VYPR

Windows Server 2016

by Microsoft

CVEs (3,555)

  • CVE-2017-0298HigJun 15, 2017
    risk 0.48cvss 7.3epss 0.02

    A DCOM object in Helppane.exe in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016, when configured to run as the interactive user, allows an…

  • CVE-2017-0063MedMar 17, 2017
    risk 0.48cvss 6.5epss 0.35

    The Color Management Module (ICM32.dll) memory handling functionality in Windows Vista SP2; Windows Server 2008 SP2 and R2; and Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote…

  • CVE-2026-32202MedKEVApr 14, 2026
    risk 0.47cvss 4.3epss 0.64

    Protection mechanism failure in Windows Shell allows an unauthorized attacker to perform spoofing over a network.

  • CVE-2026-32149HigApr 14, 2026
    risk 0.47cvss 7.3epss 0.00

    Improper input validation in Windows Hyper-V allows an authorized attacker to execute code locally.

  • CVE-2022-26826HigApr 15, 2022
    risk 0.47cvss 7.2epss 0.04

    Windows DNS Server Remote Code Execution Vulnerability

  • CVE-2017-11823MedOct 13, 2017
    risk 0.47cvss 6.7epss 0.03

    The Microsoft Device Guard on Microsoft Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows a security feature bypass by the way it handles Windows PowerShell sessions, aka "Microsoft Windows Security Feature Bypass".

  • CVE-2017-8699HigSep 13, 2017
    risk 0.47cvss 7.0epss 0.21

    Windows Shell in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to run arbitrary code in the context of the current user, due to…

  • CVE-2017-8588HigJul 11, 2017
    risk 0.47cvss 7.0epss 0.17

    Microsoft WordPad in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows a remote code execution vulnerability due to the way it parses specially…

  • CVE-2026-47288HigJun 9, 2026
    risk 0.46cvss 7.1epss 0.01

    Integer overflow or wraparound in Windows Kerberos allows an authorized attacker to execute code over an adjacent network.

  • CVE-2026-45653HigJun 9, 2026
    risk 0.46cvss 7.0epss 0.00

    Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally.

  • CVE-2026-45603HigJun 9, 2026
    risk 0.46cvss 7.0epss 0.00

    Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.

  • CVE-2026-45601HigJun 9, 2026
    risk 0.46cvss 7.0epss 0.00

    Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.

  • CVE-2026-45598HigJun 9, 2026
    risk 0.46cvss 7.0epss 0.00

    Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.

  • CVE-2026-45596HigJun 9, 2026
    risk 0.46cvss 7.0epss 0.00

    Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.

  • CVE-2026-42912HigJun 9, 2026
    risk 0.46cvss 7.0epss 0.00

    Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Telephony Service allows an authorized attacker to elevate privileges locally.

  • CVE-2026-42911HigJun 9, 2026
    risk 0.46cvss 7.0epss 0.00

    Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.

  • CVE-2026-42836HigJun 9, 2026
    risk 0.46cvss 7.0epss 0.00

    Concurrent execution using shared resource with improper synchronization ('race condition') in Function Discovery Service (fdwsd.dll) allows an authorized attacker to elevate privileges locally.

  • CVE-2026-41108HigJun 9, 2026
    risk 0.46cvss 7.0epss 0.00

    Heap-based buffer overflow in Microsoft Windows DNS allows an authorized attacker to elevate privileges locally.

  • CVE-2026-42825HigMay 12, 2026
    risk 0.46cvss 7.0epss 0.00

    Use after free in Windows Telephony Service allows an authorized attacker to elevate privileges locally.

  • CVE-2026-40410HigMay 12, 2026
    risk 0.46cvss 7.0epss 0.00

    Use after free in Windows SMB Client allows an authorized attacker to elevate privileges locally.

Page 16 of 178