Windows Server 2012 Security Vulnerabilities and Issues — Page 69 of Windows Server 2012 CVE List

Lucene search

MicrosoftWindows Server 2012

3486 matches found

CVE•added 2016/03/09 11:59 a.m.•49 views

CVE-2016-0092

OLE in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via a crafted file, aka "Windows OLE Memory Remote Code Execution Vulne...

9.3CVSS8AI score0.47205EPSS

CVE•added 2025/06/10 5:22 p.m.•49 views

CVE-2025-32724

Uncontrolled resource consumption in Windows Local Security Authority Subsystem Service (LSASS) allows an unauthorized attacker to deny service over a network.

7.5CVSS7.4AI score0.02491EPSS

CVE•added 2025/06/10 5:22 p.m.•49 views

CVE-2025-33064

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to execute code over a network.

8.8CVSS9.1AI score0.00089EPSS

CVE•added 2013/12/11 12:55 a.m.•48 views

CVE-2013-3907

portcls.sys in the kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application, aka "Port-Class Driver Double Fetch Vulnerability."

7.2CVSS6.4AI score0.01105EPSS

CVE•added 2015/03/11 10:59 a.m.•48 views

CVE-2015-0087

Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to obtain sensitive information from kernel memory, and possibly...

5CVSS5.7AI score0.19489EPSS

CVE•added 2015/05/13 10:59 a.m.•48 views

CVE-2015-1698

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow remote attackers to execute arbitrary code via a crafted Journal file, aka "Windows Journal Remote Code Execution Vulnerability,...

9.3CVSS7.8AI score0.33094EPSS

CVE•added 2016/03/09 11:59 a.m.•48 views

CVE-2016-0091

7.8CVSS8AI score0.47205EPSS

CVE•added 2025/05/13 5:15 p.m.•48 views

CVE-2025-29960

Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.

6.5CVSS6.3AI score0.00074EPSS

CVE•added 2025/05/13 5:15 p.m.•48 views

CVE-2025-29961

Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.

6.5CVSS6.3AI score0.00074EPSS

CVE•added 2025/06/10 5:21 p.m.•48 views

CVE-2025-32713

Heap-based buffer overflow in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.

7.8CVSS7.8AI score0.00057EPSS

CVE•added 2025/05/13 5:16 p.m.•47 views

CVE-2025-30385

Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.

7.8CVSS7.5AI score0.00066EPSS

CVE•added 2025/06/10 5:22 p.m.•47 views

CVE-2025-33057

Null pointer dereference in Windows Local Security Authority (LSA) allows an authorized attacker to deny service over a network.

6.5CVSS6.3AI score0.00187EPSS

CVE•added 2013/11/13 12:55 a.m.•46 views

CVE-2013-3887

The Ancillary Function Driver (AFD) in afd.sys in the kernel-mode drivers in Microsoft Windows XP SP2, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, and Windows Server 2012 allows local users to obtain sensitive information from kernel mem...

4.9CVSS5.4AI score0.00433EPSS

CVE•added 2016/03/09 11:59 a.m.•46 views

CVE-2016-0121

The Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via a crafted OpenType font, aka "OpenType F...

9.3CVSS8.7AI score0.4068EPSS

CVE•added 2025/05/13 5:15 p.m.•46 views

CVE-2025-29832

Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.

6.5CVSS6.5AI score0.00074EPSS

CVE•added 2025/05/13 5:15 p.m.•46 views

CVE-2025-29957

Uncontrolled resource consumption in Windows Deployment Services allows an unauthorized attacker to deny service locally.

6.2CVSS7AI score0.0043EPSS

CVE•added 2025/05/13 5:15 p.m.•46 views

CVE-2025-29968

Improper input validation in Active Directory Certificate Services (AD CS) allows an authorized attacker to deny service over a network.

6.5CVSS6.6AI score0.00231EPSS

CVE•added 2025/06/10 5:21 p.m.•46 views

CVE-2025-32716

Out-of-bounds read in Windows Media allows an authorized attacker to elevate privileges locally.

