Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
MicrosoftWindows Server 2012

3536 matches found

CVE
CVEadded 2025/05/13 5:15 p.m.51 views

CVE-2025-29968

Improper input validation in Active Directory Certificate Services (AD CS) allows an authorized attacker to deny service over a network.

6.5CVSS6.6AI score0.00231EPSS
CVE
CVEadded 2025/06/10 5:21 p.m.51 views

CVE-2025-32713

Heap-based buffer overflow in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.

7.8CVSS7.8AI score0.00066EPSS
CVE
CVEadded 2013/09/11 2:3 p.m.50 views

CVE-2013-1343

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application, aka "Win32k Multi...

7.2CVSS6.2AI score0.01084EPSS
CVE
CVEadded 2013/09/11 2:3 p.m.50 views

CVE-2013-3866

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application, aka "Win32k Eleva...

7.2CVSS6.5AI score0.0059EPSS
CVE
CVEadded 2015/03/11 10:59 a.m.50 views

CVE-2015-0084

The Task Scheduler in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly constrain impersonation levels, which allows local users to bypass intended restrictions on launching executable files vi...

2.1CVSS6.1AI score0.01221EPSS
CVE
CVEadded 2015/11/11 12:59 p.m.50 views

CVE-2015-6109

The kernel in Microsoft Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to bypass the KASLR protection mechanism, and consequently discover a driver base address, via a crafted application, aka "Windows Kernel Memory Information Disclosure Vulner...

2.1CVSS5.8AI score0.0288EPSS
CVE
CVEadded 2016/04/12 11:59 p.m.50 views

CVE-2016-0089

Hyper-V in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, and Windows 10 allows guest OS users to obtain sensitive information from host OS memory via a crafted application, aka "Hyper-V Information Disclosure Vulnerability."

7.1CVSS6.4AI score0.00921EPSS
CVE
CVEadded 2016/03/09 11:59 a.m.50 views

CVE-2016-0092

OLE in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via a crafted file, aka "Windows OLE Memory Remote Code Execution Vulne...

9.3CVSS8AI score0.47205EPSS
CVE
CVEadded 2025/05/13 5:15 p.m.50 views

CVE-2025-29832

Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.

6.5CVSS6.5AI score0.00074EPSS
CVE
CVEadded 2025/05/13 5:15 p.m.50 views

CVE-2025-29957

Uncontrolled resource consumption in Windows Deployment Services allows an unauthorized attacker to deny service locally.

6.2CVSS7AI score0.0043EPSS
CVE
CVEadded 2025/05/13 5:16 p.m.50 views

CVE-2025-30385

Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.

7.8CVSS7.5AI score0.00066EPSS
CVE
CVEadded 2025/06/10 5:22 p.m.50 views

CVE-2025-33057

Null pointer dereference in Windows Local Security Authority (LSA) allows an authorized attacker to deny service over a network.

6.5CVSS6.3AI score0.00217EPSS
CVE
CVEadded 2013/12/11 12:55 a.m.49 views

CVE-2013-3907

portcls.sys in the kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application, aka "Port-Class Driver Double Fetch Vulnerability."

7.2CVSS6.4AI score0.01105EPSS
CVE
CVEadded 2015/03/11 10:59 a.m.49 views

CVE-2015-0087

Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to obtain sensitive information from kernel memory, and possibly...

5CVSS5.7AI score0.19489EPSS
CVE
CVEadded 2015/05/13 10:59 a.m.49 views

CVE-2015-1698

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow remote attackers to execute arbitrary code via a crafted Journal file, aka "Windows Journal Remote Code Execution Vulnerability,...

9.3CVSS7.8AI score0.33094EPSS
CVE
CVEadded 2016/03/09 11:59 a.m.49 views

CVE-2016-0091

OLE in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via a crafted file, aka "Windows OLE Memory Remote Code Execution Vulne...

7.8CVSS8AI score0.47205EPSS
CVE
CVEadded 2025/05/13 5:15 p.m.49 views

CVE-2025-29830

Use of uninitialized resource in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.

