Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
MicrosoftWindows Server 2016

4166 matches found

CVE
CVEadded 2025/03/11 5:16 p.m.79 views

CVE-2025-24050

Heap-based buffer overflow in Role: Windows Hyper-V allows an authorized attacker to elevate privileges locally.

7.8CVSS7.9AI score0.0009EPSS
CVE
CVEadded 2025/03/11 5:16 p.m.79 views

CVE-2025-24996

External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing over a network.

6.5CVSS6.9AI score0.00238EPSS
CVE
CVEadded 2025/04/08 6:15 p.m.79 views

CVE-2025-26665

Sensitive data storage in improperly locked memory in Windows upnphost.dll allows an authorized attacker to elevate privileges locally.

7CVSS7.1AI score0.00036EPSS
CVE
CVEadded 2025/04/08 6:15 p.m.79 views

CVE-2025-26686

Sensitive data storage in improperly locked memory in Windows TCP/IP allows an unauthorized attacker to execute code over a network.

7.5CVSS7.5AI score0.00151EPSS
CVE
CVEadded 2025/04/08 6:15 p.m.79 views

CVE-2025-27474

Use of uninitialized resource in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.

6.5CVSS6.9AI score0.00229EPSS
CVE
CVEadded 2025/04/08 6:16 p.m.79 views

CVE-2025-27735

Insufficient verification of data authenticity in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to bypass a security feature locally.

6CVSS7.1AI score0.00034EPSS
CVE
CVEadded 2025/04/08 6:16 p.m.79 views

CVE-2025-27740

Weak authentication in Windows Active Directory Certificate Services allows an authorized attacker to elevate privileges over a network.

8.8CVSS7.3AI score0.0071EPSS
CVE
CVEadded 2016/11/10 6:59 a.m.78 views

CVE-2016-7215

The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allow local users to gain privileges via a crafted application, aka "Win3...

7.8CVSS7.5AI score0.04123EPSS
CVE
CVEadded 2016/11/10 6:59 a.m.78 views

CVE-2016-7238

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 mishandle caching for NTLM password-change requests, which allows local users to gain privileges via...

7.8CVSS7.6AI score0.00457EPSS
CVE
CVEadded 2017/03/17 12:59 a.m.78 views

CVE-2017-0021

Hyper-V in Microsoft Windows 10 1607 and Windows Server 2016 does not properly validate vSMB packet data, which allows attackers to execute arbitrary code on a target OS, aka "Hyper-V System Data Structure Vulnerability." This vulnerability is different from that described in CVE-2017-0095.

9CVSS6.8AI score0.01164EPSS
CVE
CVEadded 2017/10/13 1:29 p.m.78 views

CVE-2017-11763

The Microsoft Graphics Component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows a remote code execution vulnerability in the way it handles specially ...

8.8CVSS9AI score0.40686EPSS
CVE
CVEadded 2017/10/13 1:29 p.m.78 views

CVE-2017-11772

The Microsoft Windows Search component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an information disclosure when it fails to properly handle objec...

7.5CVSS7.8AI score0.22657EPSS
CVE
CVEadded 2017/06/15 1:29 a.m.78 views

CVE-2017-8475

Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an authenticated attacker to run a specially crafted application when the Windows kernel improperly initializes objects in memory, aka "Win32...

5CVSS4.7AI score0.15731EPSS
CVE
CVEadded 2017/06/15 1:29 a.m.78 views

CVE-2017-8478

The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an authenticated attacker to obtain information via a specially crafted application. aka "Window...

5CVSS4.8AI score0.15731EPSS
CVE
CVEadded 2017/06/15 1:29 a.m.78 views

CVE-2017-8483

The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an authenticated attacker to obtain information via a specially crafted application. aka "Window...

5CVSS4.8AI score0.15731EPSS
CVE
CVEadded 2017/06/15 1:29 a.m.78 views

CVE-2017-8531

Graphics in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, Windows Server 2016, Microsoft Office 2007 Service Pack 3, and Microsoft Office 2010 Service Pack 2 allows improper disclosure of memory co...

6.5CVSS5.1AI score0.24455EPSS
CVE
CVEadded 2017/07/11 9:29 p.m.78 views

CVE-2017-8592

Microsoft browsers on when Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1, Windows RT 8.1, and Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow a security feature bypass vulnerability when they improperly handle redirect requests, ak...

