Windows Server 2003
by Microsoft
Source repositories
CVEs (4,742)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-32181 | Med | 0.36 | 5.5 | 0.00 | Apr 14, 2026 | Improper privilege management in Microsoft Windows allows an authorized attacker to deny service locally. | ||
| CVE-2026-32085 | Med | 0.36 | 5.5 | 0.00 | Apr 14, 2026 | Exposure of sensitive information to an unauthorized actor in Windows Remote Procedure Call allows an authorized attacker to disclose information locally. | ||
| CVE-2026-32084 | Med | 0.36 | 5.5 | 0.00 | Apr 14, 2026 | Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an authorized attacker to disclose information locally. | ||
| CVE-2026-32081 | Med | 0.36 | 5.5 | 0.00 | Apr 14, 2026 | Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an authorized attacker to disclose information locally. | ||
| CVE-2026-32079 | Med | 0.36 | 5.5 | 0.00 | Apr 14, 2026 | Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an authorized attacker to disclose information locally. | ||
| CVE-2026-27931 | Med | 0.36 | 5.5 | 0.00 | Apr 14, 2026 | Out-of-bounds read in Windows GDI allows an unauthorized attacker to disclose information locally. | ||
| CVE-2026-27930 | Med | 0.36 | 5.5 | 0.00 | Apr 14, 2026 | Out-of-bounds read in Windows GDI allows an unauthorized attacker to disclose information locally. | ||
| CVE-2026-20806 | Med | 0.36 | 5.5 | 0.00 | Apr 14, 2026 | Access of resource using incompatible type ('type confusion') in Windows COM allows an authorized attacker to disclose information locally. | ||
| CVE-2026-25180 | Med | 0.36 | 5.5 | 0.01 | Mar 10, 2026 | Out-of-bounds read in Microsoft Graphics Component allows an unauthorized attacker to disclose information locally. | ||
| CVE-2026-2636 | Med | 0.36 | 5.5 | 0.00 | Feb 25, 2026 | This vulnerability is caused by a CWE‑159: "Improper Handling of Invalid Use of Special Elements" weakness, which leads to an unrecoverable inconsistency in the CLFS.sys driver. This condition forces a call to the KeBugCheckEx function, allowing an unprivileged user to trigger… | ||
| CVE-2025-53799 | Med | 0.36 | 5.5 | 0.01 | Sep 9, 2025 | Use of uninitialized resource in Windows Imaging Component allows an unauthorized attacker to disclose information locally. | ||
| CVE-2025-53136 | Med | 0.36 | 5.5 | 0.01 | Aug 12, 2025 | Exposure of sensitive information to an unauthorized actor in Windows NT OS Kernel allows an authorized attacker to disclose information locally. | ||
| CVE-2025-49684 | Med | 0.36 | 5.5 | 0.00 | Jul 8, 2025 | Buffer over-read in Storage Port Driver allows an authorized attacker to disclose information locally. | ||
| CVE-2025-49664 | Med | 0.36 | 5.5 | 0.01 | Jul 8, 2025 | Exposure of sensitive information to an unauthorized actor in Windows User-Mode Driver Framework Host allows an authorized attacker to disclose information locally. | ||
| CVE-2025-49658 | Med | 0.36 | 5.5 | 0.00 | Jul 8, 2025 | Out-of-bounds read in Windows TDX.sys allows an authorized attacker to disclose information locally. | ||
| CVE-2025-48808 | Med | 0.36 | 5.5 | 0.00 | Jul 8, 2025 | Exposure of sensitive information to an unauthorized actor in Windows Kernel allows an authorized attacker to disclose information locally. | ||
| CVE-2025-33065 | Med | 0.36 | 5.5 | 0.01 | Jun 10, 2025 | Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally. | ||
| CVE-2025-33063 | Med | 0.36 | 5.5 | 0.01 | Jun 10, 2025 | Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally. | ||
| CVE-2025-33062 | Med | 0.36 | 5.5 | 0.01 | Jun 10, 2025 | Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally. | ||
| CVE-2025-33061 | Med | 0.36 | 5.5 | 0.01 | Jun 10, 2025 | Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally. |
- risk 0.36cvss 5.5epss 0.00
Improper privilege management in Microsoft Windows allows an authorized attacker to deny service locally.
- risk 0.36cvss 5.5epss 0.00
Exposure of sensitive information to an unauthorized actor in Windows Remote Procedure Call allows an authorized attacker to disclose information locally.
- risk 0.36cvss 5.5epss 0.00
Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an authorized attacker to disclose information locally.
- risk 0.36cvss 5.5epss 0.00
Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an authorized attacker to disclose information locally.
- risk 0.36cvss 5.5epss 0.00
Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an authorized attacker to disclose information locally.
- risk 0.36cvss 5.5epss 0.00
Out-of-bounds read in Windows GDI allows an unauthorized attacker to disclose information locally.
- risk 0.36cvss 5.5epss 0.00
Out-of-bounds read in Windows GDI allows an unauthorized attacker to disclose information locally.
- risk 0.36cvss 5.5epss 0.00
Access of resource using incompatible type ('type confusion') in Windows COM allows an authorized attacker to disclose information locally.
- risk 0.36cvss 5.5epss 0.01
Out-of-bounds read in Microsoft Graphics Component allows an unauthorized attacker to disclose information locally.
- risk 0.36cvss 5.5epss 0.00
This vulnerability is caused by a CWE‑159: "Improper Handling of Invalid Use of Special Elements" weakness, which leads to an unrecoverable inconsistency in the CLFS.sys driver. This condition forces a call to the KeBugCheckEx function, allowing an unprivileged user to trigger…
- risk 0.36cvss 5.5epss 0.01
Use of uninitialized resource in Windows Imaging Component allows an unauthorized attacker to disclose information locally.
- risk 0.36cvss 5.5epss 0.01
Exposure of sensitive information to an unauthorized actor in Windows NT OS Kernel allows an authorized attacker to disclose information locally.
- risk 0.36cvss 5.5epss 0.00
Buffer over-read in Storage Port Driver allows an authorized attacker to disclose information locally.
- risk 0.36cvss 5.5epss 0.01
Exposure of sensitive information to an unauthorized actor in Windows User-Mode Driver Framework Host allows an authorized attacker to disclose information locally.
- risk 0.36cvss 5.5epss 0.00
Out-of-bounds read in Windows TDX.sys allows an authorized attacker to disclose information locally.
- risk 0.36cvss 5.5epss 0.00
Exposure of sensitive information to an unauthorized actor in Windows Kernel allows an authorized attacker to disclose information locally.
- risk 0.36cvss 5.5epss 0.01
Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.
- risk 0.36cvss 5.5epss 0.01
Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.
- risk 0.36cvss 5.5epss 0.01
Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.
- risk 0.36cvss 5.5epss 0.01
Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.
Page 164 of 238