Lucene search
+L
MicrosoftWindows Server 2012*

147 matches found

CVE
CVE
added 2017/04/12 2:0 p.m.121 views

CVE-2017-0166

CVE-2017-0166: An LDAP elevation of privilege vulnerability in Windows occurs when LDAP request buffer lengths are improperly calculated. This enables a remote attacker to send malicious traffic to a Domain Controller to achieve elevated privileges. The initial description and connected documents...

9.3CVSS7.9AI score0.06415EPSS
CVE
CVE
added 2018/03/14 5:0 p.m.121 views

CVE-2018-0900

Technical details are not publicly available in the provided connected documents; monitor for updates.

4.7CVSS4.7AI score0.02201EPSS
CVE
CVE
added 2024/08/13 5:30 p.m.121 views

CVE-2024-38121

CVE-2024-38121 is a Windows RRAS remote code execution vulnerability. Connected documents explicitly list CVE-2024-38121 under Windows Routing and Remote Access Service (RRAS) with an impact described as executing random code, indicating a high-severity issue (CVSS 3.1/8.8; network attack, no pri...

8.8CVSS9AI score0.01536EPSS
CVE
CVE
added 2017/04/12 2:0 p.m.119 views

CVE-2017-0182

The connected Nessus plugin confirms a Hyper-V Denial of Service issue tied to CVE-2017-0182 family: a DoS affecting Microsoft Windows Hyper-V when input from a privileged guest OS is not properly validated, potentially crashing the host. Affected platforms include Windows client/server variants ...

6.3CVSS5.9AI score0.04432EPSS
CVE
CVE
added 2018/09/13 12:0 a.m.119 views

CVE-2018-8434

CVE-2018-8434 is a Windows Hyper-V information disclosure vulnerability. It occurs when a host OS fails to properly validate input from an authenticated user on a guest OS, allowing potential disclosure of memory information. Affected platforms include Windows 7, Windows Server 2008/2012 families...

5.4CVSS5.5AI score0.03494EPSS
CVE
CVE
added 2020/11/11 6:48 a.m.119 views

CVE-2020-17047

CVE-2020-17047: Windows Network File System (NFS) Denial of Service. The issue arises from improper handling of crafted RPC packets, allowing a remote attacker to disrupt a Windows/Windows Server target by sending malicious RPC calls. Root cause: RPC handling defect in the Windows NFS component. ...

7.8CVSS8.2AI score0.25285EPSS
CVE
CVE
added 2018/02/15 2:0 a.m.117 views

CVE-2018-0844

The CVE-2018-0844 entry describes an elevation-of-privilege vulnerability in the Windows Common Log File System (CLFS) driver, affecting multiple Windows versions (Windows 7 SP1, Windows 8.1/RT 8.1, Server 2008 SP2/R2 SP1, 2012/R2, 2016, and 1709). The root cause is how objects in memory are hand...

7.8CVSS6.8AI score0.01239EPSS
CVE
CVE
added 2018/04/12 1:0 a.m.117 views

CVE-2018-8116

The provided connected documents confirm CVE-2018-8116 is a DoS vulnerability in the Windows Graphics Component, arising from how the component handles objects in memory and affecting multiple Windows versions (e.g., Windows 7, Windows 10, server editions). Concrete details include the affected p...

5.5CVSS6.4AI score0.01428EPSS
CVE
CVE
added 2020/11/11 6:48 a.m.117 views

CVE-2020-17038

Technical details for CVE-2020-17038 are not publicly available in the provided documents. No affected products, root cause, or remediation information are included. Monitor for updates.

7.8CVSS7.8AI score0.0098EPSS
CVE
CVE
added 2018/03/14 5:0 p.m.116 views

CVE-2018-0885

CVE-2018-0885 : DoS in the Microsoft Hyper-V Network Switch triggered by unvalidated input from a guest OS. Affected: 64‑bit Windows Server 2008 SP2/ R2 SP1; Windows Server 2012/R2; Windows 10 (various builds); Windows Server 2016; and Windows Server version 1709. Root cause is described as impro...

