Windows Hyper-V
by Microsoft
CVEs (62)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2020-0918 | Med | 0.44 | 6.8 | 0.01 | Apr 15, 2020 | An elevation of privilege vulnerability exists when Windows Hyper-V on a host server fails to properly handle objects in memory, aka 'Windows Hyper-V Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0917. | ||
| CVE-2020-0917 | Med | 0.44 | 6.8 | 0.02 | Apr 15, 2020 | An elevation of privilege vulnerability exists when Windows Hyper-V on a host server fails to properly handle objects in memory, aka 'Windows Hyper-V Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0918. | ||
| CVE-2019-0886 | Med | 0.44 | 6.8 | 0.02 | May 16, 2019 | An information disclosure vulnerability exists when Windows Hyper-V on a host operating system fails to properly validate input from an authenticated user on a guest operating system, aka 'Windows Hyper-V Information Disclosure Vulnerability'. | ||
| CVE-2024-30011 | Med | 0.42 | 6.5 | 0.03 | May 14, 2024 | Windows Hyper-V Denial of Service Vulnerability | ||
| CVE-2023-36908 | Med | 0.42 | 6.5 | 0.01 | Aug 8, 2023 | Windows Hyper-V Information Disclosure Vulnerability | ||
| CVE-2022-22042 | Med | 0.42 | 6.5 | 0.02 | Jul 12, 2022 | Windows Hyper-V Information Disclosure Vulnerability | ||
| CVE-2022-23268 | Med | 0.42 | 6.5 | 0.01 | Apr 15, 2022 | Windows Hyper-V Denial of Service Vulnerability | ||
| CVE-2021-28441 | Med | 0.42 | 6.5 | 0.01 | Apr 13, 2021 | Windows Hyper-V Information Disclosure Vulnerability | ||
| CVE-2020-17040 | Med | 0.42 | 6.5 | 0.03 | Nov 11, 2020 | Windows Hyper-V Security Feature Bypass Vulnerability | ||
| CVE-2025-29955 | Med | 0.40 | 6.2 | 0.00 | May 13, 2025 | Improper input validation in Windows Hyper-V allows an unauthorized attacker to deny service locally. | ||
| CVE-2024-29064 | Med | 0.40 | 6.2 | 0.01 | Apr 9, 2024 | Windows Hyper-V Denial of Service Vulnerability | ||
| CVE-2019-1470 | Med | 0.40 | 6.0 | 0.06 | Dec 10, 2019 | An information disclosure vulnerability exists when Windows Hyper-V on a host operating system fails to properly validate input from an authenticated user on a guest operating system, aka 'Windows Hyper-V Information Disclosure Vulnerability'. | ||
| CVE-2019-0635 | Med | 0.40 | 6.2 | 0.02 | Mar 5, 2019 | An information disclosure vulnerability exists when Windows Hyper-V on a host operating system fails to properly validate input from an authenticated user on a guest operating system, aka 'Windows Hyper-V Information Disclosure Vulnerability'. | ||
| CVE-2025-48002 | Med | 0.37 | 5.7 | 0.01 | Jul 8, 2025 | Integer overflow or wraparound in Windows Hyper-V allows an authorized attacker to disclose information over an adjacent network. | ||
| CVE-2026-42972 | Med | 0.36 | 5.5 | 0.00 | Jun 9, 2026 | Exposure of sensitive information to an unauthorized actor in Windows Hyper-V allows an authorized attacker to disclose information locally. | ||
| CVE-2019-1254 | Med | 0.36 | 5.5 | 0.01 | Sep 11, 2019 | An information disclosure vulnerability exists when Windows Hyper-V writes uninitialized memory to disk, aka 'Windows Hyper-V Information Disclosure Vulnerability'. | ||
| CVE-2017-0169 | Med | 0.35 | 5.4 | 0.02 | Apr 12, 2017 | An information disclosure vulnerability exists when Windows Hyper-V running on a Windows 8.1, Windows Server 2012. or Windows Server 2012 R2 host operating system fails to properly validate input from an authenticated user on a guest operating system, aka "Hyper-V Information… | ||
| CVE-2022-21975 | Med | 0.31 | 4.7 | 0.00 | Mar 9, 2022 | Windows Hyper-V Denial of Service Vulnerability | ||
| CVE-2022-21905 | Med | 0.30 | 4.6 | 0.01 | Jan 11, 2022 | Windows Hyper-V Security Feature Bypass Vulnerability | ||
| CVE-2026-21244 | 0.03 | — | 0.01 | Feb 10, 2026 | Heap-based buffer overflow in Windows Hyper-V allows an authorized attacker to execute code locally. |
- risk 0.44cvss 6.8epss 0.01
An elevation of privilege vulnerability exists when Windows Hyper-V on a host server fails to properly handle objects in memory, aka 'Windows Hyper-V Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0917.