6.5CVSS6.9AI score0.00223EPSS
CVE
CVEadded 2025/05/13 5:15 p.m.49 views

CVE-2025-29958

Use of uninitialized resource in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.

6.5CVSS6.6AI score0.00229EPSS
CVE
CVEadded 2025/06/10 5:21 p.m.49 views

CVE-2025-32716

Out-of-bounds read in Windows Media allows an authorized attacker to elevate privileges locally.

7.8CVSS7.5AI score0.00066EPSS
CVE
CVEadded 2025/07/08 5:15 p.m.49 views

CVE-2025-48817

Relative path traversal in Remote Desktop Client allows an unauthorized attacker to execute code over a network.

8.8CVSS7AI score0.00071EPSS
CVE
CVEadded 2013/11/13 12:55 a.m.48 views

CVE-2013-3887

The Ancillary Function Driver (AFD) in afd.sys in the kernel-mode drivers in Microsoft Windows XP SP2, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, and Windows Server 2012 allows local users to obtain sensitive information from kernel mem...

4.9CVSS5.4AI score0.00433EPSS
CVE
CVEadded 2025/05/13 5:15 p.m.48 views

CVE-2025-29956

Buffer over-read in Windows SMB allows an authorized attacker to disclose information over a network.

5.4CVSS6.7AI score0.00079EPSS
CVE
CVEadded 2025/06/10 5:21 p.m.48 views

CVE-2025-32714

Improper access control in Windows Installer allows an authorized attacker to elevate privileges locally.

7.8CVSS7.6AI score0.00061EPSS
CVE
CVEadded 2016/03/09 11:59 a.m.47 views

CVE-2016-0121

The Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via a crafted OpenType font, aka "OpenType F...

9.3CVSS8.7AI score0.4068EPSS
CVE
CVEadded 2025/08/12 6:15 p.m.46 views

CVE-2025-50154

Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an unauthorized attacker to perform spoofing over a network.

7.5CVSS6.6AI score0.00842EPSS
Web
CVE
CVEadded 2013/05/15 3:36 a.m.45 views

CVE-2013-1305

HTTP.sys in Microsoft Windows 8, Windows Server 2012, and Windows RT allows remote attackers to cause a denial of service (infinite loop) via a crafted HTTP header, aka "HTTP.sys Denial of Service Vulnerability."

7.8CVSS6.4AI score0.86255EPSS
Web
CVE
CVEadded 2015/04/14 8:59 p.m.45 views

CVE-2015-1647

Virtual Machine Manager (VMM) in Hyper-V in Microsoft Windows 8.1 and Windows Server 2012 R2 allows guest OS users to cause a denial of service (VMM functionality loss) via a crafted application, aka "Windows Hyper-V DoS Vulnerability."

2.1CVSS6.3AI score0.00439EPSS
CVE
CVEadded 2025/07/08 5:15 p.m.45 views

CVE-2025-48824

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.

8.8CVSS7.5AI score0.00072EPSS
CVE
CVEadded 2025/07/08 5:15 p.m.45 views

CVE-2025-49721

Heap-based buffer overflow in Windows Fast FAT Driver allows an unauthorized attacker to elevate privileges locally.

7.8CVSS7AI score0.00068EPSS
CVE
CVEadded 2025/07/08 5:16 p.m.44 views

CVE-2025-49735

Use after free in Windows KDC Proxy Service (KPSSVC) allows an unauthorized attacker to execute code over a network.

8.1CVSS7.3AI score0.00161EPSS
CVE
CVEadded 2025/07/08 5:15 p.m.43 views

CVE-2025-47973

Buffer over-read in Virtual Hard Disk (VHDX) allows an unauthorized attacker to elevate privileges locally.

7.8CVSS6.5AI score0.00068EPSS
CVE
CVEadded 2025/07/08 5:15 p.m.42 views

CVE-2025-49689

Integer overflow or wraparound in Virtual Hard Disk (VHDX) allows an unauthorized attacker to elevate privileges locally.

7.8CVSS6.8AI score0.00087EPSS
CVE
CVEadded 2025/07/08 5:15 p.m.41 views

CVE-2025-47971

Buffer over-read in Virtual Hard Disk (VHDX) allows an unauthorized attacker to elevate privileges locally.

