Windows Server 2012@r2 Security Vulnerabilities and Issues — Page 9 of Windows Server 2012@r2 CVE List

A remote code execution vulnerability exists in Remote Desktop Services - formerly known as Terminal Services - when an authenticated attacker abuses clipboard redirection, aka 'Remote Desktop Services Remote Code Execution Vulnerability'.

8.5CVSS8AI score0.54304EPSS

CVE•added 2020/10/16 11:15 p.m.•213 views

CVE-2020-16916

<p>An elevation of privilege vulnerability exists when Windows improperly handles COM object creation. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges.</p><p>To exploit this vulnerability, an attacker would first have to log on to the syste...

7.8CVSS8.2AI score0.00744EPSS

CVE•added 2024/02/13 6:15 p.m.•213 views

CVE-2024-21357

Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability

8.1CVSS8.9AI score0.15049EPSS

CVE•added 2025/03/11 5:16 p.m.•213 views

CVE-2025-24993

Heap-based buffer overflow in Windows NTFS allows an unauthorized attacker to execute code locally.

7.8CVSS8AI score0.03226EPSS

CVE•added 2022/03/09 5:15 p.m.•212 views

CVE-2022-23294

Windows Event Tracing Remote Code Execution Vulnerability

8.8CVSS8.8AI score0.05204EPSS

CVE•added 2024/01/09 6:15 p.m.•212 views

CVE-2024-20654

Microsoft ODBC Driver Remote Code Execution Vulnerability

8CVSS8.2AI score0.02145EPSS

CVE•added 2024/03/12 5:15 p.m.•212 views

CVE-2024-21439

Windows Telephony Server Elevation of Privilege Vulnerability

7CVSS7.6AI score0.001EPSS

CVE•added 2024/12/12 2:4 a.m.•212 views

CVE-2024-49113

Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability

7.5CVSS7.5AI score0.87357EPSS

CVE•added 2020/06/09 8:15 p.m.•211 views

CVE-2020-1262

An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0986, CVE-2020-1237, CVE-2020-1246, CVE-2020-1264, CVE-2020-1266, CVE-2020-1269, CVE-2020...

7.8CVSS7.7AI score0.19295EPSS

CVE•added 2021/12/15 3:15 p.m.•211 views

CVE-2021-43883

Windows Installer Elevation of Privilege Vulnerability

7.8CVSS8.7AI score0.08752EPSS

CVE•added 2022/07/12 11:15 p.m.•211 views

CVE-2022-22024

Windows Fax Service Remote Code Execution Vulnerability

7.8CVSS8.3AI score0.01141EPSS

CVE•added 2025/01/14 6:15 p.m.•211 views

CVE-2025-21293

Active Directory Domain Services Elevation of Privilege Vulnerability

8.8CVSS8.8AI score0.75604EPSS

CVE•added 2020/06/09 8:15 p.m.•210 views

CVE-2020-1246

An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0986, CVE-2020-1237, CVE-2020-1262, CVE-2020-1264, CVE-2020-1266, CVE-2020-1269, CVE-2020...

7.8CVSS7.7AI score0.19295EPSS

CVE•added 2022/03/09 5:15 p.m.•210 views

CVE-2022-24454

Windows Security Support Provider Interface Elevation of Privilege Vulnerability

7.8CVSS8.1AI score0.00227EPSS

CVE•added 2022/07/12 11:15 p.m.•210 views

CVE-2022-30221

Windows Graphics Component Remote Code Execution Vulnerability

8.8CVSS8.8AI score0.01237EPSS

CVE•added 2022/10/11 7:15 p.m.•210 views

CVE-2022-37981

Windows Event Logging Service Denial of Service Vulnerability

4.3CVSS6.3AI score0.04734EPSS

CVE•added 2024/08/13 6:15 p.m.•210 views

CVE-2024-38107

Windows Power Dependency Coordinator Elevation of Privilege Vulnerability

7.8CVSS7.7AI score0.03662EPSS

CVE•added 2016/08/09 9:59 p.m.•209 views

CVE-2016-3308

The kernel-mode drivers in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607 allow local users to gain privileges via a crafted application, aka "Win32k Elevation of Privi...

7.8CVSS7.5AI score0.49455EPSS

CVE•added 2024/04/09 5:15 p.m.•209 views

CVE-2024-26214

Microsoft WDAC SQL Server ODBC Driver Remote Code Execution Vulnerability

8.8CVSS9.2AI score0.01643EPSS

CVE•added 2025/03/11 5:16 p.m.•209 views

CVE-2025-24984

Insertion of sensitive information into log file in Windows NTFS allows an unauthorized attacker to disclose information with a physical attack.

4.6CVSS6.1AI score0.19409EPSS

CVE•added 2025/03/11 5:16 p.m.•209 views

CVE-2025-24991

Out-of-bounds read in Windows NTFS allows an authorized attacker to disclose information locally.

