Windows Server 2003
by Microsoft
Source repositories
CVEs (4,742)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-48819 | Hig | 0.46 | 7.1 | 0.00 | Jul 8, 2025 | Sensitive data storage in improperly locked memory in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges over an adjacent network. | ||
| CVE-2025-47975 | Hig | 0.46 | 7.0 | 0.00 | Jul 8, 2025 | Double free in Windows SSDP Service allows an authorized attacker to elevate privileges locally. | ||
| CVE-2025-29841 | Hig | 0.46 | 7.0 | 0.00 | May 13, 2025 | Concurrent execution using shared resource with improper synchronization ('race condition') in Universal Print Management Service allows an authorized attacker to elevate privileges locally. | ||
| CVE-2025-27468 | Hig | 0.46 | 7.0 | 0.00 | May 13, 2025 | Improper privilege management in Windows Secure Kernel Mode allows an authorized attacker to elevate privileges locally. | ||
| CVE-2025-29809 | Hig | 0.46 | 7.1 | 0.04 | Apr 8, 2025 | Insecure storage of sensitive information in Windows Kerberos allows an authorized attacker to bypass a security feature locally. | ||
| CVE-2025-27732 | Hig | 0.46 | 7.0 | 0.00 | Apr 8, 2025 | Sensitive data storage in improperly locked memory in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally. | ||
| CVE-2025-27492 | Hig | 0.46 | 7.0 | 0.00 | Apr 8, 2025 | Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Secure Channel allows an authorized attacker to elevate privileges locally. | ||
| CVE-2025-27491 | Hig | 0.46 | 7.1 | 0.01 | Apr 8, 2025 | Use after free in Windows Hyper-V allows an authorized attacker to execute code over a network. | ||
| CVE-2025-27478 | Hig | 0.46 | 7.0 | 0.00 | Apr 8, 2025 | Heap-based buffer overflow in Windows Local Security Authority (LSA) allows an authorized attacker to elevate privileges locally. | ||
| CVE-2025-26665 | Hig | 0.46 | 7.0 | 0.00 | Apr 8, 2025 | Sensitive data storage in improperly locked memory in Windows upnphost.dll allows an authorized attacker to elevate privileges locally. | ||
| CVE-2025-26649 | Hig | 0.46 | 7.0 | 0.00 | Apr 8, 2025 | Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Secure Channel allows an authorized attacker to elevate privileges locally. | ||
| CVE-2025-21191 | Hig | 0.46 | 7.0 | 0.00 | Apr 8, 2025 | Time-of-check time-of-use (toctou) race condition in Windows Local Security Authority (LSA) allows an authorized attacker to elevate privileges locally. | ||
| CVE-2025-25008 | Hig | 0.46 | 7.1 | 0.01 | Mar 11, 2025 | Improper link resolution before file access ('link following') in Microsoft Windows allows an authorized attacker to elevate privileges locally. | ||
| CVE-2025-21419 | Hig | 0.46 | 7.1 | 0.01 | Feb 11, 2025 | Windows Setup Files Cleanup Elevation of Privilege Vulnerability | ||
| CVE-2025-21414 | Hig | 0.46 | 7.0 | 0.01 | Feb 11, 2025 | Windows Core Messaging Elevation of Privileges Vulnerability | ||
| CVE-2025-21184 | Hig | 0.46 | 7.0 | 0.01 | Feb 11, 2025 | Windows Core Messaging Elevation of Privileges Vulnerability | ||
| CVE-2025-21299 | Hig | 0.46 | 7.1 | 0.02 | Jan 14, 2025 | Windows Kerberos Security Feature Bypass Vulnerability | ||
| CVE-2024-49097 | Hig | 0.46 | 7.0 | 0.00 | Dec 12, 2024 | Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability | ||
| CVE-2024-49095 | Hig | 0.46 | 7.0 | 0.00 | Dec 12, 2024 | Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability | ||
| CVE-2024-49084 | Hig | 0.46 | 7.0 | 0.00 | Dec 12, 2024 | Windows Kernel Elevation of Privilege Vulnerability |
- risk 0.46cvss 7.1epss 0.00
Sensitive data storage in improperly locked memory in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges over an adjacent network.
- risk 0.46cvss 7.0epss 0.00
Double free in Windows SSDP Service allows an authorized attacker to elevate privileges locally.
- risk 0.46cvss 7.0epss 0.00
Concurrent execution using shared resource with improper synchronization ('race condition') in Universal Print Management Service allows an authorized attacker to elevate privileges locally.
- risk 0.46cvss 7.0epss 0.00
Improper privilege management in Windows Secure Kernel Mode allows an authorized attacker to elevate privileges locally.
- risk 0.46cvss 7.1epss 0.04
Insecure storage of sensitive information in Windows Kerberos allows an authorized attacker to bypass a security feature locally.
- risk 0.46cvss 7.0epss 0.00
Sensitive data storage in improperly locked memory in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally.
- risk 0.46cvss 7.0epss 0.00
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Secure Channel allows an authorized attacker to elevate privileges locally.
- risk 0.46cvss 7.1epss 0.01
Use after free in Windows Hyper-V allows an authorized attacker to execute code over a network.
- risk 0.46cvss 7.0epss 0.00
Heap-based buffer overflow in Windows Local Security Authority (LSA) allows an authorized attacker to elevate privileges locally.
- risk 0.46cvss 7.0epss 0.00
Sensitive data storage in improperly locked memory in Windows upnphost.dll allows an authorized attacker to elevate privileges locally.
- risk 0.46cvss 7.0epss 0.00
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Secure Channel allows an authorized attacker to elevate privileges locally.
- risk 0.46cvss 7.0epss 0.00
Time-of-check time-of-use (toctou) race condition in Windows Local Security Authority (LSA) allows an authorized attacker to elevate privileges locally.
- risk 0.46cvss 7.1epss 0.01
Improper link resolution before file access ('link following') in Microsoft Windows allows an authorized attacker to elevate privileges locally.
- risk 0.46cvss 7.1epss 0.01
Windows Setup Files Cleanup Elevation of Privilege Vulnerability
- risk 0.46cvss 7.0epss 0.01
Windows Core Messaging Elevation of Privileges Vulnerability
- risk 0.46cvss 7.0epss 0.01
Windows Core Messaging Elevation of Privileges Vulnerability
- risk 0.46cvss 7.1epss 0.02
Windows Kerberos Security Feature Bypass Vulnerability
- risk 0.46cvss 7.0epss 0.00
Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability
- risk 0.46cvss 7.0epss 0.00
Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability
- risk 0.46cvss 7.0epss 0.00
Windows Kernel Elevation of Privilege Vulnerability
Page 136 of 238