7.8CVSS7.5AI score0.00057EPSS

CVE•added 2025/05/13 5:15 p.m.•45 views

CVE-2025-29830

Use of uninitialized resource in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.

6.5CVSS6.9AI score0.00223EPSS

CVE•added 2025/05/13 5:15 p.m.•45 views

CVE-2025-29956

Buffer over-read in Windows SMB allows an authorized attacker to disclose information over a network.

5.4CVSS6.7AI score0.00079EPSS

CVE•added 2025/05/13 5:15 p.m.•45 views

CVE-2025-29958

Use of uninitialized resource in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.

6.5CVSS6.6AI score0.00229EPSS

CVE•added 2025/06/10 5:21 p.m.•45 views

CVE-2025-32714

Improper access control in Windows Installer allows an authorized attacker to elevate privileges locally.

7.8CVSS7.6AI score0.00052EPSS

CVE•added 2013/05/15 3:36 a.m.•44 views

CVE-2013-1305

HTTP.sys in Microsoft Windows 8, Windows Server 2012, and Windows RT allows remote attackers to cause a denial of service (infinite loop) via a crafted HTTP header, aka "HTTP.sys Denial of Service Vulnerability."

7.8CVSS6.4AI score0.86255EPSS

CVE•added 2015/04/14 8:59 p.m.•44 views

CVE-2015-1647

Virtual Machine Manager (VMM) in Hyper-V in Microsoft Windows 8.1 and Windows Server 2012 R2 allows guest OS users to cause a denial of service (VMM functionality loss) via a crafted application, aka "Windows Hyper-V DoS Vulnerability."

2.1CVSS6.3AI score0.00439EPSS

CVE•added 2012/12/12 12:55 a.m.•39 views

CVE-2012-2549

The IP-HTTPS server in Windows Server 2008 R2 and R2 SP1 and Server 2012 does not properly validate certificates, which allows remote attackers to bypass intended access restrictions via a revoked certificate, aka "Revoked Certificate Bypass Vulnerability."

5.8CVSS6.7AI score0.09141EPSS

CVE•added 2025/07/08 5:15 p.m.•24 views

CVE-2025-47981

Heap-based buffer overflow in Windows SPNEGO Extended Negotiation allows an unauthorized attacker to execute code over a network.

9.8CVSS7.4AI score0.00129EPSS

CVE•added 2025/07/08 5:15 p.m.•20 views

CVE-2025-48817

Relative path traversal in Remote Desktop Client allows an unauthorized attacker to execute code over a network.

8.8CVSS7AI score0.00047EPSS

CVE•added 2025/07/08 5:15 p.m.•18 views

CVE-2025-48001

Time-of-check time-of-use (toctou) race condition in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack.

6.8CVSS6.2AI score0.00068EPSS

CVE•added 2025/07/08 5:15 p.m.•18 views

CVE-2025-48815

Access of resource using incompatible type ('type confusion') in Windows SSDP Service allows an authorized attacker to elevate privileges locally.

7.8CVSS6.5AI score0.00122EPSS

CVE•added 2025/07/08 5:15 p.m.•18 views

CVE-2025-49670

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.

6.5CVSS7.5AI score0.00058EPSS

CVE•added 2025/07/08 5:15 p.m.•17 views

CVE-2025-47986

Use after free in Universal Print Management Service allows an authorized attacker to elevate privileges locally.

8.8CVSS7AI score0.00049EPSS

CVE•added 2025/07/08 5:15 p.m.•17 views

CVE-2025-48804

Acceptance of extraneous untrusted data with trusted data in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack.

6.8CVSS6.3AI score0.00034EPSS

CVE•added 2025/07/08 5:15 p.m.•17 views

CVE-2025-49659

Buffer over-read in Windows TDX.sys allows an authorized attacker to elevate privileges locally.

