Windows Server 2016 Security Vulnerabilities and Issues — Page 80 of Windows Server 2016 CVE List

Lucene search

MicrosoftWindows Server 2016

4166 matches found

CVE•added 2020/05/21 11:15 p.m.•67 views

CVE-2020-1084

A Denial Of Service vulnerability exists when Connected User Experiences and Telemetry Service fails to validate certain function values.An attacker who successfully exploited this vulnerability could deny dependent security feature functionality.To exploit this vulnerability, an attacker would hav...

5.5CVSS6.9AI score0.00266EPSS

CVE•added 2020/05/21 11:15 p.m.•67 views

CVE-2020-1142

An elevation of privilege vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory, aka 'Windows GDI Elevation of Privilege Vulnerability'.

7.8CVSS8.5AI score0.00274EPSS

CVE•added 2020/07/14 11:15 p.m.•67 views

CVE-2020-1391

An information disclosure vulnerability exists when the Windows Agent Activation Runtime (AarSvc) fails to properly handle objects in memory, aka 'Windows Agent Activation Runtime Information Disclosure Vulnerability'.

5.5CVSS6.5AI score0.0095EPSS

CVE•added 2023/12/12 6:15 p.m.•67 views

CVE-2023-36012

DHCP Server Service Information Disclosure Vulnerability

5.3CVSS6.5AI score0.00491EPSS

CVE•added 2024/12/12 2:4 a.m.•67 views

CVE-2024-49091

Windows Domain Name Service Remote Code Execution Vulnerability

7.2CVSS7.2AI score0.01005EPSS

CVE•added 2025/05/13 5:15 p.m.•67 views

CVE-2025-29837

Improper link resolution before file access ('link following') in Windows Installer allows an authorized attacker to disclose information locally.

5.5CVSS6.7AI score0.00074EPSS

CVE•added 2017/04/12 2:59 p.m.•66 views

CVE-2017-0159

A security feature bypass vulnerability exists in Windows 10 1607, Windows Server 2012 R2, and Windows 2016 when ADFS incorrectly treats requests coming from Extranet clients as Intranet requests, aka "ADFS Security Feature Bypass Vulnerability."

4.3CVSS5.7AI score0.04918EPSS

CVE•added 2017/06/15 1:29 a.m.•66 views

CVE-2017-8473

Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and Windows Server 2016 allow an authenticated attacker to run a specially crafted application when the Windows kernel improperly initializes objects in memory, aka "Win32k Informat...

5CVSS4.7AI score0.15731EPSS

CVE•added 2017/08/08 9:29 p.m.•66 views

CVE-2017-8593

Microsoft Win32k in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an elevation of privilege vulnerability when it fails to properly handle objects in memory, aka ...

7CVSS7.5AI score0.00972EPSS

CVE•added 2020/05/21 11:15 p.m.•66 views

CVE-2020-1086

An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka 'Windows Runtime Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1077, CVE-2020-1090, CVE-2020-1125, CVE-2020-1139, CVE-2020-1149, CVE-2020-1151, CVE-2020-115...

7.8CVSS7.7AI score0.12134EPSS

CVE•added 2020/05/21 11:15 p.m.•66 views

CVE-2020-1157

An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka 'Windows Runtime Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1077, CVE-2020-1086, CVE-2020-1090, CVE-2020-1125, CVE-2020-1139, CVE-2020-1149, CVE-2020-115...

7.8CVSS7.7AI score0.12134EPSS

CVE•added 2020/05/21 11:15 p.m.•66 views

CVE-2020-1186

An elevation of privilege vulnerability exists when the Windows State Repository Service improperly handles objects in memory, aka 'Windows State Repository Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1124, CVE-2020-1131, CVE-2020-1134, CVE-2020-1144, CVE-2020...

7.8CVSS7.7AI score0.00278EPSS

CVE•added 2023/12/12 6:15 p.m.•66 views

CVE-2023-36005

Windows Telephony Server Elevation of Privilege Vulnerability

8.1CVSS8AI score0.08837EPSS

CVE•added 2024/09/10 5:15 p.m.•66 views

CVE-2024-38234

Windows Networking Denial of Service Vulnerability

6.5CVSS7.8AI score0.0048EPSS

CVE•added 2024/09/10 5:15 p.m.•66 views

CVE-2024-38252

Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability

7.8CVSS8.6AI score0.00514EPSS

CVE•added 2025/01/14 6:15 p.m.•66 views

CVE-2025-21272

Windows COM Server Information Disclosure Vulnerability

6.5CVSS6.3AI score0.0009EPSS

CVE•added 2025/06/10 5:22 p.m.•66 views

CVE-2025-33067

Improper privilege management in Windows Kernel allows an unauthorized attacker to elevate privileges locally.

8.4CVSS8.3AI score0.00062EPSS

CVE•added 2017/06/15 1:29 a.m.•65 views

CVE-2017-0291

Windows PDF in Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows remote code execution if a user opens a specially crafted PDF file, aka "Windows PDF Remote Code Execution Vulnerability". This CVE ID is unique from CVE-20...

