Windows Server 2016
by Microsoft
CVEs (3,555)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-0271 | Med | 0.39 | 5.9 | 0.13 | May 12, 2017 | Microsoft Server Message Block 1.0 (SMBv1) allows an information disclosure vulnerability in the way that Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows… | ||
| CVE-2017-0270 | Med | 0.39 | 5.9 | 0.07 | May 12, 2017 | Microsoft Server Message Block 1.0 (SMBv1) allows an information disclosure vulnerability in the way that Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows… | ||
| CVE-2017-0269 | Med | 0.39 | 5.9 | 0.06 | May 12, 2017 | The Microsoft Server Message Block 1.0 (SMBv1) allows denial of service when an attacker sends specially crafted requests to the server, aka "Windows SMB Denial of Service Vulnerability". This CVE ID is unique from CVE-2017-0273 and CVE-2017-0280. | ||
| CVE-2017-0268 | Med | 0.39 | 5.9 | 0.07 | May 12, 2017 | Microsoft Server Message Block 1.0 (SMBv1) allows an information disclosure vulnerability in the way that Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows… | ||
| CVE-2017-0267 | Med | 0.39 | 5.9 | 0.13 | May 12, 2017 | Microsoft Server Message Block 1.0 (SMBv1) allows an information disclosure vulnerability in the way that Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows… | ||
| CVE-2017-0171 | Med | 0.39 | 5.9 | 0.04 | May 12, 2017 | Windows DNS Server allows a denial of service vulnerability when Microsoft Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 Gold and R2, and Windows Server 2016 are configured to answer version queries, aka "Windows DNS Server Denial of Service Vulnerability". | ||
| CVE-2017-0167 | Med | 0.39 | 5.5 | 0.06 | Apr 12, 2017 | An information disclosure vulnerability exists in Windows 8.1, Windows RT 8.1, Windows Server 2012 R2, Windows 10, and Windows Server 2016 when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain… | ||
| CVE-2022-35747 | Med | 0.38 | 5.9 | 0.02 | May 31, 2023 | Windows Point-to-Point Protocol (PPP) Denial of Service Vulnerability | ||
| CVE-2023-24900 | Med | 0.38 | 5.9 | 0.01 | May 9, 2023 | Windows NTLM Security Support Provider Information Disclosure Vulnerability | ||
| CVE-2022-41090 | Med | 0.38 | 5.9 | 0.01 | Nov 9, 2022 | Windows Point-to-Point Tunneling Protocol Denial of Service Vulnerability | ||
| CVE-2022-37965 | Med | 0.38 | 5.9 | 0.01 | Oct 11, 2022 | Windows Point-to-Point Tunneling Protocol Denial of Service Vulnerability | ||
| CVE-2020-1152 | Med | 0.38 | 5.8 | 0.01 | Sep 11, 2020 | An elevation of privilege vulnerability exists when Windows improperly handles calls to Win32k.sys. An attacker who successfully exploited the vulnerability could gain elevated privileges on a targeted system. To exploit the vulnerability, an attacker would have to log… | ||
| CVE-2019-0723 | Med | 0.38 | 5.8 | 0.05 | Aug 14, 2019 | A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system. An attacker who successfully exploited the vulnerability could cause the host server to crash. To… | ||
| CVE-2019-0718 | Med | 0.38 | 5.8 | 0.05 | Aug 14, 2019 | A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system. An attacker who successfully exploited the vulnerability could cause the host server to crash. To… | ||
| CVE-2019-0716 | Med | 0.38 | 5.8 | 0.04 | Aug 14, 2019 | A denial of service vulnerability exists when Windows improperly handles objects in memory. An attacker who successfully exploited the vulnerability could cause a target system to stop responding. To exploit this vulnerability, an attacker would have to log on to an affected… | ||
| CVE-2019-0715 | Med | 0.38 | 5.8 | 0.05 | Aug 14, 2019 | A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system. An attacker who successfully exploited the vulnerability could cause the host server to crash. To… | ||
| CVE-2019-0714 | Med | 0.38 | 5.8 | 0.05 | Aug 14, 2019 | A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system. An attacker who successfully exploited the vulnerability could cause the host server to crash. To… | ||
| CVE-2019-1040 | Med | 0.38 | 5.3 | 0.48 | Jun 12, 2019 | A tampering vulnerability exists in Microsoft Windows when a man-in-the-middle attacker is able to successfully bypass the NTLM MIC (Message Integrity Check) protection. An attacker who successfully exploited this vulnerability could gain the ability to downgrade NTLM security… | ||
| CVE-2017-11830 | Med | 0.38 | 5.3 | 0.03 | Nov 15, 2017 | Device Guard in Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016, and Windows Server, version 1709 allows an attacker to make an unsigned file appear to be signed, due to a security feature bypass, aka "Device Guard Security Feature Bypass Vulnerability". | ||
| CVE-2017-0191 | Med | 0.38 | 5.8 | 0.05 | Apr 12, 2017 | A denial of service vulnerability exists in the way that Windows 7, Windows 8.1, Windows 10, Windows Server 2008 R2, Windows Server 2012, Windows Server 2012 R2, and Windows Server 2016 handles objects in memory. An attacker who successfully exploited the vulnerability could… |
- risk 0.39cvss 5.9epss 0.13
Microsoft Server Message Block 1.0 (SMBv1) allows an information disclosure vulnerability in the way that Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows…
- risk 0.39cvss 5.9epss 0.07
Microsoft Server Message Block 1.0 (SMBv1) allows an information disclosure vulnerability in the way that Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows…
- risk 0.39cvss 5.9epss 0.06
The Microsoft Server Message Block 1.0 (SMBv1) allows denial of service when an attacker sends specially crafted requests to the server, aka "Windows SMB Denial of Service Vulnerability". This CVE ID is unique from CVE-2017-0273 and CVE-2017-0280.