7.8CVSS6.5AI score0.00049EPSS

CVE•added 2025/07/08 5:16 p.m.•17 views

CVE-2025-49735

Use after free in Windows KDC Proxy Service (KPSSVC) allows an unauthorized attacker to execute code over a network.

8.1CVSS7.3AI score0.00145EPSS

CVE•added 2025/07/08 5:15 p.m.•16 views

CVE-2025-47971

Buffer over-read in Virtual Hard Disk (VHDX) allows an unauthorized attacker to elevate privileges locally.

7.8CVSS6.5AI score0.00062EPSS

CVE•added 2025/07/08 5:15 p.m.•16 views

CVE-2025-47980

Exposure of sensitive information to an unauthorized actor in Windows Imaging Component allows an unauthorized attacker to disclose information locally.

6.2CVSS6AI score0.00067EPSS

CVE•added 2025/07/08 5:15 p.m.•16 views

CVE-2025-47984

Protection mechanism failure in Windows GDI allows an unauthorized attacker to disclose information over a network.

7.5CVSS6.1AI score0.00122EPSS

CVE•added 2025/07/08 5:15 p.m.•16 views

CVE-2025-47985

Untrusted pointer dereference in Windows Event Tracing allows an authorized attacker to elevate privileges locally.

7.8CVSS6.5AI score0.00049EPSS

CVE•added 2025/07/08 5:15 p.m.•16 views

CVE-2025-47987

Heap-based buffer overflow in Windows Cred SSProvider Protocol allows an authorized attacker to elevate privileges locally.

7.8CVSS7AI score0.00067EPSS

CVE•added 2025/07/08 5:15 p.m.•16 views

CVE-2025-47998

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.

8.8CVSS7.5AI score0.00071EPSS

CVE•added 2025/07/08 5:15 p.m.•16 views

CVE-2025-48814

Missing authentication for critical function in Windows Remote Desktop Licensing Service allows an unauthorized attacker to bypass a security feature over a network.

7.5CVSS6.9AI score0.00097EPSS

CVE•added 2025/07/08 5:15 p.m.•16 views

CVE-2025-49668

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.

8.8CVSS7.5AI score0.00065EPSS

CVE•added 2025/07/08 5:15 p.m.•16 views

CVE-2025-49669

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.

8.8CVSS7.5AI score0.00065EPSS

CVE•added 2025/07/08 5:15 p.m.•16 views

CVE-2025-49674

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.

8.8CVSS7.5AI score0.00065EPSS

CVE•added 2025/07/08 5:15 p.m.•16 views

CVE-2025-49675

Use after free in Kernel Streaming WOW Thunk Service Driver allows an authorized attacker to elevate privileges locally.

7.8CVSS6.9AI score0.00049EPSS

CVE•added 2025/07/08 5:15 p.m.•16 views

CVE-2025-49678

Null pointer dereference in Windows NTFS allows an authorized attacker to elevate privileges locally.

7CVSS6.5AI score0.00041EPSS

CVE•added 2025/07/08 5:15 p.m.•16 views

CVE-2025-49716

Uncontrolled resource consumption in Windows Netlogon allows an unauthorized attacker to deny service over a network.

7.5CVSS6.4AI score0.01673EPSS

CVE•added 2025/07/08 5:16 p.m.•16 views

CVE-2025-49729

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.

8.8CVSS7.5AI score0.00065EPSS

CVE•added 2025/07/08 5:15 p.m.•15 views

CVE-2025-47976

Use after free in Windows SSDP Service allows an authorized attacker to elevate privileges locally.

7.8CVSS7AI score0.00049EPSS

CVE•added 2025/07/08 5:15 p.m.•15 views

CVE-2025-47996

Integer underflow (wrap or wraparound) in Windows MBT Transport driver allows an authorized attacker to elevate privileges locally.

7.8CVSS6.5AI score0.00067EPSS

Total number of security vulnerabilities3486