Windows Server 2025
by Microsoft
CVEs (1,296)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-33057 | 0.01 | — | 0.01 | Jun 10, 2025 | Null pointer dereference in Windows Local Security Authority (LSA) allows an authorized attacker to deny service over a network. | |||
| CVE-2025-33050 | 0.01 | — | 0.02 | Jun 10, 2025 | Protection mechanism failure in Windows DHCP Server allows an unauthorized attacker to deny service over a network. | |||
| CVE-2025-32725 | 0.01 | — | 0.01 | Jun 10, 2025 | Protection mechanism failure in Windows DHCP Server allows an unauthorized attacker to deny service over a network. | |||
| CVE-2025-27469 | 0.01 | — | 0.02 | Apr 8, 2025 | Uncontrolled resource consumption in Windows LDAP - Lightweight Directory Access Protocol allows an unauthorized attacker to deny service over a network. | |||
| CVE-2025-26673 | 0.01 | — | 0.02 | Apr 8, 2025 | Uncontrolled resource consumption in Windows LDAP - Lightweight Directory Access Protocol allows an unauthorized attacker to deny service over a network. | |||
| CVE-2025-26651 | 0.01 | — | 0.02 | Apr 8, 2025 | Exposed dangerous method or function in Windows Local Session Manager (LSM) allows an authorized attacker to deny service over a network. | |||
| CVE-2025-26641 | 0.01 | — | 0.02 | Apr 8, 2025 | Uncontrolled resource consumption in Windows Cryptographic Services allows an unauthorized attacker to deny service over a network. | |||
| CVE-2025-21174 | 0.01 | — | 0.02 | Apr 8, 2025 | Uncontrolled resource consumption in Windows Standards-Based Storage Management Service allows an unauthorized attacker to deny service over a network. | |||
| CVE-2025-21181 | 0.01 | — | 0.03 | Feb 11, 2025 | Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability | |||
| CVE-2025-21351 | 0.01 | — | 0.02 | Feb 11, 2025 | Windows Active Directory Domain Services API Denial of Service Vulnerability | |||
| CVE-2025-21409 | 0.01 | — | 0.01 | Jan 14, 2025 | Windows Telephony Service Remote Code Execution Vulnerability | |||
| CVE-2025-21417 | 0.01 | — | 0.01 | Jan 14, 2025 | Windows Telephony Service Remote Code Execution Vulnerability | |||
| CVE-2025-21339 | 0.01 | — | 0.01 | Jan 14, 2025 | Windows Telephony Service Remote Code Execution Vulnerability | |||
| CVE-2025-21307 | 0.01 | — | 0.02 | Jan 14, 2025 | Windows Reliable Multicast Transport Driver (RMCAST) Remote Code Execution Vulnerability | |||
| CVE-2025-21276 | 0.01 | — | 0.02 | Jan 14, 2025 | Windows MapUrlToZone Denial of Service Vulnerability | |||
| CVE-2025-21413 | 0.01 | — | 0.01 | Jan 14, 2025 | Windows Telephony Service Remote Code Execution Vulnerability | |||
| CVE-2025-21411 | 0.01 | — | 0.01 | Jan 14, 2025 | Windows Telephony Service Remote Code Execution Vulnerability | |||
| CVE-2024-49080 | 0.01 | — | 0.02 | Dec 10, 2024 | Windows IP Routing Management Snapin Remote Code Execution Vulnerability | |||
| CVE-2024-49121 | 0.01 | — | 0.02 | Dec 10, 2024 | Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability | |||
| CVE-2026-23674 | 0.00 | — | 0.01 | Mar 10, 2026 | Improper resolution of path equivalence in Windows MapUrlToZone allows an unauthorized attacker to bypass a security feature over a network. |
- CVE-2025-33057Jun 10, 2025risk 0.01cvss —epss 0.01
Null pointer dereference in Windows Local Security Authority (LSA) allows an authorized attacker to deny service over a network.
- CVE-2025-33050Jun 10, 2025risk 0.01cvss —epss 0.02
Protection mechanism failure in Windows DHCP Server allows an unauthorized attacker to deny service over a network.
- CVE-2025-32725Jun 10, 2025risk 0.01cvss —epss 0.01
Protection mechanism failure in Windows DHCP Server allows an unauthorized attacker to deny service over a network.
- CVE-2025-27469Apr 8, 2025risk 0.01cvss —epss 0.02
Uncontrolled resource consumption in Windows LDAP - Lightweight Directory Access Protocol allows an unauthorized attacker to deny service over a network.
- CVE-2025-26673Apr 8, 2025risk 0.01cvss —epss 0.02
Uncontrolled resource consumption in Windows LDAP - Lightweight Directory Access Protocol allows an unauthorized attacker to deny service over a network.
- CVE-2025-26651Apr 8, 2025risk 0.01cvss —epss 0.02
Exposed dangerous method or function in Windows Local Session Manager (LSM) allows an authorized attacker to deny service over a network.
- CVE-2025-26641Apr 8, 2025risk 0.01cvss —epss 0.02
Uncontrolled resource consumption in Windows Cryptographic Services allows an unauthorized attacker to deny service over a network.
- CVE-2025-21174Apr 8, 2025risk 0.01cvss —epss 0.02
Uncontrolled resource consumption in Windows Standards-Based Storage Management Service allows an unauthorized attacker to deny service over a network.
- CVE-2025-21181Feb 11, 2025risk 0.01cvss —epss 0.03
Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
- CVE-2025-21351Feb 11, 2025risk 0.01cvss —epss 0.02
Windows Active Directory Domain Services API Denial of Service Vulnerability
- CVE-2025-21409Jan 14, 2025risk 0.01cvss —epss 0.01
Windows Telephony Service Remote Code Execution Vulnerability
- CVE-2025-21417Jan 14, 2025risk 0.01cvss —epss 0.01
Windows Telephony Service Remote Code Execution Vulnerability
- CVE-2025-21339Jan 14, 2025risk 0.01cvss —epss 0.01
Windows Telephony Service Remote Code Execution Vulnerability
- CVE-2025-21307Jan 14, 2025risk 0.01cvss —epss 0.02
Windows Reliable Multicast Transport Driver (RMCAST) Remote Code Execution Vulnerability
- CVE-2025-21276Jan 14, 2025risk 0.01cvss —epss 0.02
Windows MapUrlToZone Denial of Service Vulnerability
- CVE-2025-21413Jan 14, 2025risk 0.01cvss —epss 0.01
Windows Telephony Service Remote Code Execution Vulnerability
- CVE-2025-21411Jan 14, 2025risk 0.01cvss —epss 0.01
Windows Telephony Service Remote Code Execution Vulnerability
- CVE-2024-49080Dec 10, 2024risk 0.01cvss —epss 0.02
Windows IP Routing Management Snapin Remote Code Execution Vulnerability
- CVE-2024-49121Dec 10, 2024risk 0.01cvss —epss 0.02
Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability
- CVE-2026-23674Mar 10, 2026risk 0.00cvss —epss 0.01
Improper resolution of path equivalence in Windows MapUrlToZone allows an unauthorized attacker to bypass a security feature over a network.
Page 19 of 65