6.5CVSS6.5AI score0.29443EPSS
CVE
CVEadded 2017/09/13 1:29 a.m.78 views

CVE-2017-8709

The Windows kernel component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an information disclosure vulnerability when it improperly handles objects...

4.7CVSS4.9AI score0.22645EPSS
CVE
CVEadded 2017/10/13 1:29 p.m.78 views

CVE-2017-8717

The Microsoft JET Database Engine in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to take control of an affected system, due to how it handles objects in memory, a...

9.3CVSS8.8AI score0.32412EPSS
CVE
CVEadded 2017/10/13 1:29 p.m.78 views

CVE-2017-8718

The Microsoft JET Database Engine in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to take control of an affected system, due to how it handles objects in memory, a...

9.3CVSS8.8AI score0.32412EPSS
CVE
CVEadded 2019/11/12 7:15 p.m.78 views

CVE-2019-0712

A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system, aka 'Windows Hyper-V Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-1309, CVE-2019-1310, CVE-20...

6.8CVSS7.1AI score0.00983EPSS
CVE
CVEadded 2019/09/11 10:15 p.m.78 views

CVE-2019-1277

An elevation of privilege vulnerability exists in Windows Audio Service when a malformed parameter is processed, aka 'Windows Audio Service Elevation of Privilege Vulnerability'.

7.8CVSS8AI score0.00278EPSS
CVE
CVEadded 2019/11/12 7:15 p.m.78 views

CVE-2019-1309

A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system, aka 'Windows Hyper-V Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-0712, CVE-2019-1310, CVE-20...

6.8CVSS7.1AI score0.00983EPSS
CVE
CVEadded 2019/11/12 7:15 p.m.78 views

CVE-2019-1389

A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system, aka 'Windows Hyper-V Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1397, CVE-2019-1398.

8.4CVSS9.2AI score0.01157EPSS
CVE
CVEadded 2019/11/12 7:15 p.m.78 views

CVE-2019-1436

An information disclosure vulnerability exists when the win32k component improperly provides kernel information, aka 'Win32k Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1440.

5.5CVSS6.4AI score0.01624EPSS
CVE
CVEadded 2020/02/11 10:15 p.m.78 views

CVE-2020-0740

An elevation of privilege vulnerability exists in the way that the Connected Devices Platform Service handles objects in memory, aka 'Connected Devices Platform Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0741, CVE-2020-0742, CVE-2020-0743, CVE-2020-0749, CVE-...

7.8CVSS7.7AI score0.00502EPSS
CVE
CVEadded 2020/03/12 4:15 p.m.78 views

CVE-2020-0861

An information disclosure vulnerability exists when the Windows Network Driver Interface Specification (NDIS) improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows Network Driver Interface Specification (NDIS) Info...

7.8CVSS8AI score0.00459EPSS
CVE
CVEadded 2020/09/11 5:15 p.m.78 views

CVE-2020-0870

An elevation of privilege vulnerability exists when the Shell infrastructure component improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context.To exploit this vulnerability, an attacker would first have to log on to ...

7.8CVSS8.1AI score0.00713EPSS
CVE
CVEadded 2020/05/21 11:15 p.m.78 views

CVE-2020-1165

An elevation of privilege vulnerability exists when Windows improperly handles calls to Clipboard Service, aka 'Windows Clipboard Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1111, CVE-2020-1121, CVE-2020-1166.

7.8CVSS7.6AI score0.00274EPSS
CVE
CVEadded 2020/07/14 11:15 p.m.78 views

CVE-2020-1267

This security update corrects a denial of service in the Local Security Authority Subsystem Service (LSASS) caused when an authenticated attacker sends a specially crafted authentication request, aka 'Local Security Authority Subsystem Service Denial of Service Vulnerability'.

4.9CVSS6.7AI score0.02296EPSS
CVE
CVEadded 2020/07/14 11:15 p.m.78 views

CVE-2020-1369

An elevation of privilege vulnerability exists in the way that the Windows WalletService handles objects in memory, aka 'Windows WalletService Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1344, CVE-2020-1362.

7.8CVSS8.1AI score0.12863EPSS
CVE
CVEadded 2020/07/14 11:15 p.m.78 views

CVE-2020-1389

An information disclosure vulnerability exists when the Windows kernel fails to properly initialize a memory address, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-1367, CVE-2020-1419, CVE-2020-1426.

