VYPR

Windows Server 2016

by Microsoft

CVEs (3,555)

  • CVE-2018-0982HigJun 14, 2018
    risk 0.49cvss 7.0epss 0.03

    An elevation of privilege vulnerability exists in the way that the Windows Kernel API enforces permissions, aka "Windows Elevation of Privilege Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers.

  • CVE-2018-8134HigMay 9, 2018
    risk 0.49cvss 7.0epss 0.03

    An elevation of privilege vulnerability exists in the way that the Windows Kernel API enforces permissions, aka "Windows Elevation of Privilege Vulnerability." This affects Windows Server 2012 R2, Windows RT 8.1, Windows Server 2016, Windows 8.1, Windows 10, Windows 10 Servers.

  • CVE-2018-0882HigMar 14, 2018
    risk 0.49cvss 7.0epss 0.03

    The Desktop Bridge in Windows 10 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege vulnerability due to how the virtual registry is managed, aka "Windows Desktop Bridge Elevation of Privilege Vulnerability". This CVE is…

  • CVE-2018-0822HigFeb 15, 2018
    risk 0.49cvss 7.0epss 0.03

    NTFS in Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege vulnerability due to the way NTFS handles objects, aka "Windows NTFS Global Reparse Point Elevation of Privilege Vulnerability".

  • CVE-2018-0821HigFeb 15, 2018
    risk 0.49cvss 7.0epss 0.02

    AppContainer in Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege vulnerability due to the way constrained impersonations are handled, aka "Windows AppContainer Elevation Of Privilege Vulnerability".

  • CVE-2017-11788HigNov 15, 2017
    risk 0.49cvss 7.5epss 0.08

    Windows Search in Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows server, version 1709 allows an unauthenticated attacker to remotely send specially…

  • CVE-2017-8727HigOct 13, 2017
    risk 0.49cvss 7.5epss 0.08

    Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of the current user, due to how Microsoft…

  • CVE-2017-11808HigOct 13, 2017
    risk 0.49cvss 7.5epss 0.09

    ChakraCore and Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory…

  • CVE-2017-11772HigOct 13, 2017
    risk 0.49cvss 7.5epss 0.08

    The Microsoft Windows Search component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an information disclosure when it fails to…

  • CVE-2017-8633HigAug 8, 2017
    risk 0.49cvss 7.5epss 0.04

    Windows Error Reporting (WER) in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an elevation of privilege vulnerability, aka "Windows Error…

  • CVE-2017-8584HigJul 11, 2017
    risk 0.49cvss 7.5epss 0.04

    Windows 10 1607 and Windows Server 2016 allow an attacker to execute code remotely via a specially crafted WiFi packet aka "HoloLens Remote Code Execution Vulnerability."

  • CVE-2017-8495HigJul 11, 2017
    risk 0.49cvss 7.5epss 0.05

    Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an attacker to bypass Extended Protection for Authentication when Kerberos fails to…

  • CVE-2017-0214HigMay 12, 2017
    risk 0.49cvss 7.0epss 0.03

    Windows COM in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an elevation privilege vulnerability when Windows fails to properly…

  • CVE-2017-0212HigMay 12, 2017
    risk 0.49cvss 7.6epss 0.01

    Windows Hyper-V allows an elevation of privilege vulnerability when Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 fail to properly validate vSMB packet data, aka "Windows Hyper-V vSMB Elevation of Privilege Vulnerability".

  • CVE-2016-7247HigNov 10, 2016
    risk 0.49cvss 7.5epss 0.06

    Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allow physically proximate attackers to bypass the Secure Boot protection mechanism via a crafted boot policy, aka "Secure Boot Component…

  • CVE-2026-40414HigMay 12, 2026
    risk 0.48cvss 7.4epss 0.01

    Windows TCP/IP Denial of Service Vulnerability

  • CVE-2026-40413HigMay 12, 2026
    risk 0.48cvss 7.4epss 0.00

    Windows TCP/IP Denial of Service Vulnerability

  • CVE-2026-32156HigApr 14, 2026
    risk 0.48cvss 7.4epss 0.00

    Use after free in Windows Universal Plug and Play (UPnP) Device Host allows an unauthorized attacker to execute code locally.

  • CVE-2017-8494HigJun 15, 2017
    risk 0.48cvss 7.3epss 0.02

    Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow a locally-authenticated attacker to run a specially crafted application on a targeted system when Windows Secure Kernel Mode fails to properly handle objects in memory, aka "Windows Elevation of…

  • CVE-2017-8460HigJun 15, 2017
    risk 0.48cvss 7.3epss 0.03

    Windows PDF in Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows information disclosure when a user opens a specially crafted PDF file, aka "Windows PDF Information Disclosure Vulnerability".

Page 15 of 178