Windows Server 2016
by Microsoft
CVEs (3,555)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-37967 | Hig | 0.40 | 7.2 | 0.04 | Nov 9, 2022 | Windows Kerberos Elevation of Privilege Vulnerability | ||
| CVE-2022-22048 | Med | 0.40 | 6.1 | 0.01 | Jul 12, 2022 | BitLocker Security Feature Bypass Vulnerability | ||
| CVE-2021-33765 | Med | 0.40 | 6.2 | 0.01 | Jul 14, 2021 | Windows Installer Spoofing Vulnerability | ||
| CVE-2021-26413 | Med | 0.40 | 6.2 | 0.01 | Apr 13, 2021 | Windows Installer Spoofing Vulnerability | ||
| CVE-2021-26892 | Med | 0.40 | 6.2 | 0.01 | Mar 11, 2021 | Windows Extensible Firmware Interface Security Feature Bypass Vulnerability | ||
| CVE-2021-26886 | Med | 0.40 | 6.1 | 0.01 | Mar 11, 2021 | User Profile Service Denial of Service Vulnerability | ||
| CVE-2020-1598 | Med | 0.40 | 6.1 | 0.01 | Sep 11, 2020 | An elevation of privilege vulnerability exists when the Windows Universal Plug and Play (UPnP) service improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code with elevated system privileges. An attacker could… | ||
| CVE-2019-1125 | Med | 0.40 | 5.6 | 0.05 | Sep 3, 2019 | An information disclosure vulnerability exists when certain central processing units (CPU) speculatively access memory. An attacker who successfully exploited the vulnerability could read privileged data across trust boundaries. To exploit this vulnerability, an attacker would… | ||
| CVE-2018-8239 | Med | 0.40 | 5.5 | 0.59 | Jun 14, 2018 | An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka "Windows GDI Information Disclosure Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers. | ||
| CVE-2017-8683 | Med | 0.40 | 5.5 | 0.19 | Sep 13, 2017 | Windows graphics on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, allows an attacker to execute remote code by the way it handles embedded… | ||
| CVE-2017-0211 | Med | 0.40 | 5.5 | 0.14 | Apr 12, 2017 | An elevation of privilege vulnerability exists in Windows 10, Windows 8.1, Windows RT 8.1, Windows Server 2012, Windows Server 2012 R2, and Windows Server 2016 versions of Microsoft Windows OLE when it fails an integrity-level check, aka "Windows OLE Elevation of Privilege… | ||
| CVE-2017-0060 | Med | 0.40 | 5.5 | 0.16 | Mar 17, 2017 | The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607 allows remote attackers to obtain sensitive information from… | ||
| CVE-2017-0016 | Med | 0.40 | 5.9 | 0.24 | Mar 17, 2017 | Microsoft Windows 10 Gold, 1511, and 1607; Windows 8.1; Windows RT 8.1; Windows Server 2012 R2, and Windows Server 2016 do not properly handle certain requests in SMBv2 and SMBv3 packets, which allows remote attackers to execute arbitrary code via a crafted SMBv2 or SMBv3 packet… | ||
| CVE-2016-7223 | Med | 0.40 | 6.1 | 0.01 | Nov 10, 2016 | Virtual Hard Disk Driver in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 does not properly restrict access to files, which allows local users to gain privileges via a crafted application, aka… | ||
| CVE-2022-37985 | Med | 0.39 | 5.5 | 0.38 | Oct 11, 2022 | Windows Graphics Component Information Disclosure Vulnerability | ||
| CVE-2022-34709 | Med | 0.39 | 6.0 | 0.01 | Aug 9, 2022 | Windows Defender Credential Guard Security Feature Bypass Vulnerability | ||
| CVE-2022-22028 | Med | 0.39 | 5.9 | 0.02 | Jul 12, 2022 | Windows Network File System Information Disclosure Vulnerability | ||
| CVE-2021-33764 | Med | 0.39 | 5.9 | 0.03 | Jul 14, 2021 | Windows Key Distribution Center Information Disclosure Vulnerability | ||
| CVE-2019-1153 | Med | 0.39 | 5.5 | 0.03 | Aug 14, 2019 | An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. To exploit this… | ||
| CVE-2019-1148 | Med | 0.39 | 5.5 | 0.03 | Aug 14, 2019 | An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. To exploit this… |
- risk 0.40cvss 7.2epss 0.04
Windows Kerberos Elevation of Privilege Vulnerability
- risk 0.40cvss 6.1epss 0.01
BitLocker Security Feature Bypass Vulnerability
- risk 0.40cvss 6.2epss 0.01
Windows Installer Spoofing Vulnerability
- risk 0.40cvss 6.2epss 0.01
Windows Installer Spoofing Vulnerability
- risk 0.40cvss 6.2epss 0.01
Windows Extensible Firmware Interface Security Feature Bypass Vulnerability
- risk 0.40cvss 6.1epss 0.01
User Profile Service Denial of Service Vulnerability
- risk 0.40cvss 6.1epss 0.01
An elevation of privilege vulnerability exists when the Windows Universal Plug and Play (UPnP) service improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code with elevated system privileges. An attacker could…
- risk 0.40cvss 5.6epss 0.05
An information disclosure vulnerability exists when certain central processing units (CPU) speculatively access memory. An attacker who successfully exploited the vulnerability could read privileged data across trust boundaries. To exploit this vulnerability, an attacker would…
- risk 0.40cvss 5.5epss 0.59
An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka "Windows GDI Information Disclosure Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers.
- risk 0.40cvss 5.5epss 0.19
Windows graphics on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, allows an attacker to execute remote code by the way it handles embedded…
- risk 0.40cvss 5.5epss 0.14
An elevation of privilege vulnerability exists in Windows 10, Windows 8.1, Windows RT 8.1, Windows Server 2012, Windows Server 2012 R2, and Windows Server 2016 versions of Microsoft Windows OLE when it fails an integrity-level check, aka "Windows OLE Elevation of Privilege…
- risk 0.40cvss 5.5epss 0.16
The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607 allows remote attackers to obtain sensitive information from…
- risk 0.40cvss 5.9epss 0.24
Microsoft Windows 10 Gold, 1511, and 1607; Windows 8.1; Windows RT 8.1; Windows Server 2012 R2, and Windows Server 2016 do not properly handle certain requests in SMBv2 and SMBv3 packets, which allows remote attackers to execute arbitrary code via a crafted SMBv2 or SMBv3 packet…
- risk 0.40cvss 6.1epss 0.01
Virtual Hard Disk Driver in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 does not properly restrict access to files, which allows local users to gain privileges via a crafted application, aka…
- risk 0.39cvss 5.5epss 0.38
Windows Graphics Component Information Disclosure Vulnerability
- risk 0.39cvss 6.0epss 0.01
Windows Defender Credential Guard Security Feature Bypass Vulnerability
- risk 0.39cvss 5.9epss 0.02
Windows Network File System Information Disclosure Vulnerability
- risk 0.39cvss 5.9epss 0.03
Windows Key Distribution Center Information Disclosure Vulnerability
- risk 0.39cvss 5.5epss 0.03
An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. To exploit this…
- risk 0.39cvss 5.5epss 0.03
An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. To exploit this…
Page 97 of 178