6.3CVSS5.7AI score0.05489EPSS
CVE
CVE
added 2018/03/14 5:0 p.m.115 views

CVE-2018-0814

Technical details for CVE-2018-0814 are not publicly available in the provided Connected documents. No explicit affected products, versions, root cause, impact, or remediation are disclosed here. Monitor for updates from official advisories.

5.5CVSS4.8AI score0.0188EPSS
CVE
CVE
added 2018/03/14 5:0 p.m.115 views

CVE-2018-0895

Technical details for CVE-2018-0895 are not provided in the connected documents. Public information in this dataset does not specify affected products/versions/impact. Monitor for updates.

4.7CVSS4.7AI score0.02866EPSS
CVE
CVE
added 2020/11/11 6:48 a.m.115 views

CVE-2020-17036

CVE-2020-17036 corresponds to a Windows Function Discovery SSDP Provider Information Disclosure Vulnerability. The vulnerability affects Windows Function Discovery SSDP Provider and is described as an information disclosure issue. The provided documents do not include concrete technical details s...

5.5CVSS7AI score0.01365EPSS
CVE
CVE
added 2016/05/11 1:0 a.m.114 views

CVE-2016-0168

CVE-2016-0168 is a Windows GDI information-disclosure vulnerability affecting multiple Windows versions. Connected data confirms exploitation activity (Exploits listed on Exploit-DB and sightings in CIRCL) but provides no vendor-specific patch or remediation details in the supplied documents. No ...

6.5CVSS5.9AI score0.43248EPSS
CVE
CVE
added 2017/11/15 3:0 a.m.114 views

CVE-2017-11847

CVE-2017-11847 affects the Windows kernel across multiple Windows client/server versions (Windows 7 SP1; Windows 8.1/RT; Windows 10 1511–1709; Windows Server 2008/2012/2016, etc.). The root cause is improper handling of objects in memory, enabling a local attacker to escalate privileges and run a...

9.3CVSS7.6AI score0.06462EPSS
CVE
CVE
added 2018/03/14 5:0 p.m.114 views

CVE-2018-0883

CVE-2018-0883 is a remote code execution vulnerability in Windows Shell caused by improper validation of file copy destinations. Affected are Windows Shell components across multiple Windows platforms (Windows 7 SP1, Windows 8.1/RT 8.1, Windows Server 2008 R2/2012/2016 and Windows 10 builds up to...

7.6CVSS6.7AI score0.15092EPSS
CVE
CVE
added 2018/03/14 5:0 p.m.114 views

CVE-2018-0901

Technical details about CVE-2018-0901 are not publicly available in the provided connected documents; monitor for updates.

4.7CVSS4.7AI score0.02456EPSS
CVE
CVE
added 2024/08/13 5:30 p.m.114 views

CVE-2024-38128

Technical details (affected products, root cause, exploit status) are not publicly disclosed in the provided documents; monitor for updates as more information becomes available.

8.8CVSS9AI score0.01536EPSS
CVE
CVE
added 2024/08/13 5:30 p.m.114 views

CVE-2024-38154

CVE-2024-38154 concerns Windows Routing and Remote Access Service (RRAS). The initial document states RRAS Remote Code Execution Vulnerability with a CVSS3.1 base score of 8.8 (AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H). Connected documents do not supply concrete technical details (no vendor/product/ve...

8.8CVSS9AI score0.0151EPSS
CVE
CVE
added 2016/05/11 1:0 a.m.113 views

CVE-2016-0170

CVE-2016-0170 affects the Windows GDI component across multiple Windows versions (Vista SP2, Server 2008 SP2/R2, 7 SP1, 8.1, 2012/2012 R2, RT 8.1, 10). The vulnerability enables remote code execution when processing crafted documents, due to how the Graphics Component handles objects in memory. A...

