Windows Server 2019
by Microsoft
CVEs (3,629)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-62221 | 0.12 | — | 0.02 | KEV | Dec 9, 2025 | Use after free in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally. | ||
| CVE-2025-59230 | 0.12 | — | 0.03 | KEV | Oct 14, 2025 | Improper access control in Windows Remote Access Connection Manager allows an authorized attacker to elevate privileges locally. | ||
| CVE-2025-24990 | 0.12 | — | 0.06 | KEV | Oct 14, 2025 | Microsoft is aware of vulnerabilities in the third party Agere Modem driver that ships natively with supported Windows operating systems. This is an announcement of the upcoming removal of ltmdm64.sys driver. The driver has been removed in the October cumulative update. Fax… | ||
| CVE-2025-32709 | 0.12 | — | 0.02 | KEV | May 13, 2025 | Null pointer dereference in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. | ||
| CVE-2025-32706 | 0.12 | — | 0.02 | KEV | May 13, 2025 | Improper input validation in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally. | ||
| CVE-2025-32701 | 0.12 | — | 0.01 | KEV | May 13, 2025 | Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally. | ||
| CVE-2025-30400 | 0.12 | — | 0.02 | KEV | May 13, 2025 | Use after free in Windows DWM allows an authorized attacker to elevate privileges locally. | ||
| CVE-2025-24993 | 0.12 | — | 0.02 | KEV | Mar 11, 2025 | Heap-based buffer overflow in Windows NTFS allows an unauthorized attacker to execute code locally. | ||
| CVE-2025-24991 | 0.12 | — | 0.02 | KEV | Mar 11, 2025 | Out-of-bounds read in Windows NTFS allows an authorized attacker to disclose information locally. | ||
| CVE-2025-24985 | 0.12 | — | 0.04 | KEV | Mar 11, 2025 | Integer overflow or wraparound in Windows Fast FAT Driver allows an unauthorized attacker to execute code locally. | ||
| CVE-2025-24984 | 0.12 | — | 0.02 | KEV | Mar 11, 2025 | Insertion of sensitive information into log file in Windows NTFS allows an unauthorized attacker to disclose information with a physical attack. | ||
| CVE-2025-21391 | 0.12 | — | 0.02 | KEV | Feb 11, 2025 | Windows Storage Elevation of Privilege Vulnerability | ||
| CVE-2024-38107 | 0.12 | — | 0.02 | KEV | Aug 13, 2024 | Windows Power Dependency Coordinator Elevation of Privilege Vulnerability | ||
| CVE-2024-38106 | 0.12 | — | 0.06 | KEV | Aug 13, 2024 | Windows Kernel Elevation of Privilege Vulnerability | ||
| CVE-2023-36033 | 0.12 | — | 0.12 | KEV | Nov 14, 2023 | Windows DWM Core Library Elevation of Privilege Vulnerability | ||
| CVE-2023-36036 | 0.12 | — | 0.17 | KEV | Nov 14, 2023 | Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability | ||
| CVE-2023-36563 | 0.12 | — | 0.21 | KEV | Oct 10, 2023 | Microsoft WordPad Information Disclosure Vulnerability | ||
| CVE-2023-21823 | 0.12 | — | 0.06 | KEV | Feb 14, 2023 | Windows Graphics Component Remote Code Execution Vulnerability | ||
| CVE-2022-41125 | 0.12 | — | 0.03 | KEV | Nov 9, 2022 | Windows CNG Key Isolation Service Elevation of Privilege Vulnerability | ||
| CVE-2022-38028 | 0.12 | — | 0.15 | KEV | Oct 11, 2022 | Windows Print Spooler Elevation of Privilege Vulnerability |
- risk 0.12cvss —epss 0.02
Use after free in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally.
- risk 0.12cvss —epss 0.03
Improper access control in Windows Remote Access Connection Manager allows an authorized attacker to elevate privileges locally.
- risk 0.12cvss —epss 0.06
Microsoft is aware of vulnerabilities in the third party Agere Modem driver that ships natively with supported Windows operating systems. This is an announcement of the upcoming removal of ltmdm64.sys driver. The driver has been removed in the October cumulative update. Fax…
- risk 0.12cvss —epss 0.02
Null pointer dereference in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
- risk 0.12cvss —epss 0.02
Improper input validation in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.
- risk 0.12cvss —epss 0.01
Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.
- risk 0.12cvss —epss 0.02
Use after free in Windows DWM allows an authorized attacker to elevate privileges locally.
- risk 0.12cvss —epss 0.02
Heap-based buffer overflow in Windows NTFS allows an unauthorized attacker to execute code locally.
- risk 0.12cvss —epss 0.02
Out-of-bounds read in Windows NTFS allows an authorized attacker to disclose information locally.
- risk 0.12cvss —epss 0.04
Integer overflow or wraparound in Windows Fast FAT Driver allows an unauthorized attacker to execute code locally.
- risk 0.12cvss —epss 0.02
Insertion of sensitive information into log file in Windows NTFS allows an unauthorized attacker to disclose information with a physical attack.
- risk 0.12cvss —epss 0.02
Windows Storage Elevation of Privilege Vulnerability
- risk 0.12cvss —epss 0.02
Windows Power Dependency Coordinator Elevation of Privilege Vulnerability
- risk 0.12cvss —epss 0.06
Windows Kernel Elevation of Privilege Vulnerability
- risk 0.12cvss —epss 0.12
Windows DWM Core Library Elevation of Privilege Vulnerability
- risk 0.12cvss —epss 0.17
Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
- risk 0.12cvss —epss 0.21
Microsoft WordPad Information Disclosure Vulnerability
- risk 0.12cvss —epss 0.06
Windows Graphics Component Remote Code Execution Vulnerability
- risk 0.12cvss —epss 0.03
Windows CNG Key Isolation Service Elevation of Privilege Vulnerability
- risk 0.12cvss —epss 0.15
Windows Print Spooler Elevation of Privilege Vulnerability
Page 19 of 182