Windows Server 2019
by Microsoft
CVEs (3,629)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2018-8639 | 0.21 | — | 0.22 | KEV | Dec 12, 2018 | An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server… | ||
| CVE-2018-8482 | Low | 0.21 | 3.1 | 0.05 | Oct 10, 2018 | An information disclosure vulnerability exists when Windows Media Player improperly discloses file information, aka "Windows Media Player Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server… | ||
| CVE-2018-8481 | Low | 0.21 | 3.1 | 0.05 | Oct 10, 2018 | An information disclosure vulnerability exists when Windows Media Player improperly discloses file information, aka "Windows Media Player Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server… | ||
| CVE-2021-36955 | 0.20 | — | 0.03 | KEV | Sep 15, 2021 | Windows Common Log File System Driver Elevation of Privilege Vulnerability | ||
| CVE-2025-33073 | 0.19 | — | 0.65 | KEV | Jun 10, 2025 | Improper access control in Windows SMB allows an authorized attacker to elevate privileges over a network. | ||
| CVE-2025-33053 | 0.19 | — | 0.82 | KEV | Jun 10, 2025 | External control of file name or path in Internet Shortcut Files allows an unauthorized attacker to execute code over a network. | ||
| CVE-2024-43451 | 0.19 | — | 0.82 | KEV | Nov 12, 2024 | NTLM Hash Disclosure Spoofing Vulnerability | ||
| CVE-2024-38112 | 0.19 | — | 0.84 | KEV | Jul 9, 2024 | Windows MSHTML Platform Spoofing Vulnerability | ||
| CVE-2024-35250 | 0.19 | — | 0.25 | KEV | Jun 11, 2024 | Windows Kernel-Mode Driver Elevation of Privilege Vulnerability | ||
| CVE-2023-36025 | 0.19 | — | 0.88 | KEV | Nov 14, 2023 | Windows SmartScreen Security Feature Bypass Vulnerability | ||
| CVE-2023-23376 | 0.19 | — | 0.11 | KEV | Feb 14, 2023 | Windows Common Log File System Driver Elevation of Privilege Vulnerability | ||
| CVE-2022-41091 | 0.19 | — | 0.02 | KEV | Nov 9, 2022 | Windows Mark of the Web Security Feature Bypass Vulnerability | ||
| CVE-2022-24521 | 0.19 | — | 0.07 | KEV | Apr 15, 2022 | Windows Common Log File System Driver Elevation of Privilege Vulnerability | ||
| CVE-2022-21971 | 0.19 | — | 0.54 | KEV | Feb 9, 2022 | Windows Runtime Remote Code Execution Vulnerability | ||
| CVE-2021-31956 | 0.19 | — | 0.20 | KEV | Jun 8, 2021 | Windows NTFS Elevation of Privilege Vulnerability | ||
| CVE-2019-1064 | 0.19 | — | 0.07 | KEV | Jun 12, 2019 | An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could then install programs; view,… | ||
| CVE-2025-29824 | 0.18 | — | 0.18 | KEV | Apr 8, 2025 | Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally. | ||
| CVE-2023-36802 | 0.18 | — | 0.26 | KEV | Sep 12, 2023 | Microsoft Streaming Service Proxy Elevation of Privilege Vulnerability | ||
| CVE-2022-41073 | 0.18 | — | 0.02 | KEV | Nov 9, 2022 | Windows Print Spooler Elevation of Privilege Vulnerability | ||
| CVE-2021-41379 | 0.18 | — | 0.20 | KEV | Nov 10, 2021 | Windows Installer Elevation of Privilege Vulnerability |
- risk 0.21cvss —epss 0.22
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server…
- risk 0.21cvss 3.1epss 0.05
An information disclosure vulnerability exists when Windows Media Player improperly discloses file information, aka "Windows Media Player Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server…
- risk 0.21cvss 3.1epss 0.05
An information disclosure vulnerability exists when Windows Media Player improperly discloses file information, aka "Windows Media Player Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server…
- risk 0.20cvss —epss 0.03
Windows Common Log File System Driver Elevation of Privilege Vulnerability
- risk 0.19cvss —epss 0.65
Improper access control in Windows SMB allows an authorized attacker to elevate privileges over a network.
- risk 0.19cvss —epss 0.82
External control of file name or path in Internet Shortcut Files allows an unauthorized attacker to execute code over a network.
- risk 0.19cvss —epss 0.82
NTLM Hash Disclosure Spoofing Vulnerability
- risk 0.19cvss —epss 0.84
Windows MSHTML Platform Spoofing Vulnerability
- risk 0.19cvss —epss 0.25
Windows Kernel-Mode Driver Elevation of Privilege Vulnerability
- risk 0.19cvss —epss 0.88
Windows SmartScreen Security Feature Bypass Vulnerability
- risk 0.19cvss —epss 0.11
Windows Common Log File System Driver Elevation of Privilege Vulnerability
- risk 0.19cvss —epss 0.02
Windows Mark of the Web Security Feature Bypass Vulnerability
- risk 0.19cvss —epss 0.07
Windows Common Log File System Driver Elevation of Privilege Vulnerability
- risk 0.19cvss —epss 0.54
Windows Runtime Remote Code Execution Vulnerability
- risk 0.19cvss —epss 0.20
Windows NTFS Elevation of Privilege Vulnerability
- risk 0.19cvss —epss 0.07
An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could then install programs; view,…
- risk 0.18cvss —epss 0.18
Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.
- risk 0.18cvss —epss 0.26
Microsoft Streaming Service Proxy Elevation of Privilege Vulnerability
- risk 0.18cvss —epss 0.02
Windows Print Spooler Elevation of Privilege Vulnerability
- risk 0.18cvss —epss 0.20
Windows Installer Elevation of Privilege Vulnerability
Page 16 of 182