted search path in Windows GDI allows an unauthorized attacker to execute code locally. | |||
| CVE-2026-25188 | 0.00 | — | 0.01 | Mar 10, 2026 | Heap-based buffer overflow in Windows Telephony Service allows an unauthorized attacker to elevate privileges over an adjacent network. | |||
| CVE-2026-25186 | 0.00 | — | 0.01 | Mar 10, 2026 | Exposure of sensitive information to an unauthorized actor in Windows Accessibility Infrastructure (ATBroker.exe) allows an authorized attacker to disclose information locally. |
- CVE-2024-30036May 14, 2024risk 0.01cvss —epss 0.02
Windows Deployment Services Information Disclosure Vulnerability
- CVE-2024-30050May 14, 2024risk 0.01cvss —epss 0.11
Windows Mark of the Web Security Feature Bypass Vulnerability
- CVE-2024-30017May 14, 2024risk 0.01cvss —epss 0.02
Windows Hyper-V Remote Code Execution Vulnerability
- CVE-2024-30010May 14, 2024risk 0.01cvss —epss 0.02
Windows Hyper-V Remote Code Execution Vulnerability
- CVE-2024-26226Apr 9, 2024risk 0.01cvss —epss 0.02
Windows Distributed File System (DFS) Information Disclosure Vulnerability
- CVE-2024-26215Apr 9, 2024risk 0.01cvss —epss 0.03
DHCP Server Service Denial of Service Vulnerability
- CVE-2024-26211Apr 9, 2024risk 0.01cvss —epss 0.04
Windows Remote Access Connection Manager Elevation of Privilege Vulnerability
- CVE-2024-26209Apr 9, 2024risk 0.01cvss —epss 0.15
Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability
- CVE-2024-26202Apr 9, 2024risk 0.01cvss —epss 0.02
DHCP Server Service Remote Code Execution Vulnerability
- CVE-2024-26195Apr 9, 2024risk 0.01cvss —epss 0.02
DHCP Server Service Remote Code Execution Vulnerability
- CVE-2024-26183Apr 9, 2024risk 0.01cvss —epss 0.02
Windows Kerberos Denial of Service Vulnerability
- CVE-2024-20678Apr 9, 2024risk 0.01cvss —epss 0.03
Remote Procedure Call Runtime Remote Code Execution Vulnerability
- CVE-2024-26158Apr 9, 2024risk 0.01cvss —epss 0.12
Microsoft Install Service Elevation of Privilege Vulnerability
- CVE-2024-21407Mar 12, 2024risk 0.01cvss —epss 0.16
Windows Hyper-V Remote Code Execution Vulnerability
- CVE-2024-21357Feb 13, 2024risk 0.01cvss —epss 0.27
Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability
- CVE-2026-23674Mar 10, 2026risk 0.00cvss —epss 0.01
Improper resolution of path equivalence in Windows MapUrlToZone allows an unauthorized attacker to bypass a security feature over a network.
- CVE-2026-26111Mar 10, 2026risk 0.00cvss —epss 0.01
Integer overflow or wraparound in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to execute code over a network.
- CVE-2026-25190Mar 10, 2026risk 0.00cvss —epss 0.01
Untrusted search path in Windows GDI allows an unauthorized attacker to execute code locally.
- CVE-2026-25188Mar 10, 2026risk 0.00cvss —epss 0.01
Heap-based buffer overflow in Windows Telephony Service allows an unauthorized attacker to elevate privileges over an adjacent network.
- CVE-2026-25186Mar 10, 2026risk 0.00cvss —epss 0.01
Exposure of sensitive information to an unauthorized actor in Windows Accessibility Infrastructure (ATBroker.exe) allows an authorized attacker to disclose information locally.
Page 129 of 178