5.5CVSS5.9AI score0.00842EPSS
CVE
CVEadded 2020/07/14 11:15 p.m.78 views

CVE-2020-1418

An elevation of privilege vulnerability exists when the Windows Diagnostics Execution Service fails to properly sanitize input, leading to an unsecure library-loading behavior, aka 'Windows Diagnostics Hub Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1393.

7.8CVSS8.1AI score0.00709EPSS
CVE
CVEadded 2020/09/11 5:15 p.m.78 views

CVE-2020-1559

An elevation of privilege vulnerability exists when the Windows Storage Services improperly handle file operations. An attacker who successfully exploited this vulnerability could gain elevated privileges.To exploit the vulnerability, an attacker would first need code execution on a victim system. ...

7.8CVSS8.2AI score0.00529EPSS
CVE
CVEadded 2021/03/11 4:15 p.m.78 views

CVE-2021-26866

Windows Update Service Elevation of Privilege Vulnerability

7.1CVSS7.6AI score0.00639EPSS
CVE
CVEadded 2021/03/11 4:15 p.m.78 views

CVE-2021-26873

Windows User Profile Service Elevation of Privilege Vulnerability

7.8CVSS8.1AI score0.00331EPSS
CVE
CVEadded 2021/03/11 4:15 p.m.78 views

CVE-2021-26884

Windows Media Photo Codec Information Disclosure Vulnerability

5.5CVSS7AI score0.00448EPSS
CVE
CVEadded 2021/12/15 3:15 p.m.78 views

CVE-2021-43219

DirectX Graphics Kernel File Denial of Service Vulnerability

7.8CVSS8.3AI score0.01816EPSS
CVE
CVEadded 2024/07/09 5:15 p.m.78 views

CVE-2024-37971

Secure Boot Security Feature Bypass Vulnerability

8CVSS8.4AI score0.0164EPSS
CVE
CVEadded 2024/07/09 5:15 p.m.78 views

CVE-2024-37972

Secure Boot Security Feature Bypass Vulnerability

8CVSS8.4AI score0.0164EPSS
CVE
CVEadded 2024/10/08 6:15 p.m.78 views

CVE-2024-37983

Windows Resume Extensible Firmware Interface Security Feature Bypass Vulnerability

6.7CVSS7.3AI score0.00286EPSS
CVE
CVEadded 2024/09/10 5:15 p.m.78 views

CVE-2024-38046

PowerShell Elevation of Privilege Vulnerability

7.8CVSS8.6AI score0.00634EPSS
CVE
CVEadded 2024/07/09 5:15 p.m.78 views

CVE-2024-38052

Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability

7.8CVSS8.6AI score0.01394EPSS
CVE
CVEadded 2024/07/09 5:15 p.m.78 views

CVE-2024-38070

Windows LockDown Policy (WLDP) Security Feature Bypass Vulnerability

7.8CVSS8.3AI score0.00304EPSS
CVE
CVEadded 2024/07/09 5:15 p.m.78 views

CVE-2024-38091

Microsoft WS-Discovery Denial of Service Vulnerability

7.5CVSS8.4AI score0.2017EPSS
CVE
CVEadded 2024/09/10 5:15 p.m.78 views

CVE-2024-38237

Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability

7.8CVSS8.6AI score0.01056EPSS
CVE
CVEadded 2024/09/10 5:15 p.m.78 views

CVE-2024-43487

Windows Mark of the Web Security Feature Bypass Vulnerability

6.5CVSS7.8AI score0.05343EPSS
CVE
CVEadded 2024/10/08 6:15 p.m.78 views

CVE-2024-43501

Windows Common Log File System Driver Elevation of Privilege Vulnerability

7.8CVSS8.1AI score0.00709EPSS
CVE
CVEadded 2024/10/08 6:15 p.m.78 views

CVE-2024-43575

Windows Hyper-V Denial of Service Vulnerability

7.5CVSS8.2AI score0.16787EPSS
CVE
CVEadded 2024/12/12 2:4 a.m.78 views

CVE-2024-49119

Windows Remote Desktop Services Remote Code Execution Vulnerability

8.1CVSS8.2AI score0.002EPSS
Total number of security vulnerabilities4166