Windows Server 2016 Security Vulnerabilities and Issues — Page 48 of Windows Server 2016 CVE List

Uncontrolled resource consumption in Windows Standards-Based Storage Management Service allows an unauthorized attacker to deny service over a network.

7.5CVSS7AI score0.07258EPSS

CVE•added 2016/11/10 6:59 a.m.•102 views

CVE-2016-3338

The Common Log File System (CLFS) driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows local users to gain privileges via a crafted appl...

9.3CVSS7.5AI score0.1385EPSS

CVE•added 2017/05/12 2:29 p.m.•102 views

CVE-2017-0077

The kernel-mode drivers in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allow a local authenticated attacker to execute a specially crafted application to obtain informatio...

7.8CVSS7.4AI score0.04643EPSS

CVE•added 2017/05/12 2:29 p.m.•102 views

CVE-2017-0278

The Microsoft Server Message Block 1.0 (SMBv1) server on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an attacker to execute remote code by the way it ...

7CVSS7.7AI score0.05522EPSS

CVE•added 2017/07/11 9:29 p.m.•102 views

CVE-2017-8577

Win32k in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an elevation of privilege vulnerability when it fails to properly handle objects in memory, aka ...

7CVSS6.9AI score0.12071EPSS

CVE•added 2018/04/12 1:29 a.m.•102 views

CVE-2018-0964

An information disclosure vulnerability exists when Windows Hyper-V on a host operating system fails to properly validate input from an authenticated user on a guest operating system, aka "Hyper-V Information Disclosure Vulnerability." This affects Windows 10, Windows 10 Servers. This CVE ID is uni...

6.1CVSS5.9AI score0.00978EPSS

CVE•added 2018/04/12 1:29 a.m.•102 views

CVE-2018-0973

An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (ASLR) bypass, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2...

5.5CVSS5AI score0.04687EPSS

CVE•added 2018/03/14 5:29 p.m.•102 views

CVE-2018-0977

The Windows kernel mode driver in Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege vulnerability due to how objects are handled in memory, aka "Win32k Elevation of Privilege Vulnerability".

7CVSS6.9AI score0.01338EPSS

CVE•added 2018/05/09 7:29 p.m.•102 views

CVE-2018-8132

A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard, aka "Windows Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-0854, CVE-2018-0958, CVE-2018-81...

5.3CVSS6.4AI score0.00718EPSS

CVE•added 2018/06/14 12:29 p.m.•102 views

CVE-2018-8201

A security feature bypass vulnerability exists in Device Guard that could allow an attacker to inject malicious code into a Windows PowerShell session, aka "Device Guard Code Integrity Policy Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers. T...

4.5CVSS5.2AI score0.01097EPSS

CVE•added 2018/06/14 12:29 p.m.•102 views

CVE-2018-8221

5.3CVSS5.2AI score0.01097EPSS

CVE•added 2018/10/10 1:29 p.m.•102 views

CVE-2018-8493

An information disclosure vulnerability exists when the Windows TCP/IP stack improperly handles fragmented IP packets, aka "Windows TCP/IP Information Disclosure Vulnerability." This affects Windows Server 2012 R2, Windows RT 8.1, Windows Server 2016, Windows 8.1, Windows 10, Windows 10 Servers.

7.5CVSS6.8AI score0.06021EPSS

CVE•added 2019/06/12 2:29 p.m.•102 views

CVE-2019-0711

A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate input from a privileged user on a guest operating system. To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system, running as a virtual mach...

6.8CVSS7.1AI score0.00518EPSS

CVE•added 2019/06/12 2:29 p.m.•102 views

CVE-2019-0984

An elevation of privilege vulnerability exists when the Windows Common Log File System (CLFS) driver improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context.To exploit the vulnerability, an attacker would first have ...

7.8CVSS7.7AI score0.00167EPSS

CVE•added 2020/02/11 10:15 p.m.•102 views

CVE-2020-0724

An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0691, CVE-2020-0719, CVE-2020-0720, CVE-2020-0721, CVE-2020-0722, CVE-2020-0723, CVE...

7.8CVSS7.7AI score0.00549EPSS

CVE•added 2020/05/21 11:15 p.m.•102 views

CVE-2020-1135

An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handles objects in memory, aka 'Windows Graphics Component Elevation of Privilege Vulnerability'.

7.8CVSS8.3AI score0.00274EPSS

CVE•added 2020/06/09 8:15 p.m.•102 views

CVE-2020-1272

An elevation of privilege vulnerability exists in the Windows Installer when the Windows Installer fails to properly sanitize input leading to an insecure library loading behavior.A locally authenticated attacker could run arbitrary code with elevated system privileges, aka 'Windows Installer Eleva...

7.8CVSS8.1AI score0.00656EPSS

CVE•added 2020/08/17 7:15 p.m.•102 views

CVE-2020-1513

An elevation of privilege vulnerability exists when the Windows CSC Service improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The security upd...

7.8CVSS8.1AI score0.00387EPSS

CVE•added 2020/08/17 7:15 p.m.•102 views

CVE-2020-1524

An elevation of privilege vulnerability exists when the Windows Speech Shell Components improperly handle memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The s...

7.8CVSS7.8AI score0.00387EPSS

CVE•added 2020/08/17 7:15 p.m.•102 views

CVE-2020-1526

An elevation of privilege vulnerability exists when the Windows Network Connection Broker improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.Th...

7.8CVSS8.1AI score0.00513EPSS

CVE•added 2020/12/10 12:15 a.m.•102 views

CVE-2020-16962

Windows Backup Engine Elevation of Privilege Vulnerability

7.8CVSS7.8AI score0.01076EPSS

CVE•added 2020/12/10 12:15 a.m.•102 views

CVE-2020-17134

Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability

7.8CVSS7.7AI score0.00691EPSS

CVE•added 2020/12/10 12:15 a.m.•102 views

CVE-2020-17137

DirectX Graphics Kernel Elevation of Privilege Vulnerability