VYPR

Windows Server 2019

by Microsoft

CVEs (3,629)

  • CVE-2022-26795HigApr 15, 2022
    risk 0.51cvss 7.8epss 0.01

    Windows Print Spooler Elevation of Privilege Vulnerability

  • CVE-2018-8497HigOct 10, 2018
    risk 0.51cvss 7.8epss 0.01

    An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory, aka "Windows Kernel Elevation of Privilege Vulnerability." This affects Windows Server 2016, Windows 10, Windows Server 2019, Windows 10 Servers.

  • CVE-2018-8484HigOct 10, 2018
    risk 0.51cvss 7.8epss 0.01

    An elevation of privilege vulnerability exists when the DirectX Graphics Kernel (DXGKRNL) driver improperly handles objects in memory, aka "DirectX Graphics Kernel Elevation of Privilege Vulnerability." This affects Windows Server 2012 R2, Windows RT 8.1, Windows Server 2012,…

  • CVE-2013-3900MedKEVDec 11, 2013
    risk 0.51cvss 5.5epss 0.45

    Why is Microsoft republishing a CVE from 2013? We are republishing CVE-2013-3900 in the Security Update Guide to update the Security Updates table and to inform customers that the EnableCertPaddingCheck is available in all currently supported versions of Windows 10 and Windows…

  • CVE-2026-27913HigApr 14, 2026
    risk 0.50cvss 7.7epss 0.00

    Improper input validation in Windows BitLocker allows an unauthorized attacker to bypass a security feature locally.

  • CVE-2026-48563HigJun 9, 2026
    risk 0.49cvss 7.5epss 0.01

    Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network.

  • CVE-2026-47654HigJun 9, 2026
    risk 0.49cvss 7.5epss 0.01

    Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network.

  • CVE-2026-44801HigJun 9, 2026
    risk 0.49cvss 7.5epss 0.00

    Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network.

  • CVE-2026-42992HigJun 9, 2026
    risk 0.49cvss 7.5epss 0.00

    Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network.

  • CVE-2026-42909HigJun 9, 2026
    risk 0.49cvss 7.5epss 0.00

    Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network.

  • CVE-2026-40406HigMay 12, 2026
    risk 0.49cvss 7.5epss 0.01

    Use after free in Windows TCP/IP allows an unauthorized attacker to disclose information over a network.

  • CVE-2026-35424HigMay 12, 2026
    risk 0.49cvss 7.5epss 0.01

    Missing release of memory after effective lifetime in Windows Internet Key Exchange (IKE) Protocol allows an unauthorized attacker to deny service over a network.

  • CVE-2026-32071HigApr 14, 2026
    risk 0.49cvss 7.5epss 0.01

    Null pointer dereference in Windows Local Security Authority Subsystem Service (LSASS) allows an unauthorized attacker to deny service over a network.

  • CVE-2026-26154HigApr 14, 2026
    risk 0.49cvss 7.5epss 0.01

    Improper input validation in Windows Server Update Service allows an unauthorized attacker to perform tampering over a network.

  • CVE-2026-20921HigJan 13, 2026
    risk 0.49cvss 7.5epss 0.01

    Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SMB Server allows an authorized attacker to elevate privileges over a network.

  • CVE-2025-26687HigApr 8, 2025
    risk 0.49cvss 7.5epss 0.01

    Use after free in Windows Win32K - GRFX allows an unauthorized attacker to elevate privileges over a network.

  • CVE-2026-40414HigMay 12, 2026
    risk 0.48cvss 7.4epss 0.01

    Windows TCP/IP Denial of Service Vulnerability

  • CVE-2026-40413HigMay 12, 2026
    risk 0.48cvss 7.4epss 0.00

    Windows TCP/IP Denial of Service Vulnerability

  • CVE-2026-32156HigApr 14, 2026
    risk 0.48cvss 7.4epss 0.00

    Use after free in Windows Universal Plug and Play (UPnP) Device Host allows an unauthorized attacker to execute code locally.

  • CVE-2026-32202MedKEVApr 14, 2026
    risk 0.47cvss 4.3epss 0.64

    Protection mechanism failure in Windows Shell allows an unauthorized attacker to perform spoofing over a network.

Page 8 of 182