Windows Server 2003
by Microsoft
Source repositories
CVEs (4,742)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-26155 | Med | 0.42 | 6.5 | 0.01 | Apr 14, 2026 | Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability | ||
| CVE-2025-60708 | Med | 0.42 | 6.5 | 0.00 | Nov 11, 2025 | Untrusted pointer dereference in Storvsp.sys Driver allows an authorized attacker to deny service locally. | ||
| CVE-2025-59259 | Med | 0.42 | 6.5 | 0.01 | Oct 14, 2025 | Improper validation of specified type of input in Windows Local Session Manager (LSM) allows an authorized attacker to deny service over a network. | ||
| CVE-2025-59244 | Med | 0.42 | 6.5 | 0.01 | Oct 14, 2025 | External control of file name or path in Windows Core Shell allows an unauthorized attacker to perform spoofing over a network. | ||
| CVE-2025-59214 | Med | 0.42 | 6.5 | 0.02 | Oct 14, 2025 | Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an unauthorized attacker to perform spoofing over a network. | ||
| CVE-2025-59185 | Med | 0.42 | 6.5 | 0.01 | Oct 14, 2025 | External control of file name or path in Windows Core Shell allows an unauthorized attacker to perform spoofing over a network. | ||
| CVE-2025-58739 | Med | 0.42 | 6.5 | 0.01 | Oct 14, 2025 | Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an unauthorized attacker to perform spoofing over a network. | ||
| CVE-2025-58729 | Med | 0.42 | 6.5 | 0.01 | Oct 14, 2025 | Improper validation of specified type of input in Windows Local Session Manager (LSM) allows an authorized attacker to deny service over a network. | ||
| CVE-2025-58717 | Med | 0.42 | 6.5 | 0.01 | Oct 14, 2025 | Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. | ||
| CVE-2025-55700 | Med | 0.42 | 6.5 | 0.01 | Oct 14, 2025 | Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. | ||
| CVE-2025-55225 | Med | 0.42 | 6.5 | 0.01 | Sep 9, 2025 | Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. | ||
| CVE-2025-54097 | Med | 0.42 | 6.5 | 0.01 | Sep 9, 2025 | Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. | ||
| CVE-2025-54096 | Med | 0.42 | 6.5 | 0.01 | Sep 9, 2025 | Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. | ||
| CVE-2025-54095 | Med | 0.42 | 6.5 | 0.01 | Sep 9, 2025 | Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. | ||
| CVE-2025-53806 | Med | 0.42 | 6.5 | 0.01 | Sep 9, 2025 | Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. | ||
| CVE-2025-53798 | Med | 0.42 | 6.5 | 0.01 | Sep 9, 2025 | Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. | ||
| CVE-2025-53797 | Med | 0.42 | 6.5 | 0.01 | Sep 9, 2025 | Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. | ||
| CVE-2025-53796 | Med | 0.42 | 6.5 | 0.01 | Sep 9, 2025 | Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. | ||
| CVE-2025-53716 | Med | 0.42 | 6.5 | 0.01 | Aug 12, 2025 | Null pointer dereference in Windows Local Security Authority Subsystem Service (LSASS) allows an authorized attacker to deny service over a network. | ||
| CVE-2025-50172 | Med | 0.42 | 6.5 | 0.01 | Aug 12, 2025 | Allocation of resources without limits or throttling in Windows DirectX allows an authorized attacker to deny service over a network. |
- risk 0.42cvss 6.5epss 0.01
Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability
- risk 0.42cvss 6.5epss 0.00
Untrusted pointer dereference in Storvsp.sys Driver allows an authorized attacker to deny service locally.
- risk 0.42cvss 6.5epss 0.01
Improper validation of specified type of input in Windows Local Session Manager (LSM) allows an authorized attacker to deny service over a network.
- risk 0.42cvss 6.5epss 0.01
External control of file name or path in Windows Core Shell allows an unauthorized attacker to perform spoofing over a network.
- risk 0.42cvss 6.5epss 0.02
Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an unauthorized attacker to perform spoofing over a network.
- risk 0.42cvss 6.5epss 0.01
External control of file name or path in Windows Core Shell allows an unauthorized attacker to perform spoofing over a network.
- risk 0.42cvss 6.5epss 0.01
Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an unauthorized attacker to perform spoofing over a network.
- risk 0.42cvss 6.5epss 0.01
Improper validation of specified type of input in Windows Local Session Manager (LSM) allows an authorized attacker to deny service over a network.
- risk 0.42cvss 6.5epss 0.01
Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.
- risk 0.42cvss 6.5epss 0.01
Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.
- risk 0.42cvss 6.5epss 0.01
Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.
- risk 0.42cvss 6.5epss 0.01
Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.
- risk 0.42cvss 6.5epss 0.01
Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.
- risk 0.42cvss 6.5epss 0.01
Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.
- risk 0.42cvss 6.5epss 0.01
Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.
- risk 0.42cvss 6.5epss 0.01
Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.
- risk 0.42cvss 6.5epss 0.01
Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.
- risk 0.42cvss 6.5epss 0.01
Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.
- risk 0.42cvss 6.5epss 0.01
Null pointer dereference in Windows Local Security Authority Subsystem Service (LSASS) allows an authorized attacker to deny service over a network.
- risk 0.42cvss 6.5epss 0.01
Allocation of resources without limits or throttling in Windows DirectX allows an authorized attacker to deny service over a network.
Page 157 of 238