5.5CVSS6.5AI score0.03535EPSS

CVE•added 2022/04/15 7:15 p.m.•208 views

CVE-2022-26788

PowerShell Elevation of Privilege Vulnerability

7.8CVSS8.6AI score0.00406EPSS

CVE•added 2022/04/15 7:15 p.m.•208 views

CVE-2022-26903

Windows Graphics Component Remote Code Execution Vulnerability

9.3CVSS8.8AI score0.01609EPSS

CVE•added 2022/07/12 11:15 p.m.•208 views

CVE-2022-30223

Windows Hyper-V Information Disclosure Vulnerability

5.7CVSS6.6AI score0.03907EPSS

CVE•added 2022/10/11 7:15 p.m.•208 views

CVE-2022-38045

Windows Server Service Elevation of Privilege Vulnerability

8.8CVSS8.6AI score0.05007EPSS

CVE•added 2024/02/13 6:15 p.m.•208 views

CVE-2024-21355

Microsoft Message Queuing (MSMQ) Elevation of Privilege Vulnerability

7CVSS7.2AI score0.0009EPSS

CVE•added 2024/02/13 6:15 p.m.•207 views

CVE-2024-21377

Windows DNS Information Disclosure Vulnerability

5.5CVSS5.9AI score0.00177EPSS

CVE•added 2016/10/14 2:59 a.m.•206 views

CVE-2016-7182

The Graphics component in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; Office 2007 SP3; Office 2010 SP2; Word Viewer; Skype for Business 2016; Lync 2013 SP1; Lync 2010; ...

10CVSS8.7AI score0.35426EPSS

CVE•added 2020/07/14 11:15 p.m.•206 views

CVE-2020-1043

A remote code execution vulnerability exists when Hyper-V RemoteFX vGPU on a host server fails to properly validate input from an authenticated user on a guest operating system, aka 'Hyper-V RemoteFX vGPU Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1032, CVE-2020-1036,...

9CVSS9.2AI score0.01001EPSS

CVE•added 2022/05/10 9:15 p.m.•206 views

CVE-2022-29123

Windows Clustered Shared Volume Information Disclosure Vulnerability

6.5CVSS7.6AI score0.0047EPSS

CVE•added 2025/06/10 5:23 p.m.•206 views

CVE-2025-33073

Improper access control in Windows SMB allows an authorized attacker to elevate privileges over a network.

8.8CVSS8.7AI score0.00326EPSS

CVE•added 2017/03/17 12:59 a.m.•205 views

CVE-2017-0025

The kernel-mode drivers in Microsoft Windows Vista; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allow local users to gain privileges via a crafted application, aka "Win32k E...

7.8CVSS6.2AI score0.12861EPSS

CVE•added 2022/04/15 7:15 p.m.•205 views

CVE-2022-24541

Windows Server Service Remote Code Execution Vulnerability

9.3CVSS9.4AI score0.07634EPSS

CVE•added 2024/04/09 5:15 p.m.•205 views

CVE-2024-26234

Proxy Driver Spoofing Vulnerability

6.7CVSS7.4AI score0.02069EPSS

CVE•added 2019/10/10 2:15 p.m.•204 views

CVE-2019-1342

An elevation of privilege vulnerability exists when Windows Error Reporting manager improperly handles a process crash, aka 'Windows Error Reporting Manager Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1315, CVE-2019-1339.

7.8CVSS8.5AI score0.06219EPSS

CVE•added 2020/10/16 11:15 p.m.•204 views

CVE-2020-16891

<p>A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker could run a specially crafted application on a guest operating system that could c...

8.8CVSS8.7AI score0.00539EPSS

CVE•added 2021/10/13 1:15 a.m.•204 views

CVE-2021-41335

Windows Kernel Elevation of Privilege Vulnerability

7.8CVSS8AI score0.00462EPSS

CVE•added 2022/06/15 10:15 p.m.•204 views

CVE-2022-30141

Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability

9.3CVSS8.5AI score0.09953EPSS

CVE•added 2023/04/11 9:15 p.m.•204 views

CVE-2023-28219

Layer 2 Tunneling Protocol Remote Code Execution Vulnerability

8.1CVSS8.2AI score0.07471EPSS

CVE•added 2023/11/14 6:15 p.m.•204 views

CVE-2023-36017

Windows Scripting Engine Memory Corruption Vulnerability

8.8CVSS8.9AI score0.02717EPSS

CVE•added 2023/11/14 6:15 p.m.•204 views

CVE-2023-36425

Windows Distributed File System (DFS) Remote Code Execution Vulnerability

8CVSS8.9AI score0.00207EPSS

CVE•added 2017/03/17 12:59 a.m.•203 views

CVE-2017-0047

The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607 allows local users to gain privileges via a crafted application, aka "Windows GDI ...

7.8CVSS6.2AI score0.12861EPSS

CVE•added 2022/03/09 5:15 p.m.•203 views

CVE-2022-21975

Windows Hyper-V Denial of Service Vulnerability

4.7CVSS6.2AI score0.00137EPSS

CVE•added 2015/02/11 3:0 a.m.•202 views

CVE-2015-0008

The UNC implementation in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not include authentication from the server to the client, which allows remote ...

8.3CVSS8.1AI score0.09423EPSS

CVE•added 2022/07/12 11:15 p.m.•202 views

CVE-2022-21845

Windows Kernel Information Disclosure Vulnerability

4.7CVSS6.1AI score0.00891EPSS

CVE•added 2022/08/09 8:15 p.m.•202 views

CVE-2022-34714

Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability

8.1CVSS9AI score0.00171EPSS

CVE•added 2023/08/08 6:15 p.m.•202 views

CVE-2023-35385

Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability