Lucene search
K
MicrosoftWindows Server 2012*

147 matches found

CVE
CVE
added 2024/08/13 5:29 p.m.1020 views

CVE-2024-38063

CVE-2024-38063 is a Windows IPv6/tcpip.sys vulnerability involving improper handling of IPv6 extension headers and fragmentation. Technical material in connected docs shows an integer underflow in the IPv6 fragment reassembly path (Ipv6pReassemblyTimeout) and a risky code path where IppSendErrorL...

9.8CVSS9.8AI score0.70564EPSS
CVE
CVE
added 2020/11/11 12:0 a.m.1019 views

CVE-2020-17049

CVE-2020-17049 is a Kerberos KDC service-ticket delegation bypass in IBM Application Gateway, enabling a compromised service using Kerberos Constrained Delegation to tamper with service tickets and force KDC acceptance. The vulnerability affects IBM Application Gateway versions 19.12–24.06. IBM’s...

9CVSS6.8AI score0.13794EPSS
In wild
CVE
CVE
added 2024/08/13 5:29 p.m.329 views

CVE-2024-38193

CVE-2024-38193 concerns the Windows Ancillary Function Driver for WinSock (AFD) used by Winsock. The vulnerability is a local privilege-escalation issue in the AFD/WinSock stack, with a resource-management error cited by CNNVD and a privilege-escalation capability described by CISA KEV. Public ex...

7.8CVSS7.7AI score0.27561EPSS
In wildWeb
CVE
CVE
added 2024/08/13 5:29 p.m.310 views

CVE-2024-38213

CVE-2024-38213 is a Windows Mark of the Web (MoTW) security feature bypass vulnerability. Affected software involves Windows MoTW handling; the flaw allows downloaded web-origin files to bypass warnings/ protections, enabling potentially malicious content to execute. Exploitation information in c...

6.5CVSS6.5AI score0.1337EPSS
In wild
CVE
CVE
added 2018/05/09 7:0 p.m.287 views

CVE-2018-8166

The CVE-2018-8166 entry is supported by connected documents describing a Win32k privilege-escalation vulnerability in Windows where the Win32k component mishandles objects in memory, allowing local kernel-mode code execution if exploited. Affected products span multiple Windows versions (e.g., Wi...

7CVSS7.4AI score0.01169EPSS
In wild
CVE
CVE
added 2020/11/11 6:48 a.m.287 views

CVE-2020-17051

Technical details for CVE-2020-17051 are not provided in the supplied documents. Public details (affected product/version, exploitability, or fixes) are not included here; monitor for updates in the connected sources.

10CVSS9.6AI score0.09857EPSS
CVE
CVE
added 2018/05/09 7:0 p.m.283 views

CVE-2018-8164

CVE-2018-8164 is a Win32k privilege-escalation vulnerability in Windows where the Win32k component fails to properly handle objects in memory. Affected are multiple Windows releases (server and client SKUs listed in the CVE entry). The connected documents corroborate a kernel-mode elevation of pr...

7.8CVSS7.4AI score0.01424EPSS
In wild
CVE
CVE
added 2024/09/10 4:54 p.m.269 views

CVE-2024-30073

CVE-2024-30073 is a Windows Security Zone Mapping security feature bypass vulnerability. The public records show a CVSS v3.1 base score of 7.8 (High) with Local attack vector, low attack complexity, no privileges required, but user interaction required, and impact to confidentiality, integrity, a...

7.8CVSS8.6AI score0.00899EPSS
CVE
CVE
added 2024/08/13 5:30 p.m.267 views

CVE-2024-38118

Technical details (affected component, root cause, exploit info, patch status) for CVE-2024-38118 are not provided in the connected documents. The initial description notes LSA server information disclosure but lacks concrete specifics; monitor for updates.

5.5CVSS5.2AI score0.00629EPSS
CVE
CVE
added 2024/08/13 5:30 p.m.265 views

CVE-2024-38107

CVE-2024-38107 is a Windows Privilege Escalation vulnerability in the Power Dependency Coordinator. Affected component: Windows Power Dependency Coordinator. Impact: local attacker with low privileges can obtain SYSTEM privileges (vector: local, no user interaction). Root cause details are not pr...

