VYPR

Windows Server 2019

by Microsoft

CVEs (3,628)

  • CVE-2020-1013HigSep 11, 2020
    risk 0.49cvss 7.5epss 0.06

    An elevation of privilege vulnerability exists when Microsoft Windows processes group policy updates. An attacker who successfully exploited this vulnerability could potentially escalate permissions or perform additional privileged actions on the target machine. To…

  • CVE-2020-0908HigSep 11, 2020
    risk 0.49cvss 7.5epss 0.03

    A remote code execution vulnerability exists when the Windows Text Service Module improperly handles memory. An attacker who successfully exploited the vulnerability could gain execution on a victim system. An attacker could host a specially crafted website that is…

  • CVE-2020-0836HigSep 11, 2020
    risk 0.49cvss 7.5epss 0.05

    A denial of service vulnerability exists in Windows DNS when it fails to properly handle queries. An attacker who successfully exploited this vulnerability could cause the DNS service to become nonresponsive. To exploit the vulnerability, an authenticated attacker…

  • CVE-2020-1565HigAug 17, 2020
    risk 0.49cvss 7.5epss 0.03

    An elevation of privilege vulnerability exists when the "Public Account Pictures" folder improperly handles junctions. To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted…

  • CVE-2020-1378HigAug 17, 2020
    risk 0.49cvss 7.5epss 0.04

    An elevation of privilege vulnerability exists when the Windows Kernel API improperly handles registry objects in memory. An attacker who successfully exploited the vulnerability could gain elevated privileges on a targeted system. A locally authenticated attacker could exploit…

  • CVE-2019-1255HigSep 23, 2019
    risk 0.49cvss 7.5epss 0.04

    A denial of service vulnerability exists when Microsoft Defender improperly handles files, aka 'Microsoft Defender Denial of Service Vulnerability'.

  • CVE-2019-1224HigAug 14, 2019
    risk 0.49cvss 7.5epss 0.08

    An information disclosure vulnerability exists when the Windows RDP server improperly discloses the contents of its memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the system. To exploit this vulnerability, an…

  • CVE-2019-1223HigAug 14, 2019
    risk 0.49cvss 7.5epss 0.05

    A denial of service vulnerability exists in Remote Desktop Protocol (RDP) when an attacker connects to the target system using RDP and sends specially crafted requests. An attacker who successfully exploited this vulnerability could cause the RDP service on the target system to…

  • CVE-2019-1206HigAug 14, 2019
    risk 0.49cvss 7.5epss 0.05

    A memory corruption vulnerability exists in the Windows Server DHCP service when an attacker sends specially crafted packets to a DHCP failover server. An attacker who successfully exploited the vulnerability could cause the DHCP service to become nonresponsive. To exploit the…

  • CVE-2019-1188HigAug 14, 2019
    risk 0.49cvss 7.5epss 0.04

    A remote code execution vulnerability exists in Microsoft Windows that could allow remote code execution if a .LNK file is processed. An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured…

  • CVE-2019-1057HigAug 14, 2019
    risk 0.49cvss 7.5epss 0.03

    A remote code execution vulnerability exists when the Microsoft XML Core Services MSXML parser processes user input. An attacker who successfully exploited the vulnerability could run malicious code remotely to take control of the user’s system. To exploit the vulnerability,…

  • CVE-2019-0959HigJun 12, 2019
    risk 0.49cvss 7.0epss 0.03

    An elevation of privilege vulnerability exists when the Windows Common Log File System (CLFS) driver improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context. To exploit the vulnerability, an…

  • CVE-2019-0909HigJun 12, 2019
    risk 0.49cvss 7.5epss 0.04

    A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by…

  • CVE-2026-40414HigMay 12, 2026
    risk 0.48cvss 7.4epss 0.01

    Windows TCP/IP Denial of Service Vulnerability

  • CVE-2026-40413HigMay 12, 2026
    risk 0.48cvss 7.4epss 0.00

    Windows TCP/IP Denial of Service Vulnerability

  • CVE-2026-32156HigApr 14, 2026
    risk 0.48cvss 7.4epss 0.00

    Use after free in Windows Universal Plug and Play (UPnP) Device Host allows an unauthorized attacker to execute code locally.

  • CVE-2025-49690HigJul 8, 2025
    risk 0.48cvss 7.4epss 0.00

    Concurrent execution using shared resource with improper synchronization ('race condition') in Capability Access Management Service (camsvc) allows an unauthorized attacker to elevate privileges locally.

  • CVE-2025-24991MedKEVMar 11, 2025
    risk 0.48cvss 5.5epss 0.02

    Out-of-bounds read in Windows NTFS allows an authorized attacker to disclose information locally.

  • CVE-2025-21331HigJan 14, 2025
    risk 0.48cvss 7.3epss 0.01

    Windows Installer Elevation of Privilege Vulnerability

  • CVE-2024-49107HigDec 12, 2024
    risk 0.48cvss 7.3epss 0.02

    WmsRepair Service Elevation of Privilege Vulnerability

Page 102 of 182