- risk 0.44cvss 6.8epss 0.02
An elevation of privilege vulnerability exists when Windows Hyper-V on a host server fails to properly handle objects in memory, aka 'Windows Hyper-V Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0918.
- risk 0.44cvss 6.8epss 0.02
An information disclosure vulnerability exists when Windows Hyper-V on a host operating system fails to properly validate input from an authenticated user on a guest operating system, aka 'Windows Hyper-V Information Disclosure Vulnerability'.
- risk 0.42cvss 6.5epss 0.03
Windows Hyper-V Denial of Service Vulnerability
- risk 0.42cvss 6.5epss 0.01
Windows Hyper-V Information Disclosure Vulnerability
- risk 0.42cvss 6.5epss 0.02
Windows Hyper-V Information Disclosure Vulnerability
- risk 0.42cvss 6.5epss 0.01
Windows Hyper-V Denial of Service Vulnerability
- risk 0.42cvss 6.5epss 0.01
Windows Hyper-V Information Disclosure Vulnerability
- risk 0.42cvss 6.5epss 0.03
Windows Hyper-V Security Feature Bypass Vulnerability
- risk 0.40cvss 6.2epss 0.00
Improper input validation in Windows Hyper-V allows an unauthorized attacker to deny service locally.
- risk 0.40cvss 6.2epss 0.01
Windows Hyper-V Denial of Service Vulnerability
- risk 0.40cvss 6.0epss 0.06
An information disclosure vulnerability exists when Windows Hyper-V on a host operating system fails to properly validate input from an authenticated user on a guest operating system, aka 'Windows Hyper-V Information Disclosure Vulnerability'.
- risk 0.40cvss 6.2epss 0.02
An information disclosure vulnerability exists when Windows Hyper-V on a host operating system fails to properly validate input from an authenticated user on a guest operating system, aka 'Windows Hyper-V Information Disclosure Vulnerability'.
- risk 0.37cvss 5.7epss 0.01
Integer overflow or wraparound in Windows Hyper-V allows an authorized attacker to disclose information over an adjacent network.
- risk 0.36cvss 5.5epss 0.00
Exposure of sensitive information to an unauthorized actor in Windows Hyper-V allows an authorized attacker to disclose information locally.
- risk 0.36cvss 5.5epss 0.01
An information disclosure vulnerability exists when Windows Hyper-V writes uninitialized memory to disk, aka 'Windows Hyper-V Information Disclosure Vulnerability'.
- risk 0.35cvss 5.4epss 0.02
An information disclosure vulnerability exists when Windows Hyper-V running on a Windows 8.1, Windows Server 2012. or Windows Server 2012 R2 host operating system fails to properly validate input from an authenticated user on a guest operating system, aka "Hyper-V Information…
- risk 0.31cvss 4.7epss 0.00
Windows Hyper-V Denial of Service Vulnerability
- risk 0.30cvss 4.6epss 0.01
Windows Hyper-V Security Feature Bypass Vulnerability
- CVE-2026-21244Feb 10, 2026risk 0.03cvss —epss 0.01
Heap-based buffer overflow in Windows Hyper-V allows an authorized attacker to execute code locally.
Page 3 of 4