Windows Server 2019
by Microsoft
CVEs (3,629)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-50154 | 0.05 | — | 0.26 | Aug 12, 2025 | Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an unauthorized attacker to perform spoofing over a network. | |||
| CVE-2024-43532 | 0.05 | — | 0.12 | Oct 8, 2024 | Remote Registry Service Elevation of Privilege Vulnerability | |||
| CVE-2024-38030 | 0.05 | — | 0.51 | Jul 9, 2024 | Windows Themes Spoofing Vulnerability | |||
| CVE-2024-21320 | 0.05 | — | 0.23 | Jan 9, 2024 | Windows Themes Spoofing Vulnerability | |||
| CVE-2019-1125 | 0.05 | — | 0.05 | Sep 3, 2019 | An information disclosure vulnerability exists when certain central processing units (CPU) speculatively access memory. An attacker who successfully exploited the vulnerability could read privileged data across trust boundaries. To exploit this vulnerability, an attacker would… | |||
| CVE-2019-1151 | 0.05 | — | 0.15 | Aug 14, 2019 | A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system. An attacker could then install programs; view,… | |||
| CVE-2019-1150 | 0.05 | — | 0.29 | Aug 14, 2019 | A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system. An attacker could then install programs; view,… | |||
| CVE-2019-0888 | 0.05 | — | 0.11 | Jun 12, 2019 | A remote code execution vulnerability exists in the way that ActiveX Data Objects (ADO) handle objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code with the victim user’s privileges. An attacker could craft a website that… | |||
| CVE-2025-47987 | 0.04 | — | 0.02 | Jul 8, 2025 | Heap-based buffer overflow in Windows Cred SSProvider Protocol allows an authorized attacker to elevate privileges locally. | |||
| CVE-2025-32724 | 0.04 | — | 0.02 | Jun 10, 2025 | Uncontrolled resource consumption in Windows Local Security Authority Subsystem Service (LSASS) allows an unauthorized attacker to deny service over a network. | |||
| CVE-2024-30038 | 0.04 | — | 0.03 | May 14, 2024 | Win32k Elevation of Privilege Vulnerability | |||
| CVE-2024-26230 | 0.04 | — | 0.24 | Apr 9, 2024 | Windows Telephony Server Elevation of Privilege Vulnerability | |||
| CVE-2024-26212 | 0.04 | — | 0.63 | Apr 9, 2024 | DHCP Server Service Denial of Service Vulnerability | |||
| CVE-2023-36606 | 0.04 | — | 0.67 | Oct 10, 2023 | Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability | |||
| CVE-2022-35748 | 0.04 | — | 0.47 | May 31, 2023 | HTTP.sys Denial of Service Vulnerability | |||
| CVE-2023-28293 | 0.04 | — | 0.03 | Apr 11, 2023 | Windows Kernel Elevation of Privilege Vulnerability | |||
| CVE-2023-21769 | 0.04 | — | 0.92 | Apr 11, 2023 | Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability | |||
| CVE-2023-21746 | 0.04 | — | 0.03 | Jan 10, 2023 | Windows NTLM Elevation of Privilege Vulnerability | |||
| CVE-2022-44666 | 0.04 | — | 0.40 | Dec 13, 2022 | Windows Contacts Remote Code Execution Vulnerability | |||
| CVE-2022-23270 | 0.04 | — | 0.73 | May 10, 2022 | Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability |
- CVE-2025-50154Aug 12, 2025risk 0.05cvss —epss 0.26
Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an unauthorized attacker to perform spoofing over a network.
- CVE-2024-43532Oct 8, 2024risk 0.05cvss —epss 0.12
Remote Registry Service Elevation of Privilege Vulnerability
- CVE-2024-38030Jul 9, 2024risk 0.05cvss —epss 0.51
Windows Themes Spoofing Vulnerability
- CVE-2024-21320Jan 9, 2024risk 0.05cvss —epss 0.23
Windows Themes Spoofing Vulnerability
- CVE-2019-1125Sep 3, 2019risk 0.05cvss —epss 0.05
An information disclosure vulnerability exists when certain central processing units (CPU) speculatively access memory. An attacker who successfully exploited the vulnerability could read privileged data across trust boundaries. To exploit this vulnerability, an attacker would…
- CVE-2019-1151Aug 14, 2019risk 0.05cvss —epss 0.15
A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system. An attacker could then install programs; view,…
- CVE-2019-1150Aug 14, 2019risk 0.05cvss —epss 0.29
A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited the vulnerability could take control of the affected system. An attacker could then install programs; view,…
- CVE-2019-0888Jun 12, 2019risk 0.05cvss —epss 0.11
A remote code execution vulnerability exists in the way that ActiveX Data Objects (ADO) handle objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code with the victim user’s privileges. An attacker could craft a website that…
- CVE-2025-47987Jul 8, 2025risk 0.04cvss —epss 0.02
Heap-based buffer overflow in Windows Cred SSProvider Protocol allows an authorized attacker to elevate privileges locally.
- CVE-2025-32724Jun 10, 2025risk 0.04cvss —epss 0.02
Uncontrolled resource consumption in Windows Local Security Authority Subsystem Service (LSASS) allows an unauthorized attacker to deny service over a network.
- CVE-2024-30038May 14, 2024risk 0.04cvss —epss 0.03
Win32k Elevation of Privilege Vulnerability
- CVE-2024-26230Apr 9, 2024risk 0.04cvss —epss 0.24
Windows Telephony Server Elevation of Privilege Vulnerability
- CVE-2024-26212Apr 9, 2024risk 0.04cvss —epss 0.63
DHCP Server Service Denial of Service Vulnerability
- CVE-2023-36606Oct 10, 2023risk 0.04cvss —epss 0.67
Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
- CVE-2022-35748May 31, 2023risk 0.04cvss —epss 0.47
HTTP.sys Denial of Service Vulnerability
- CVE-2023-28293Apr 11, 2023risk 0.04cvss —epss 0.03
Windows Kernel Elevation of Privilege Vulnerability
- CVE-2023-21769Apr 11, 2023risk 0.04cvss —epss 0.92
Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
- CVE-2023-21746Jan 10, 2023risk 0.04cvss —epss 0.03
Windows NTLM Elevation of Privilege Vulnerability
- CVE-2022-44666Dec 13, 2022risk 0.04cvss —epss 0.40
Windows Contacts Remote Code Execution Vulnerability
- CVE-2022-23270May 10, 2022risk 0.04cvss —epss 0.73
Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability
Page 22 of 182