7.8CVSS7.7AI score0.01635EPSS
In wild
CVE
CVE
added 2024/02/13 6:2 p.m.259 views

CVE-2024-21358

Technical details about CVE-2024-21358 (Microsoft WDAC OLE DB provider for SQL Server remote code execution) are not provided in the supplied documents. Monitor for official updates from Microsoft and trusted security advisories for affected products, mitigations, and fixes.

8.8CVSS9.2AI score0.01768EPSS
CVE
CVE
added 2024/03/12 4:58 p.m.256 views

CVE-2024-26174

CVE-2024-26174 is a Windows Kernel Information Disclosure Vulnerability. The connected sources specify the issue as an out-of-bounds read of key node security in CmpValidateHiveSecurityDescriptors when loading corrupted registry hives, enabling potential leakage of kernel/registry data. Affected ...

5.5CVSS6.6AI score0.00928EPSS
CVE
CVE
added 2024/02/13 6:2 p.m.245 views

CVE-2024-21406

Technical details about CVE-2024-21406 are not publicly provided in the supplied documents. No affected product/version/impact specifics are given beyond the generic description. Monitor for updates from official advisories.

7.5CVSS7.7AI score0.00856EPSS
CVE
CVE
added 2024/08/13 5:30 p.m.202 views

CVE-2024-38153

CVE-2024-38153 is a Windows Kernel elevation-of-privilege vulnerability. The CVSSv3.1 base score is 7.8 (High) with Local attack vector, Low attack complexity, Privileges Required: Low, User Interaction: None, and impact on Confidentiality, Integrity, and Availability: High. The vulnerability aff...

7.8CVSS7.7AI score0.00513EPSS
CVE
CVE
added 2017/08/08 9:0 p.m.192 views

CVE-2017-0174

CVE-2017-0174 is a Windows NetBIOS Denial of Service vulnerability. Exploitation involves sending malformed NetBIOS packets to affected Windows versions (Windows 7/8.1/10, Windows Server 2008-2016 and related). The underlying cause is improper handling within the Windows NetBIOS/network stack, al...

6.5CVSS6.9AI score0.0258EPSS
CVE
CVE
added 2024/08/13 5:30 p.m.190 views

CVE-2024-29995

CVE-2024-29995 is a Windows Kerberos Elevation of Privilege vulnerability. The connected data shows it affects the Windows Kerberos component and is rated with CVSSv3.1 base score 8.1 (vector: AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H), indicating network-prone access with high impact and no user inter...

8.1CVSS8.2AI score0.01461EPSS
CVE
CVE
added 2020/11/11 6:48 a.m.181 views

CVE-2020-17042

CVE-2020-17042 is a Windows Print Spooler remote code execution vulnerability. The CVE entry identifies the affected component as the Windows Print Spooler and indicates a network-based attack with high impact (base score 8.8/3.1 CVSS) and user interaction required. The connected documents provid...

9.3CVSS9.3AI score0.04732EPSS
CVE
CVE
added 2024/08/13 5:29 p.m.170 views

CVE-2024-38199

Technical details about CVE-2024-38199 are not publicly provided in the connected documents. Monitor for updates from Microsoft and NVD for affected products, fixes, and exploit information.

9.8CVSS9.8AI score0.0223EPSS
CVE
CVE
added 2024/08/13 5:30 p.m.168 views

CVE-2024-37968

CVE-2024-37968 is a Windows DNS Spoofing vulnerability rated High (CVSS 7.5) with network attack vector and impact on confidentiality. The connected documents confirm this CVE affects Windows DNS and that Microsoft released fixes in the August 2024 updates (examples: KB5041578, KB5041160, KB50418...

7.5CVSS7.5AI score0.01019EPSS
CVE
CVE
added 2024/08/13 5:30 p.m.161 views

CVE-2024-38144

CVE-2024-38144 is a local elevation-of-privilege vulnerability in the Windows Kernel Streaming WOW Thunk Service Driver. The connected sources state a local attacker could obtain SYSTEM privileges and that exploit code appeared in the TyphoonPWN 2024 event, with a write‑up from SSD Secure Disclos...

8.8CVSS8.8AI score0.32347EPSS
CVE
CVE
added 2024/08/13 5:30 p.m.156 views

CVE-2024-38131

Technical details about CVE-2024-38131 are not publicly provided in the connected documents. The available material lacks product/version/root-cause/remediation specifics. Monitor official advisories/updates for concrete information.

8.8CVSS9AI score0.01237EPSS
CVE
CVE
added 2017/04/12 2:0 p.m.150 views

CVE-2017-0158

CVE-2017-0158 is a Windows scripting engine memory corruption vulnerability. The issue arises from improper handling/sanitization of in-memory handles in the Scripting Engine, enabling remote code execution when a user visits a malicious site or opens a crafted document. Affected platforms includ...

7.6CVSS7.5AI score0.12558EPSS
CVE
CVE
added 2024/08/13 5:30 p.m.146 views

CVE-2024-38140

CVE-2024-38140 is a Windows RMCAST (Reliable Multicast Transport Driver) remote code execution vulnerability rated CRITICAL (CVSS 3.1: 9.8). The entry indicates an in-network attacker could remotely execute arbitrary code, with no privileges required and no user interaction, under the RMCAST comp...

9.8CVSS9.8AI score0.0381EPSS
CVE
CVE
added 2018/02/15 2:0 a.m.144 views

CVE-2018-0842

CVE-2018-0842 : Windows kernel elevation-of-privilege vulnerability affecting multiple Windows client and server editions (Windows 7 SP1, Windows 8.1/RT 8.1, Windows Server 2008 SP2/R2 SP1, 2012/R2, 2016, 1703–1709 and 1709 variants, Windows 10 releases). The issue arises from how memory objects ...

7CVSS6.8AI score0.01029EPSS
CVE
CVE
added 2024/08/13 5:30 p.m.143 views

CVE-2024-38152

CVE-2024-38152 is listed under Windows WDAC OLE DB provider for SQL with a CVSS and impact of 7.80 (Execute Random Code). The connected documents confirm the affected component and the vulnerability’s label, but do not provide concrete details on root cause, affected versions, exploit scenarios, ...

7.8CVSS7.9AI score0.00879EPSS
CVE
CVE
added 2024/08/13 5:29 p.m.142 views

CVE-2024-38196

CVE-2024-38196 is tied to the Windows Common Log File System Driver and is described as an Elevation of Privilege (local) vulnerability. The CVE is listed with a CVSSv3.1 base score of 7.8 (HIGH) and a local attack vector with low attack complexity, requiring low privileges and no user interactio...

7.8CVSS7.7AI score0.05722EPSS
In wild
CVE
CVE
added 2017/04/12 2:0 p.m.139 views

CVE-2017-0211

CVE-2017-0211 is a Windows OLE/COM elevation-of-privilege issue where a Structured Storage object can be exposed across a security boundary via a property bag, enabling creation of a remote COM object in the server process and potential privilege escalation. Google Project Zero details show how I...

5.5CVSS6.4AI score0.13975EPSS
CVE
CVE
added 2018/05/09 7:0 p.m.136 views

CVE-2018-0959

CVE-2018-0959 is a remote code execution vulnerability in Windows Hyper-V where a host server fails to validate input from an authenticated user on a guest OS. Affected products include Windows clients and server editions listed in the description (e.g., Windows 7, 8.1; Windows Server 2008-2016; ...

7.6CVSS7.9AI score0.09437EPSS
CVE
CVE
added 2018/05/09 7:0 p.m.136 views

CVE-2018-8167

CVE-2018-8167 is a Windows CLFS driver elevation of privilege vulnerability. The issue arises when the Windows Common Log File System (CLFS) driver improperly handles objects in memory. Affected products/versions include Windows 7, Windows Server 2008/2008 R2/2012/2012 R2, Windows 8.1, Windows 10...