9.3CVSS8.6AI score0.48585EPSS
CVE
CVE
added 2017/07/11 9:0 p.m.113 views

CVE-2017-8495

CVE-2017-8495 is a Kerberos security feature bypass in which Extended Protection for Authentication can be circumvented by tampering with the SNAME field during ticket exchange (Orpheus’ Lyre). Affected Windows family includes Windows 7 SP1, Windows Server 2008 SP2/R2, Windows 8.1, Windows RT 8.1...

7.5CVSS6.8AI score0.04621EPSS
CVE
CVE
added 2024/08/13 5:30 p.m.113 views

CVE-2024-38125

CVE-2024-38125 affects the Windows Kernel Streaming WOW Thunk Service Driver and enables local elevation of privileges. The vulnerability is associated with the Kernel Streaming WOW Thunk Service Driver and can lead to obtaining elevated privileges (SYSTEM). Microsoft has issued fixes in August 2...

7.8CVSS7.7AI score0.0594EPSS
CVE
CVE
added 2018/03/14 5:0 p.m.112 views

CVE-2018-0881

CVE-2018-0881 concerns a privilege-elevation flaw in the Microsoft Video Control component. The vulnerability stems from how objects are handled in memory, enabling an attacker who can log on and run a crafted application to execute code with elevated/system privileges on affected Windows release...

7CVSS6.2AI score0.01152EPSS
CVE
CVE
added 2018/03/14 5:0 p.m.112 views

CVE-2018-0904

The CVE-2018-0904 entry concerns a Windows kernel information disclosure vulnerability affecting Windows kernel in multiple client/server OS builds (Windows 7/8.1/10, Windows Server 2008 R2/2012/2016, etc.). Root cause: memory address handling in the kernel allows partial information disclosure w...

4.7CVSS5AI score0.02175EPSS
CVE
CVE
added 2017/04/12 2:0 p.m.111 views

CVE-2017-0184

Microsoft Hyper-V remote Denial of Service vulnerability (CVE-2017-0184) arises from improper validation of input from a privileged user on a guest OS, potentially allowing a guest to crash the host. Affected component: Hyper-V on Windows Server. Consequence: denial of service impacting host avai...

5.4CVSS5.7AI score0.05673EPSS
CVE
CVE
added 2018/03/14 5:0 p.m.111 views

CVE-2018-0888

CVE-2018-0888 corresponds to a vulnerability in the Microsoft Hyper-V Network Switch where 64-bit Windows clients/servers (Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012/R2; Windows 10 versions 1511–1709; Windows Server 2016) are exposed to information disclos...

5.6CVSS5.6AI score0.01488EPSS
CVE
CVE
added 2024/08/13 5:30 p.m.111 views

CVE-2024-38130

Technical details for CVE-2024-38130 are not publicly available in the provided documents. No vendor/dependent specifics (product version, root cause, impact, or fixes) are given here. Monitor for official disclosures and updated advisories.

8.8CVSS9AI score0.01536EPSS
CVE
CVE
added 2016/05/11 1:0 a.m.110 views

CVE-2016-0171

CVE-2016-0171 is a Windows kernel‑mode elevation of privilege vulnerability affecting Win32k in several Windows releases (Vista SP2 to Windows 10 1511). The entry describes that a crafted user‑mode application can trigger a local privilege escalation via a flaw in the Win32k subsystem, with explo...

7.8CVSS7.5AI score0.03799EPSS
CVE
CVE
added 2017/04/12 2:0 p.m.110 views

CVE-2017-0058

CVE-2017-0058 is a Windows Win32k information-disclosure vulnerability where win32k.sys fails to properly provide kernel information, allowing a local attacker to obtain sensitive data to aid compromise. Affected: Microsoft Windows Win32k component. Root cause: improper kernel information exposur...

4.7CVSS5AI score0.03655EPSS
CVE
CVE
added 2017/06/15 1:0 a.m.110 views

CVE-2017-0296

CVE-2017-0296 affects Windows platforms (Windows 7 SP1 to Windows Server 2016) with a privilege-escalation via tdx.sys due to a missing length check when copying memory. The affected component is tdx.sys; root cause is inadequate buffer length validation. Impact per description: privilege escalat...

