Windows Server 2016
by Microsoft
CVEs (3,555)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-26881 | Hig | 0.49 | 7.5 | 0.02 | Mar 11, 2021 | Microsoft Windows Media Foundation Remote Code Execution Vulnerability | ||
| CVE-2021-26879 | Hig | 0.49 | 7.5 | 0.03 | Mar 11, 2021 | Windows Network Address Translation (NAT) Denial of Service Vulnerability | ||
| CVE-2021-1734 | Hig | 0.49 | 7.5 | 0.04 | Feb 25, 2021 | Windows Remote Procedure Call Information Disclosure Vulnerability | ||
| CVE-2021-1694 | Hig | 0.49 | 7.5 | 0.03 | Jan 12, 2021 | Windows Update Stack Elevation of Privilege Vulnerability | ||
| CVE-2020-16927 | Hig | 0.49 | 7.5 | 0.05 | Oct 16, 2020 | A denial of service vulnerability exists in Remote Desktop Protocol (RDP) when an attacker connects to the target system using RDP and sends specially crafted requests. An attacker who successfully exploited this vulnerability could cause the RDP service on the target system… | ||
| CVE-2020-1228 | Hig | 0.49 | 7.5 | 0.04 | Sep 11, 2020 | A denial of service vulnerability exists in Windows DNS when it fails to properly handle queries. An attacker who successfully exploited this vulnerability could cause the DNS service to become nonresponsive. To exploit the vulnerability, an authenticated attacker… | ||
| CVE-2020-1031 | Hig | 0.49 | 7.5 | 0.05 | Sep 11, 2020 | An information disclosure vulnerability exists in the way that the Windows Server DHCP service improperly discloses the contents of its memory. To exploit the vulnerability, an unauthenticated attacker could send a specially crafted packet to an affected DHCP server. … | ||
| CVE-2020-1013 | Hig | 0.49 | 7.5 | 0.06 | Sep 11, 2020 | An elevation of privilege vulnerability exists when Microsoft Windows processes group policy updates. An attacker who successfully exploited this vulnerability could potentially escalate permissions or perform additional privileged actions on the target machine. To… | ||
| CVE-2020-0908 | Hig | 0.49 | 7.5 | 0.03 | Sep 11, 2020 | A remote code execution vulnerability exists when the Windows Text Service Module improperly handles memory. An attacker who successfully exploited the vulnerability could gain execution on a victim system. An attacker could host a specially crafted website that is… | ||
| CVE-2020-0836 | Hig | 0.49 | 7.5 | 0.05 | Sep 11, 2020 | A denial of service vulnerability exists in Windows DNS when it fails to properly handle queries. An attacker who successfully exploited this vulnerability could cause the DNS service to become nonresponsive. To exploit the vulnerability, an authenticated attacker… | ||
| CVE-2020-1565 | Hig | 0.49 | 7.5 | 0.03 | Aug 17, 2020 | An elevation of privilege vulnerability exists when the "Public Account Pictures" folder improperly handles junctions. To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted… | ||
| CVE-2020-1378 | Hig | 0.49 | 7.5 | 0.04 | Aug 17, 2020 | An elevation of privilege vulnerability exists when the Windows Kernel API improperly handles registry objects in memory. An attacker who successfully exploited the vulnerability could gain elevated privileges on a targeted system. A locally authenticated attacker could exploit… | ||
| CVE-2019-1255 | Hig | 0.49 | 7.5 | 0.04 | Sep 23, 2019 | A denial of service vulnerability exists when Microsoft Defender improperly handles files, aka 'Microsoft Defender Denial of Service Vulnerability'. | ||
| CVE-2019-1206 | Hig | 0.49 | 7.5 | 0.05 | Aug 14, 2019 | A memory corruption vulnerability exists in the Windows Server DHCP service when an attacker sends specially crafted packets to a DHCP failover server. An attacker who successfully exploited the vulnerability could cause the DHCP service to become nonresponsive. To exploit the… | ||
| CVE-2019-1057 | Hig | 0.49 | 7.5 | 0.03 | Aug 14, 2019 | A remote code execution vulnerability exists when the Microsoft XML Core Services MSXML parser processes user input. An attacker who successfully exploited the vulnerability could run malicious code remotely to take control of the user’s system. To exploit the vulnerability,… | ||
| CVE-2019-0909 | Hig | 0.49 | 7.5 | 0.04 | Jun 12, 2019 | A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by… | ||
| CVE-2018-8493 | Hig | 0.49 | 7.5 | 0.08 | Oct 10, 2018 | An information disclosure vulnerability exists when the Windows TCP/IP stack improperly handles fragmented IP packets, aka "Windows TCP/IP Information Disclosure Vulnerability." This affects Windows Server 2012 R2, Windows RT 8.1, Windows Server 2016, Windows 8.1, Windows 10,… | ||
| CVE-2018-8335 | Hig | 0.49 | 7.5 | 0.09 | Sep 13, 2018 | A denial of service vulnerability exists in the Microsoft Server Block Message (SMB) when an attacker sends specially crafted requests to the server, aka "Windows SMB Denial of Service Vulnerability." This affects Windows Server 2012 R2, Windows RT 8.1, Windows Server 2012,… | ||
| CVE-2018-8251 | Hig | 0.49 | 7.5 | 0.07 | Jun 14, 2018 | A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory, aka "Media Foundation Memory Corruption Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2012, Windows 8.1, Windows Server… | ||