7CVSS7.3AI score0.00992EPSS
CVE
CVE
added 2024/08/13 5:30 p.m.133 views

CVE-2024-38117

CVE-2024-38117 affects the Windows NTFS component and is labeled as an elevation-of-privilege vulnerability with the impact “Obtaining Increased Rights” and a CVSS v3.1 base score of 7.8 (High). The connected documents provide the impact and the component but do not disclose the exact root cause ...

7.8CVSS7.7AI score0.00693EPSS
CVE
CVE
added 2017/04/12 2:0 p.m.131 views

CVE-2017-0181

CVE-2017-0181 affects the Windows Hyper-V Network Switch on Windows 10/Windows Server 2016 hosts. The vulnerability is a remote code execution caused by improper validation of input from the guest OS, requiring an authenticated user on the guest. Connected sources confirm Hyper-V input validation...

7.6CVSS7.8AI score0.03147EPSS
CVE
CVE
added 2018/02/15 2:0 a.m.131 views

CVE-2018-0825

CVE-2018-0825 corresponds to a Microsoft StructuredQuery remote code execution vulnerability. According to the CNVD entry, it exists in Microsoft Windows’ StructuredQuery component and stems from improper handling of objects in memory, enabling a remote attacker to execute arbitrary code when a s...

7.6CVSS7.3AI score0.16778EPSS
CVE
CVE
added 2018/03/14 5:0 p.m.131 views

CVE-2018-0898

Technical details about CVE-2018-0898 are not publicly available in the provided connected documents. Monitor for updates; no explicit affected products, root cause, impact, or remediation are detailed here.

4.7CVSS4.7AI score0.02201EPSS
CVE
CVE
added 2017/12/12 9:0 p.m.128 views

CVE-2017-11927

Technical details about CVE-2017-11927 are not publicly available in the provided connected documents. Monitor for updates; include affected products/versions and remediation when disclosures become available.

6.5CVSS6.9AI score0.09617EPSS
CVE
CVE
added 2018/03/14 5:0 p.m.128 views

CVE-2018-0811

Technical details are not publicly available in the provided connected documents. Monitor for updates on EUVD entries and any new disclosures related to CVE-2018-0811.

5.5CVSS4.8AI score0.0188EPSS
CVE
CVE
added 2018/02/15 2:0 a.m.128 views

CVE-2018-0846

The connected documents confirm CVE-2018-0846 affects the Windows Common Log File System (CLFS) driver and describes an elevation-of-privilege flaw caused by improper handling of objects in memory. Affected products include various Windows client/server builds (Windows 7 SP1, Windows 8.1/RT 8.1, ...

7.8CVSS6.8AI score0.01239EPSS
CVE
CVE
added 2024/08/13 5:30 p.m.128 views

CVE-2024-38115

Technical details for CVE-2024-38115 are not publicly available in the provided documents. Monitor for updates.

8.8CVSS9AI score0.01536EPSS
CVE
CVE
added 2017/10/13 1:0 p.m.127 views

CVE-2017-11771

CVE-2017-11771 is a remote code execution vulnerability in the Microsoft Windows Search component. The issue arises from improper handling of DNS responses by the Windows Search service, allowing an unauthenticated, remote attacker to execute code on affected systems. The CVE is referenced alongs...

10CVSS9.6AI score0.64132EPSS
CVE
CVE
added 2024/08/13 5:30 p.m.127 views

CVE-2024-38127

CVE-2024-38127 is a Windows Hyper-V Elevation of Privilege vulnerability. The initial description identifies it as a Windows Hyper-V EoP with local attack vector, low privileges required, no user interaction, and an impact of high confidentiality, integrity, and availability. The CVSS 3.1 vector ...

7.8CVSS7.7AI score0.01618EPSS
CVE
CVE
added 2024/08/13 5:30 p.m.126 views

CVE-2024-38223

Technical details for CVE-2024-38223 are not publicly available in the provided documents. No information on affected products, root cause, or fixes is supplied here. Monitor sources for updates.