- risk 0.39cvss 5.9epss 0.07
Microsoft Server Message Block 1.0 (SMBv1) allows an information disclosure vulnerability in the way that Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows…
- risk 0.39cvss 5.9epss 0.13
Microsoft Server Message Block 1.0 (SMBv1) allows an information disclosure vulnerability in the way that Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows…
- risk 0.39cvss 5.9epss 0.04
Windows DNS Server allows a denial of service vulnerability when Microsoft Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 Gold and R2, and Windows Server 2016 are configured to answer version queries, aka "Windows DNS Server Denial of Service Vulnerability".
- risk 0.39cvss 5.5epss 0.06
An information disclosure vulnerability exists in Windows 8.1, Windows RT 8.1, Windows Server 2012 R2, Windows 10, and Windows Server 2016 when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain…
- risk 0.38cvss 5.9epss 0.02
Windows Point-to-Point Protocol (PPP) Denial of Service Vulnerability
- risk 0.38cvss 5.9epss 0.01
Windows NTLM Security Support Provider Information Disclosure Vulnerability
- risk 0.38cvss 5.9epss 0.01
Windows Point-to-Point Tunneling Protocol Denial of Service Vulnerability
- risk 0.38cvss 5.9epss 0.01
Windows Point-to-Point Tunneling Protocol Denial of Service Vulnerability
- risk 0.38cvss 5.8epss 0.01
An elevation of privilege vulnerability exists when Windows improperly handles calls to Win32k.sys. An attacker who successfully exploited the vulnerability could gain elevated privileges on a targeted system. To exploit the vulnerability, an attacker would have to log…
- risk 0.38cvss 5.8epss 0.05
A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system. An attacker who successfully exploited the vulnerability could cause the host server to crash. To…
- risk 0.38cvss 5.8epss 0.05
A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system. An attacker who successfully exploited the vulnerability could cause the host server to crash. To…
- risk 0.38cvss 5.8epss 0.04
A denial of service vulnerability exists when Windows improperly handles objects in memory. An attacker who successfully exploited the vulnerability could cause a target system to stop responding. To exploit this vulnerability, an attacker would have to log on to an affected…
- risk 0.38cvss 5.8epss 0.05
A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system. An attacker who successfully exploited the vulnerability could cause the host server to crash. To…
- risk 0.38cvss 5.8epss 0.05
A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system. An attacker who successfully exploited the vulnerability could cause the host server to crash. To…
- risk 0.38cvss 5.3epss 0.48
A tampering vulnerability exists in Microsoft Windows when a man-in-the-middle attacker is able to successfully bypass the NTLM MIC (Message Integrity Check) protection. An attacker who successfully exploited this vulnerability could gain the ability to downgrade NTLM security…
- risk 0.38cvss 5.3epss 0.03
Device Guard in Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016, and Windows Server, version 1709 allows an attacker to make an unsigned file appear to be signed, due to a security feature bypass, aka "Device Guard Security Feature Bypass Vulnerability".
- risk 0.38cvss 5.8epss 0.05
A denial of service vulnerability exists in the way that Windows 7, Windows 8.1, Windows 10, Windows Server 2008 R2, Windows Server 2012, Windows Server 2012 R2, and Windows Server 2016 handles objects in memory. An attacker who successfully exploited the vulnerability could…
Page 99 of 178