VYPR

Windows Server 2016

by Microsoft

CVEs (3,555)

  • CVE-2026-26167HigApr 14, 2026
    risk 0.57cvss 8.8epss 0.00

    Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Push Notifications allows an authorized attacker to elevate privileges locally.

  • CVE-2018-8413HigOct 10, 2018
    risk 0.57cvss 7.8epss 0.46

    A remote code execution vulnerability exists when "Windows Theme API" does not properly decompress files, aka "Windows Theme API Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2019, Windows Server 2012,…

  • CVE-2018-8219HigJun 14, 2018
    risk 0.57cvss 8.8epss 0.01

    An elevation of privilege vulnerability exists when Windows Hyper-V instruction emulation fails to properly enforce privilege levels, aka "Hypervisor Code Integrity Elevation of Privilege Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers.

  • CVE-2017-8620HigAug 8, 2017
    risk 0.57cvss 8.1epss 0.55

    Windows Search in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows a remote code execution vulnerability when it improperly handles objects in…

  • CVE-2017-8590HigJul 11, 2017
    risk 0.57cvss 8.8epss 0.01

    Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an elevation of privilege vulnerability due to the way that the Windows Common Log File…

  • CVE-2017-11810HigOct 13, 2017
    risk 0.56cvss 7.5epss 0.54

    Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current…

  • CVE-2016-7212HigNov 10, 2016
    risk 0.56cvss 7.8epss 0.70

    Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allow remote attackers to execute arbitrary code via a crafted image file, aka…

  • CVE-2026-45607HigJun 9, 2026
    risk 0.55cvss 8.4epss 0.00

    Out-of-bounds read in Windows Hyper-V allows an unauthorized attacker to execute code locally.

  • CVE-2026-32091HigApr 14, 2026
    risk 0.55cvss 8.4epss 0.00

    Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Brokering File System allows an unauthorized attacker to elevate privileges locally.

  • CVE-2018-8490HigOct 10, 2018
    risk 0.55cvss 8.4epss 0.04

    A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system, aka "Windows Hyper-V Remote Code Execution Vulnerability." This affects Windows Server 2016, Windows 10,…

  • CVE-2018-8489HigOct 10, 2018
    risk 0.55cvss 8.4epss 0.04

    A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system, aka "Windows Hyper-V Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2,…

  • CVE-2018-8439HigSep 13, 2018
    risk 0.55cvss 8.4epss 0.04

    A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system, aka "Windows Hyper-V Remote Code Execution Vulnerability." This affects Windows Server 2012 R2, Windows RT…

  • CVE-2018-0965HigSep 13, 2018
    risk 0.55cvss 8.4epss 0.05

    A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system, aka "Windows Hyper-V Remote Code Execution Vulnerability." This affects Windows Server 2016, Windows 10,…

  • CVE-2017-11779HigOct 13, 2017
    risk 0.55cvss 8.1epss 0.33

    The Microsoft Windows Domain Name System (DNS) DNSAPI.dll on Microsoft Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows a remote code execution vulnerability when it fails to properly handle DNS responses,…

  • CVE-2018-8411HigOct 10, 2018
    risk 0.54cvss 7.8epss 0.03

    An elevation of privilege vulnerability exists when NTFS improperly checks access, aka "NTFS Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows…

  • CVE-2018-8410HigSep 13, 2018
    risk 0.54cvss 7.8epss 0.04

    An elevation of privilege vulnerability exists when the Windows Kernel API improperly handles registry objects in memory, aka "Windows Registry Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2012, Windows…

  • CVE-2018-0952HigAug 15, 2018
    risk 0.54cvss 7.8epss 0.06

    An Elevation of Privilege vulnerability exists when Diagnostics Hub Standard Collector allows file creation in arbitrary locations, aka "Diagnostic Hub Standard Collector Elevation Of Privilege Vulnerability." This affects Windows Server 2016, Windows 10, Microsoft Visual…

  • CVE-2018-8231HigJun 14, 2018
    risk 0.54cvss 8.1epss 0.15

    A remote code execution vulnerability exists when HTTP Protocol Stack (Http.sys) improperly handles objects in memory, aka "HTTP Protocol Stack Remote Code Execution Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers.

  • CVE-2018-8225HigJun 14, 2018
    risk 0.54cvss 8.1epss 0.22

    A remote code execution vulnerability exists in Windows Domain Name System (DNS) DNSAPI.dll when it fails to properly handle DNS responses, aka "Windows DNSAPI Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server…

  • CVE-2017-0161HigSep 13, 2017
    risk 0.54cvss 8.1epss 0.11

    The Windows NetBT Session Services component on Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows a remote code execution vulnerability when it…

Page 4 of 178