6.8CVSS6.7AI score0.00708EPSS
CVE
CVE
added 2018/03/14 5:0 p.m.125 views

CVE-2018-0897

CVE-2018-0897: Information disclosure in the Windows kernel across multiple Windows versions (Server 2008 SP2/R2 SP1, Windows 7 SP1, 8.1/RT 8.1, Server 2012/R2, Windows 10 1511–1709, Server 2016) due to how memory addresses are handled. The vulnerability is mapped to “Windows Kernel Information D...

4.7CVSS4.7AI score0.02435EPSS
CVE
CVE
added 2018/03/14 5:0 p.m.124 views

CVE-2018-0813

Technical details for CVE-2018-0813 are not publicly available in the provided documents. Monitor for updates from authoritative sources.

5.5CVSS4.8AI score0.0188EPSS
CVE
CVE
added 2018/03/14 5:0 p.m.123 views

CVE-2018-0896

CVE-2018-0896 affects the Windows kernel across multiple Windows client/server versions (Windows 7 SP1, Windows 8.1/RT 8.1, Windows 10 versions 1511–1709, Windows Server 2008 SP2/R2 SP1, 2012/R2, 2016, and 1709) where memory address handling allows an information disclosure vulnerability. Root ca...

4.7CVSS4.7AI score0.02175EPSS
CVE
CVE
added 2024/08/13 5:29 p.m.123 views

CVE-2024-38198

CVE-2024-38198 is a Windows Print Spooler elevation-of-privilege vulnerability. The connected data confirms the issue affects Windows Print Spooler Components and is categorized with a HIGH base severity (CVSS 3.1: 7.5) and impact as obtaining elevated privileges. The vulnerability is documented ...

7.5CVSS7.6AI score0.0079EPSS
CVE
CVE
added 2025/03/11 4:59 p.m.122 views

CVE-2025-24055

CVE-2025-24055 is a Windows USB Video Driver vulnerability described as an out-of-bounds read that could allow an authorized attacker to disclose information with a physical attack. The CVSSv3.1 base score is 4.3 (Medium), with privileges required as Low, attack vector Physical, and impact restri...

4.3CVSS4.1AI score0.00761EPSS
Web
CVE
CVE
added 2016/05/11 1:0 a.m.121 views

CVE-2016-0174

CVE-2016-0174 describes a local privilege escalation in Windows kernel-mode drivers (Win32k) affecting multiple Windows family versions (Vista SP2, Server 2008 SP2/R2, 7 SP1, 8.1, Server 2012, RT 8.1, and Windows 10 1511/Gold). The vulnerability allows a locally authenticated attacker to gain hig...

7.8CVSS7.5AI score0.02485EPSS
CVE
CVE
added 2017/04/12 2:0 p.m.121 views

CVE-2017-0180

Technical details for CVE-2017-0180 are not publicly provided in the connected documents. Available sources reference Hyper-V Network Switch input validation issues but do not disclose affected versions, root cause specifics, or exploit information. Monitor for updates.

7.6CVSS7.9AI score0.03296EPSS
CVE
CVE
added 2018/09/13 12:0 a.m.121 views

CVE-2018-8424

CVE-2018-8424 describes an information-disclosure vulnerability in the Windows GDI component where memory contents may be leaked. Affected products include Windows 7, Windows Server 2008 R2, Windows Server 2012, Windows 8.1, Windows 10 and their Server counterparts (e.g., Windows Server 2008, 201...

6.5CVSS6.3AI score0.12985EPSS
CVE
CVE
added 2024/08/13 5:30 p.m.121 views

CVE-2024-38180

CVE-2024-38180 relates to a security feature bypass in Windows SmartScreen. Affected product: Windows SmartScreen (Windows). The CVE is described as a Security Feature Bypass with high impact (C/H/I/A) and a network attack vector requiring user interaction. The initial documents do not provide de...

8.8CVSS8.7AI score0.0151EPSS
CVE
CVE
added 2018/03/14 5:0 p.m.120 views

CVE-2018-0900

Technical details are not publicly available in the provided connected documents; monitor for updates.

4.7CVSS4.7AI score0.02201EPSS
Total number of security vulnerabilities147