7.8CVSS5.7AI score0.01315EPSS
CVE
CVE
added 2025/03/11 4:59 p.m.110 views

CVE-2025-24059

CVE-2025-24059 affects Windows Common Log File System Driver. Root cause: incorrect numeric type conversion leading to local privilege escalation. Impact per sources: high (privilege escalation, high confidentiality/integrity/availability impact) with local exploitation and no user interaction re...

7.8CVSS7.6AI score0.00509EPSS
CVE
CVE
added 2024/08/13 5:30 p.m.109 views

CVE-2024-38116

Technical details for CVE-2024-38116 are not publicly available in the provided documents; monitor for updates.

8.8CVSS9AI score0.01818EPSS
CVE
CVE
added 2024/08/13 5:30 p.m.109 views

CVE-2024-38141

CVE-2024-38141 is a Windows vulnerability in the Ancillary Function Driver for WinSock that enables local privilege escalation to SYSTEM. Connected sources indicate the issue is tied to the WinSock AF Dvr and that exploitation would require local access with low privileges and no user interaction...

7.8CVSS7.7AI score0.03719EPSS
CVE
CVE
added 2017/03/17 12:0 a.m.108 views

CVE-2017-0023

CVE-2017-0023 is a remote code execution vulnerability in the Microsoft Edge PDF Library, affecting Windows 8.1, Windows Server 2012/2012 R2, Windows RT 8.1, and Windows 10 (variants such as 1511/1607). Public reports describe memory corruption in the PDF rendering library leading to arbitrary co...

7.6CVSS7.8AI score0.34017EPSS
CVE
CVE
added 2017/03/17 12:0 a.m.108 views

CVE-2017-0076

Summary of CVE-2017-0076 and related entries : The vulnerability affects Hyper-V in multiple Windows platforms (Vista SP2; Server 2008 SP2/2008 R2; Windows 7 SP1; Windows 8.1; Server 2012/2012 R2; Windows 10 versions 1511/1607; and Windows Server 2016). The issue allows a guest OS user running in...

5.4CVSS5.2AI score0.01594EPSS
CVE
CVE
added 2018/03/14 5:0 p.m.108 views

CVE-2018-0894

Technical details about CVE-2018-0894 are not provided in the connected documents. The initial entry describes an information disclosure vulnerability in Windows kernels across multiple versions, but no affected product specifics, fixes, or exploit data are included here. Monitor for updates.

4.7CVSS4.7AI score0.02435EPSS
CVE
CVE
added 2020/11/11 6:48 a.m.108 views

CVE-2020-17041

CVE-2020-17041 technical details are not publicly available in the provided documents. Monitor for updates.

7.8CVSS8.4AI score0.00975EPSS
CVE
CVE
added 2017/03/17 12:0 a.m.106 views

CVE-2017-0074

CVE-2017-0074 is a Hyper-V denial-of-service vulnerability affecting Windows Hyper-V across multiple Windows client and server editions. Connected sources (CNVD entries) describe a Hyper-V DoS where a crafted application can crash the host, affecting Hyper-V guests; specific affected versions ali...

5.4CVSS5.2AI score0.01382EPSS
CVE
CVE
added 2024/08/13 5:30 p.m.106 views

CVE-2024-38114

Technical details for CVE-2024-38114 are not provided in the connected documents. The initial description notes a Windows IP Routing Management Snapin Remote Code Execution vulnerability with CVSS 3.1/8.8, but no affected versions, root cause, or mitigations are included here.

8.8CVSS9AI score0.01504EPSS
CVE
CVE
added 2024/08/13 5:30 p.m.106 views

CVE-2024-38122

Technical details about CVE-2024-38122 are not provided in the connected documents. The initial entry only labels an LSA server information disclosure without concrete details on affected products, versions, impact, or fixes; monitor for updates.

