Windows Server 2016
by Microsoft
CVEs (3,555)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-47648 | Hig | 0.45 | 7.0 | 0.00 | Jun 9, 2026 | Untrusted search path in Windows Storage allows an authorized attacker to elevate privileges locally. | ||
| CVE-2026-34335 | Hig | 0.45 | 7.0 | 0.00 | Jun 9, 2026 | Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. | ||
| CVE-2020-1034 | Med | 0.45 | 6.8 | 0.04 | Sep 11, 2020 | An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. To exploit the vulnerability, a locally authenticated… | ||
| CVE-2018-8438 | Med | 0.45 | 6.8 | 0.07 | Sep 13, 2018 | A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system, aka "Windows Hyper-V Denial of Service Vulnerability." This affects Windows Server 2012 R2,… | ||
| CVE-2017-8623 | Med | 0.45 | 6.8 | 0.07 | Aug 8, 2017 | Windows Hyper-V in Windows 10 1607, 1703, and Windows Server 2016 allows a denial of service vulnerability when it fails to properly validate input from a privileged user on a guest operating system, aka "Windows Hyper-V Denial of Service Vulnerability". | ||
| CVE-2017-0038 | Med | 0.45 | 5.5 | 0.82 | Feb 20, 2017 | gdi32.dll in Graphics Device Interface (GDI) in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 allows remote attackers to obtain sensitive… | ||
| CVE-2026-50507 | Med | 0.44 | 6.8 | 0.05 | Jun 9, 2026 | Protection mechanism failure in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack. | ||
| CVE-2026-45608 | Med | 0.44 | 6.8 | 0.00 | Jun 9, 2026 | Out-of-bounds read in Windows DHCP Server allows an authorized attacker to disclose information locally. | ||
| CVE-2026-32170 | Med | 0.44 | 6.7 | 0.00 | May 12, 2026 | Double free in Windows Rich Text Edit allows an authorized attacker to elevate privileges locally. | ||
| CVE-2026-0390 | Med | 0.44 | 6.7 | 0.00 | Apr 14, 2026 | Reliance on untrusted inputs in a security decision in Windows Boot Loader allows an authorized attacker to bypass a security feature locally. | ||
| CVE-2023-36003 | Med | 0.44 | 6.7 | 0.03 | Dec 12, 2023 | XAML Diagnostics Elevation of Privilege Vulnerability | ||
| CVE-2023-36697 | Med | 0.44 | 6.8 | 0.02 | Oct 10, 2023 | Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability | ||
| CVE-2023-35332 | Med | 0.44 | 6.8 | 0.00 | Jul 11, 2023 | Windows Remote Desktop Protocol Security Feature Bypass | ||
| CVE-2023-32055 | Med | 0.44 | 6.7 | 0.00 | Jul 11, 2023 | Active Template Library Elevation of Privilege Vulnerability | ||
| CVE-2023-32043 | Med | 0.44 | 6.8 | 0.00 | Jul 11, 2023 | Windows Remote Desktop Security Feature Bypass Vulnerability | ||
| CVE-2022-35754 | Med | 0.44 | 6.7 | 0.00 | May 31, 2023 | Unified Write Filter Elevation of Privilege Vulnerability | ||
| CVE-2023-24932 | Med | 0.44 | 6.7 | 0.11 | May 9, 2023 | Secure Boot Security Feature Bypass Vulnerability | ||
| CVE-2023-21694 | Med | 0.44 | 6.8 | 0.01 | Feb 14, 2023 | Windows Fax Service Remote Code Execution Vulnerability | ||
| CVE-2023-21563 | Med | 0.44 | 6.8 | 0.02 | Jan 10, 2023 | BitLocker Security Feature Bypass Vulnerability | ||
| CVE-2022-44682 | Med | 0.44 | 6.8 | 0.01 | Dec 13, 2022 | Windows Hyper-V Denial of Service Vulnerability |
- risk 0.45cvss 7.0epss 0.00
Untrusted search path in Windows Storage allows an authorized attacker to elevate privileges locally.
- risk 0.45cvss 7.0epss 0.00
Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
- risk 0.45cvss 6.8epss 0.04
An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. To exploit the vulnerability, a locally authenticated…
- risk 0.45cvss 6.8epss 0.07
A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system, aka "Windows Hyper-V Denial of Service Vulnerability." This affects Windows Server 2012 R2,…
- risk 0.45cvss 6.8epss 0.07
Windows Hyper-V in Windows 10 1607, 1703, and Windows Server 2016 allows a denial of service vulnerability when it fails to properly validate input from a privileged user on a guest operating system, aka "Windows Hyper-V Denial of Service Vulnerability".
- risk 0.45cvss 5.5epss 0.82
gdi32.dll in Graphics Device Interface (GDI) in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 allows remote attackers to obtain sensitive…
- risk 0.44cvss 6.8epss 0.05
Protection mechanism failure in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack.
- risk 0.44cvss 6.8epss 0.00
Out-of-bounds read in Windows DHCP Server allows an authorized attacker to disclose information locally.
- risk 0.44cvss 6.7epss 0.00
Double free in Windows Rich Text Edit allows an authorized attacker to elevate privileges locally.
- risk 0.44cvss 6.7epss 0.00
Reliance on untrusted inputs in a security decision in Windows Boot Loader allows an authorized attacker to bypass a security feature locally.
- risk 0.44cvss 6.7epss 0.03
XAML Diagnostics Elevation of Privilege Vulnerability
- risk 0.44cvss 6.8epss 0.02
Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
- risk 0.44cvss 6.8epss 0.00
Windows Remote Desktop Protocol Security Feature Bypass
- risk 0.44cvss 6.7epss 0.00
Active Template Library Elevation of Privilege Vulnerability
- risk 0.44cvss 6.8epss 0.00
Windows Remote Desktop Security Feature Bypass Vulnerability
- risk 0.44cvss 6.7epss 0.00
Unified Write Filter Elevation of Privilege Vulnerability
- risk 0.44cvss 6.7epss 0.11
Secure Boot Security Feature Bypass Vulnerability
- risk 0.44cvss 6.8epss 0.01
Windows Fax Service Remote Code Execution Vulnerability
- risk 0.44cvss 6.8epss 0.02
BitLocker Security Feature Bypass Vulnerability
- risk 0.44cvss 6.8epss 0.01
Windows Hyper-V Denial of Service Vulnerability
Page 86 of 178