Windows Server 2019
by Microsoft
CVEs (3,629)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-21525 | 0.13 | — | 0.05 | KEV | Feb 10, 2026 | Null pointer dereference in Windows Remote Access Connection Manager allows an unauthorized attacker to deny service locally. | ||
| CVE-2025-21418 | 0.13 | — | 0.01 | KEV | Feb 11, 2025 | Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability | ||
| CVE-2024-43573 | 0.13 | — | 0.44 | KEV | Oct 8, 2024 | Windows MSHTML Platform Spoofing Vulnerability | ||
| CVE-2024-43461 | 0.13 | — | 0.52 | KEV | Sep 10, 2024 | Windows MSHTML Platform Spoofing Vulnerability | ||
| CVE-2024-38217 | 0.13 | — | 0.10 | KEV | Sep 10, 2024 | Windows Mark of the Web Security Feature Bypass Vulnerability | ||
| CVE-2024-38014 | 0.13 | — | 0.06 | KEV | Sep 10, 2024 | Windows Installer Elevation of Privilege Vulnerability | ||
| CVE-2024-21351 | 0.13 | — | 0.30 | KEV | Feb 13, 2024 | Windows SmartScreen Security Feature Bypass Vulnerability | ||
| CVE-2023-36584 | 0.13 | — | 0.03 | KEV | Oct 10, 2023 | Windows Mark of the Web Security Feature Bypass Vulnerability | ||
| CVE-2023-32049 | 0.13 | — | 0.04 | KEV | Jul 11, 2023 | Windows SmartScreen Security Feature Bypass Vulnerability | ||
| CVE-2023-28229 | 0.13 | — | 0.02 | KEV | Apr 11, 2023 | Windows CNG Key Isolation Service Elevation of Privilege Vulnerability | ||
| CVE-2022-41049 | 0.13 | — | 0.02 | KEV | Nov 9, 2022 | Windows Mark of the Web Security Feature Bypass Vulnerability | ||
| CVE-2022-37969 | 0.13 | — | 0.28 | KEV | Sep 13, 2022 | Windows Common Log File System Driver Elevation of Privilege Vulnerability | ||
| CVE-2022-22718 | 0.13 | — | 0.18 | KEV | Feb 9, 2022 | Windows Print Spooler Elevation of Privilege Vulnerability | ||
| CVE-2021-43226 | 0.13 | — | 0.03 | KEV | Dec 15, 2021 | Windows Common Log File System Driver Elevation of Privilege Vulnerability | ||
| CVE-2021-33771 | 0.13 | — | 0.06 | KEV | Jul 14, 2021 | Windows Kernel Elevation of Privilege Vulnerability | ||
| CVE-2020-1464 | 0.13 | — | 0.41 | KEV | Aug 17, 2020 | A spoofing vulnerability exists when Windows incorrectly validates file signatures. An attacker who successfully exploited this vulnerability could bypass security features and load improperly signed files. In an attack scenario, an attacker could bypass security features… | ||
| CVE-2018-8611 | 0.13 | — | 0.04 | KEV | Dec 12, 2018 | An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka "Windows Kernel Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019,… | ||
| CVE-2026-21510 | 0.12 | — | 0.26 | KEV | Feb 10, 2026 | Protection mechanism failure in Windows Shell allows an unauthorized attacker to bypass a security feature over a network. | ||
| CVE-2026-21519 | 0.12 | — | 0.02 | KEV | Feb 10, 2026 | Access of resource using incompatible type ('type confusion') in Desktop Window Manager allows an authorized attacker to elevate privileges locally. | ||
| CVE-2026-20805 | 0.12 | — | 0.05 | KEV | Jan 13, 2026 | Exposure of sensitive information to an unauthorized actor in Desktop Windows Manager allows an authorized attacker to disclose information locally. |
- risk 0.13cvss —epss 0.05
Null pointer dereference in Windows Remote Access Connection Manager allows an unauthorized attacker to deny service locally.
- risk 0.13cvss —epss 0.01
Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
- risk 0.13cvss —epss 0.44
Windows MSHTML Platform Spoofing Vulnerability
- risk 0.13cvss —epss 0.52
Windows MSHTML Platform Spoofing Vulnerability
- risk 0.13cvss —epss 0.10
Windows Mark of the Web Security Feature Bypass Vulnerability
- risk 0.13cvss —epss 0.06
Windows Installer Elevation of Privilege Vulnerability
- risk 0.13cvss —epss 0.30
Windows SmartScreen Security Feature Bypass Vulnerability
- risk 0.13cvss —epss 0.03
Windows Mark of the Web Security Feature Bypass Vulnerability
- risk 0.13cvss —epss 0.04
Windows SmartScreen Security Feature Bypass Vulnerability
- risk 0.13cvss —epss 0.02
Windows CNG Key Isolation Service Elevation of Privilege Vulnerability
- risk 0.13cvss —epss 0.02
Windows Mark of the Web Security Feature Bypass Vulnerability
- risk 0.13cvss —epss 0.28
Windows Common Log File System Driver Elevation of Privilege Vulnerability
- risk 0.13cvss —epss 0.18
Windows Print Spooler Elevation of Privilege Vulnerability
- risk 0.13cvss —epss 0.03
Windows Common Log File System Driver Elevation of Privilege Vulnerability
- risk 0.13cvss —epss 0.06
Windows Kernel Elevation of Privilege Vulnerability
- risk 0.13cvss —epss 0.41
A spoofing vulnerability exists when Windows incorrectly validates file signatures. An attacker who successfully exploited this vulnerability could bypass security features and load improperly signed files. In an attack scenario, an attacker could bypass security features…
- risk 0.13cvss —epss 0.04
An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka "Windows Kernel Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019,…
- risk 0.12cvss —epss 0.26
Protection mechanism failure in Windows Shell allows an unauthorized attacker to bypass a security feature over a network.
- risk 0.12cvss —epss 0.02
Access of resource using incompatible type ('type confusion') in Desktop Window Manager allows an authorized attacker to elevate privileges locally.
- risk 0.12cvss —epss 0.05
Exposure of sensitive information to an unauthorized actor in Desktop Windows Manager allows an authorized attacker to disclose information locally.
Page 18 of 182