7.8CVSS6.5AI score0.00068EPSS
CVE
CVEadded 2012/12/12 12:55 a.m.40 views

CVE-2012-2549

The IP-HTTPS server in Windows Server 2008 R2 and R2 SP1 and Server 2012 does not properly validate certificates, which allows remote attackers to bypass intended access restrictions via a revoked certificate, aka "Revoked Certificate Bypass Vulnerability."

5.8CVSS6.7AI score0.09141EPSS
CVE
CVEadded 2025/07/08 5:15 p.m.40 views

CVE-2025-49683

Integer overflow or wraparound in Virtual Hard Disk (VHDX) allows an unauthorized attacker to execute code locally.

7.8CVSS7.2AI score0.00506EPSS
CVE
CVEadded 2025/07/08 5:15 p.m.39 views

CVE-2025-47998

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.

8.8CVSS7.5AI score0.00079EPSS
CVE
CVEadded 2025/07/08 5:16 p.m.39 views

CVE-2025-49753

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.

8.8CVSS7.5AI score0.00072EPSS
CVE
CVEadded 2025/07/08 5:15 p.m.37 views

CVE-2025-49716

Uncontrolled resource consumption in Windows Netlogon allows an unauthorized attacker to deny service over a network.

7.5CVSS6.4AI score0.09023EPSS
CVE
CVEadded 2025/07/08 5:15 p.m.34 views

CVE-2025-49686

Null pointer dereference in Windows TCP/IP allows an authorized attacker to elevate privileges locally.

7.8CVSS6.5AI score0.00057EPSS
CVE
CVEadded 2025/08/12 6:15 p.m.32 views

CVE-2025-53766

Heap-based buffer overflow in Windows GDI+ allows an unauthorized attacker to execute code over a network.

9.8CVSS8AI score0.00129EPSS
CVE
CVEadded 2025/07/08 5:15 p.m.31 views

CVE-2025-48804

Acceptance of extraneous untrusted data with trusted data in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack.

6.8CVSS6.3AI score0.00037EPSS
CVE
CVEadded 2025/07/08 5:15 p.m.31 views

CVE-2025-48815

Access of resource using incompatible type ('type confusion') in Windows SSDP Service allows an authorized attacker to elevate privileges locally.

7.8CVSS6.5AI score0.00141EPSS
CVE
CVEadded 2025/07/08 5:15 p.m.31 views

CVE-2025-49669

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.

8.8CVSS7.5AI score0.00072EPSS
CVE
CVEadded 2025/07/08 5:15 p.m.31 views

CVE-2025-49670

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.

6.5CVSS7.5AI score0.00064EPSS
CVE
CVEadded 2025/07/08 5:15 p.m.31 views

CVE-2025-49722

Uncontrolled resource consumption in Windows Print Spooler Components allows an authorized attacker to deny service over an adjacent network.

5.7CVSS6.5AI score0.00666EPSS
CVE
CVEadded 2025/07/08 5:15 p.m.30 views

CVE-2025-47980

Exposure of sensitive information to an unauthorized actor in Windows Imaging Component allows an unauthorized attacker to disclose information locally.

6.2CVSS6AI score0.00056EPSS
CVE
CVEadded 2025/07/08 5:15 p.m.30 views

CVE-2025-47986

Use after free in Universal Print Management Service allows an authorized attacker to elevate privileges locally.

8.8CVSS7AI score0.00057EPSS
CVE
CVEadded 2025/07/08 5:15 p.m.30 views

CVE-2025-48816

Integer overflow or wraparound in HID class driver allows an authorized attacker to elevate privileges locally.

7.8CVSS6.8AI score0.00078EPSS
CVE
CVEadded 2025/07/08 5:15 p.m.30 views

CVE-2025-49659

Buffer over-read in Windows TDX.sys allows an authorized attacker to elevate privileges locally.

7.8CVSS6.5AI score0.00057EPSS
CVE
CVEadded 2025/07/08 5:15 p.m.30 views

CVE-2025-49663

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.

8.8CVSS7.5AI score0.00072EPSS
Total number of security vulnerabilities3536