| CVE-2018-8214 | Hig | 0.49 | 7.0 | 0.03 | Jun 14, 2018 | An elevation of privilege vulnerability exists in Windows when Desktop Bridge does not properly manage the virtual registry, aka "Windows Desktop Bridge Elevation of Privilege Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers. This CVE ID is unique… |
- risk 0.49cvss 7.5epss 0.02
Microsoft Windows Media Foundation Remote Code Execution Vulnerability
- risk 0.49cvss 7.5epss 0.03
Windows Network Address Translation (NAT) Denial of Service Vulnerability
- risk 0.49cvss 7.5epss 0.04
Windows Remote Procedure Call Information Disclosure Vulnerability
- risk 0.49cvss 7.5epss 0.03
Windows Update Stack Elevation of Privilege Vulnerability
- risk 0.49cvss 7.5epss 0.05
A denial of service vulnerability exists in Remote Desktop Protocol (RDP) when an attacker connects to the target system using RDP and sends specially crafted requests. An attacker who successfully exploited this vulnerability could cause the RDP service on the target system…
- risk 0.49cvss 7.5epss 0.04
A denial of service vulnerability exists in Windows DNS when it fails to properly handle queries. An attacker who successfully exploited this vulnerability could cause the DNS service to become nonresponsive. To exploit the vulnerability, an authenticated attacker…
- risk 0.49cvss 7.5epss 0.05
An information disclosure vulnerability exists in the way that the Windows Server DHCP service improperly discloses the contents of its memory. To exploit the vulnerability, an unauthenticated attacker could send a specially crafted packet to an affected DHCP server. …
- risk 0.49cvss 7.5epss 0.06
An elevation of privilege vulnerability exists when Microsoft Windows processes group policy updates. An attacker who successfully exploited this vulnerability could potentially escalate permissions or perform additional privileged actions on the target machine. To…
- risk 0.49cvss 7.5epss 0.03
A remote code execution vulnerability exists when the Windows Text Service Module improperly handles memory. An attacker who successfully exploited the vulnerability could gain execution on a victim system. An attacker could host a specially crafted website that is…
- risk 0.49cvss 7.5epss 0.05
A denial of service vulnerability exists in Windows DNS when it fails to properly handle queries. An attacker who successfully exploited this vulnerability could cause the DNS service to become nonresponsive. To exploit the vulnerability, an authenticated attacker…
- risk 0.49cvss 7.5epss 0.03
An elevation of privilege vulnerability exists when the "Public Account Pictures" folder improperly handles junctions. To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted…
- risk 0.49cvss 7.5epss 0.04
An elevation of privilege vulnerability exists when the Windows Kernel API improperly handles registry objects in memory. An attacker who successfully exploited the vulnerability could gain elevated privileges on a targeted system. A locally authenticated attacker could exploit…
- risk 0.49cvss 7.5epss 0.04
A denial of service vulnerability exists when Microsoft Defender improperly handles files, aka 'Microsoft Defender Denial of Service Vulnerability'.
- risk 0.49cvss 7.5epss 0.05
A memory corruption vulnerability exists in the Windows Server DHCP service when an attacker sends specially crafted packets to a DHCP failover server. An attacker who successfully exploited the vulnerability could cause the DHCP service to become nonresponsive. To exploit the…
- risk 0.49cvss 7.5epss 0.03
A remote code execution vulnerability exists when the Microsoft XML Core Services MSXML parser processes user input. An attacker who successfully exploited the vulnerability could run malicious code remotely to take control of the user’s system. To exploit the vulnerability,…
- risk 0.49cvss 7.5epss 0.04
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by…
- risk 0.49cvss 7.5epss 0.08
An information disclosure vulnerability exists when the Windows TCP/IP stack improperly handles fragmented IP packets, aka "Windows TCP/IP Information Disclosure Vulnerability." This affects Windows Server 2012 R2, Windows RT 8.1, Windows Server 2016, Windows 8.1, Windows 10,…
- risk 0.49cvss 7.5epss 0.09
A denial of service vulnerability exists in the Microsoft Server Block Message (SMB) when an attacker sends specially crafted requests to the server, aka "Windows SMB Denial of Service Vulnerability." This affects Windows Server 2012 R2, Windows RT 8.1, Windows Server 2012,…
- risk 0.49cvss 7.5epss 0.07
A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory, aka "Media Foundation Memory Corruption Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2012, Windows 8.1, Windows Server…
- risk 0.49cvss 7.0epss 0.03
An elevation of privilege vulnerability exists in Windows when Desktop Bridge does not properly manage the virtual registry, aka "Windows Desktop Bridge Elevation of Privilege Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers. This CVE ID is unique…
Page 71 of 178