VYPR

Windows Server 2016

by Microsoft

CVEs (3,555)

  • CVE-2026-40399HigMay 12, 2026
    risk 0.51cvss 7.8epss 0.00

    Concurrent execution using shared resource with improper synchronization ('race condition') in Windows TCP/IP allows an authorized attacker to elevate privileges locally.

  • CVE-2026-40397HigMay 12, 2026
    risk 0.51cvss 7.8epss 0.00

    Heap-based buffer overflow in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.

  • CVE-2026-40382HigMay 12, 2026
    risk 0.51cvss 7.8epss 0.00

    Use after free in Windows Telephony Service allows an authorized attacker to elevate privileges locally.

  • CVE-2026-40377HigMay 12, 2026
    risk 0.51cvss 7.8epss 0.00

    Heap-based buffer overflow in Windows Cryptographic Services allows an authorized attacker to elevate privileges locally.

  • CVE-2026-35421HigMay 12, 2026
    risk 0.51cvss 7.8epss 0.01

    Heap-based buffer overflow in Windows GDI allows an unauthorized attacker to execute code locally.

  • CVE-2026-35420HigMay 12, 2026
    risk 0.51cvss 7.8epss 0.00

    Heap-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges locally.

  • CVE-2026-34351HigMay 12, 2026
    risk 0.51cvss 7.8epss 0.00

    Concurrent execution using shared resource with improper synchronization ('race condition') in Windows TCP/IP allows an authorized attacker to elevate privileges locally.

  • CVE-2026-34344HigMay 12, 2026
    risk 0.51cvss 7.8epss 0.00

    Access of resource using incompatible type ('type confusion') in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.

  • CVE-2026-34343HigMay 12, 2026
    risk 0.51cvss 7.8epss 0.00

    Heap-based buffer overflow in Windows Application Identity (AppID) Subsystem allows an authorized attacker to elevate privileges locally.

  • CVE-2026-34336HigMay 12, 2026
    risk 0.51cvss 7.8epss 0.00

    Integer overflow or wraparound in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.

  • CVE-2026-34330HigMay 12, 2026
    risk 0.51cvss 7.8epss 0.00

    Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally.

  • CVE-2026-33838HigMay 12, 2026
    risk 0.51cvss 7.8epss 0.00

    Double free in Windows Message Queuing allows an authorized attacker to elevate privileges locally.

  • CVE-2026-33837HigMay 12, 2026
    risk 0.51cvss 7.8epss 0.02

    Heap-based buffer overflow in Windows TCP/IP allows an authorized attacker to elevate privileges locally.

  • CVE-2026-33834HigMay 12, 2026
    risk 0.51cvss 7.8epss 0.00

    Improper access control in Windows Event Logging Service allows an authorized attacker to elevate privileges locally.

  • CVE-2026-33098HigApr 14, 2026
    risk 0.51cvss 7.8epss 0.00

    Use after free in Windows Container Isolation FS Filter Driver allows an authorized attacker to elevate privileges locally.

  • CVE-2026-32183HigApr 14, 2026
    risk 0.51cvss 7.8epss 0.01

    Improper neutralization of special elements used in a command ('command injection') in Windows Snipping Tool allows an unauthorized attacker to execute code locally.

  • CVE-2026-32164HigApr 14, 2026
    risk 0.51cvss 7.8epss 0.00

    Concurrent execution using shared resource with improper synchronization ('race condition') in Windows User Interface Core allows an authorized attacker to elevate privileges locally.

  • CVE-2026-32090HigApr 14, 2026
    risk 0.51cvss 7.8epss 0.00

    Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Speech Brokered Api allows an authorized attacker to elevate privileges locally.

  • CVE-2026-32089HigApr 14, 2026
    risk 0.51cvss 7.8epss 0.00

    Use after free in Windows Speech Brokered Api allows an authorized attacker to elevate privileges locally.

  • CVE-2026-32077HigApr 14, 2026
    risk 0.51cvss 7.8epss 0.00

    Untrusted pointer dereference in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges locally.

Page 8 of 178