5.5CVSS5.2AI score0.00629EPSS
CVE
CVE
added 2024/08/13 5:29 p.m.106 views

CVE-2024-38191

Technical details for CVE-2024-38191 are not publicly provided in the supplied documents. Monitor for updates from Microsoft MSRC/NVD, NVD, or CVE listings as new information becomes available.

7.8CVSS7.7AI score0.00511EPSS
CVE
CVE
added 2025/03/11 4:59 p.m.106 views

CVE-2025-24056

CVE-2025-24056 is a heap-based buffer overflow in the Windows Telephony Server that allows a network-based attacker to execute arbitrary code on affected systems. The issue is described as remote code execution with network access (AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) and a base score of 8.8 (HIG...

8.8CVSS7.7AI score0.01598EPSS
CVE
CVE
added 2016/05/11 1:0 a.m.105 views

CVE-2016-0180

CVE-2016-0180 is a Windows kernel elevation-of-privilege vulnerability affecting multiple Windows versions (Vista SP2, Server 2008 SP2/R2, 7 SP1, 8.1, 2012, RT 8.1, 10 variants). The root cause is how the Windows kernel mishandles symbolic links, enabling a local attacker to gain privileges via a...

7.8CVSS7.3AI score0.01486EPSS
CVE
CVE
added 2017/04/12 2:0 p.m.105 views

CVE-2017-0163

CVE-2017-0163 affects Windows Server Hyper-V Network Switch, allowing remote code execution when input from a guest OS is not properly validated. The underlying issue is improper validation of guest-supplied input, enabling an attacker with guest access to execute arbitrary code on the host. Publ...

7.6CVSS7.9AI score0.03147EPSS
CVE
CVE
added 2018/03/14 5:0 p.m.105 views

CVE-2018-0926

Technical details are not publicly available in the provided connected documents; monitor for updates.

5.5CVSS4.7AI score0.01773EPSS
CVE
CVE
added 2020/11/11 6:48 a.m.105 views

CVE-2020-17029

CVE-2020-17029 is a Windows Canonical Display Driver Information Disclosure Vulnerability. Affected software: Windows Canonical Display Driver. Root cause: information disclosure vulnerability within the Canonical Display driver. Impact: confidentiality impact HIGH (per CVSS 3.1), with local atta...

5.5CVSS7AI score0.01365EPSS
CVE
CVE
added 2024/08/13 5:30 p.m.105 views

CVE-2024-38214

CVE-2024-38214 is a Windows RRAS Information Disclosure Vulnerability affecting RRAS in Windows. The provided data lists RRAS as the vulnerable component with an impact of accessing sensitive data, and references Microsoft security updates (e.g., KB5041773 and related August 2024 updates) as miti...

6.5CVSS6.3AI score0.0148EPSS
CVE
CVE
added 2016/05/11 1:0 a.m.104 views

CVE-2016-0173

CVE-2016-0173 is a Win32k Elevation of Privilege vulnerability affecting Windows kernel‑mode drivers across Windows Vista SP2 through Windows 10 (1511). A crafted user-mode application can trigger local privilege escalation, as described in the original entry. Public exploit access exists: Exploi...

7.8CVSS7.5AI score0.03663EPSS
CVE
CVE
added 2017/04/12 2:0 p.m.104 views

CVE-2017-0192

The CVE-2017-0192 entry describes an information disclosure in the Microsoft Windows ATMFD.dll (Adobe Type Manager Font Driver). Affected products include Windows Vista SP2, Windows Server 2008 SP2/R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold/R2, Windows RT 8.1, and Windows 10 bui...

4.3CVSS5.4AI score0.06034EPSS
CVE
CVE
added 2018/04/12 1:0 a.m.104 views

CVE-2018-1009

CVE-2018-1009 is a local privilege-escalation vulnerability in the Windows DirectX Graphics Kernel Subsystem. It arises when Windows improperly handles objects in memory and incorrectly maps kernel memory, allowing an attacker with local access to elevate privileges on affected systems. Affected ...

7.8CVSS6.6AI score0.01279EPSS
Total number of security vulnerabilities147