9.3CVSS6.3AI score0.28742EPSS

CVE•added 2017/08/08 9:29 p.m.•65 views

CVE-2017-0293

Microsoft Windows PDF Library in Windows Server 2008 R2 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows a remote code execution vulnerability when it improperly handles objects in memory, aka "Windows PDF Remote Co...

7.6CVSS8.2AI score0.2824EPSS

CVE•added 2017/10/13 1:29 p.m.•65 views

CVE-2017-11814

The Microsoft Windows Kernel component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, allows an information disclosure vulnerability when it improperly hand...

5.5CVSS6.7AI score0.08EPSS

CVE•added 2017/07/11 9:29 p.m.•65 views

CVE-2017-8578

Win32k in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an elevation of privilege vulnerability when it fails to properly handle objects in memory, aka ...

9.3CVSS6.9AI score0.12071EPSS

CVE•added 2019/11/12 7:15 p.m.•65 views

CVE-2019-1416

An elevation of privilege vulnerability exists due to a race condition in Windows Subsystem for Linux, aka 'Windows Subsystem for Linux Elevation of Privilege Vulnerability'.

7CVSS7.9AI score0.00218EPSS

CVE•added 2020/02/11 10:15 p.m.•65 views

CVE-2020-0743

An elevation of privilege vulnerability exists in the way that the Connected Devices Platform Service handles objects in memory, aka 'Connected Devices Platform Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0740, CVE-2020-0741, CVE-2020-0742, CVE-2020-0749, CVE-...

7.8CVSS7.7AI score0.00502EPSS

CVE•added 2020/05/21 11:15 p.m.•65 views

CVE-2020-1189

7.8CVSS7.7AI score0.00278EPSS

CVE•added 2020/05/21 11:15 p.m.•65 views

CVE-2020-1190

7.8CVSS7.7AI score0.00278EPSS

CVE•added 2021/03/11 4:15 p.m.•65 views

CVE-2021-26861

Windows Graphics Component Remote Code Execution Vulnerability

7.8CVSS8.8AI score0.04005EPSS

CVE•added 2025/01/14 6:15 p.m.•65 views

CVE-2025-21220

Microsoft Message Queuing Information Disclosure Vulnerability

7.5CVSS7.3AI score0.00599EPSS

CVE•added 2025/01/14 6:15 p.m.•65 views

CVE-2025-21249

Windows Digital Media Elevation of Privilege Vulnerability

6.6CVSS6.5AI score0.00133EPSS

CVE•added 2025/01/14 6:16 p.m.•65 views

CVE-2025-21411

Windows Telephony Service Remote Code Execution Vulnerability

8.8CVSS9AI score0.02401EPSS

CVE•added 2017/06/15 1:29 a.m.•64 views

CVE-2017-0218

Microsoft Windows 10 Gold, Windows 10 1511, Windows 10 1607, and Windows Server 2016 allow an attacker to exploit a security feature bypass vulnerability in Device Guard that could allow the attacker to inject malicious code into a Windows PowerShell session, aka "Device Guard Code Integrity Policy...

5.3CVSS5.3AI score0.5143EPSS

CVE•added 2017/06/15 1:29 a.m.•64 views

CVE-2017-0295

Microsoft Windows 10 1607 and 1703, and Windows Server 2016 allow an authenticated attacker to modify the C:\Users\DEFAULT folder structure, aka "Windows Default Folder Tampering Vulnerability".

5.5CVSS5.4AI score0.00529EPSS

CVE•added 2017/06/15 1:29 a.m.•64 views

CVE-2017-8553

An information disclosure vulnerability exists in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows Server 2016 when the Windows kernel improperly handles objects in memory, aka "GDI Information Disclosure Vulnerability".

4.7CVSS4.5AI score0.02644EPSS

CVE•added 2017/07/11 9:29 p.m.•64 views

CVE-2017-8556

Graphics in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an elevation of privilege vulnerability when it fails to properly handle objects in memory, ak...

7CVSS6.9AI score0.00972EPSS

CVE•added 2020/03/12 4:15 p.m.•64 views

CVE-2020-0876

An information disclosure vulnerability exists when the win32k component improperly provides kernel information, aka 'Win32k Information Disclosure Vulnerability'.

7.5CVSS7.7AI score0.15157EPSS

CVE•added 2020/05/21 11:15 p.m.•64 views

CVE-2020-1179

An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-0963, CVE-2020-1141, CVE-2020-1145.

6.5CVSS6.5AI score0.2819EPSS

CVE•added 2025/03/11 5:16 p.m.•64 views

CVE-2025-26634

Heap-based buffer overflow in Windows Core Messaging allows an authorized attacker to elevate privileges over a network.

7.5CVSS7.7AI score0.00185EPSS

CVE•added 2025/06/10 5:22 p.m.•64 views

CVE-2025-32722

Improper access control in Windows Storage Port Driver allows an authorized attacker to disclose information locally.

5.5CVSS5.3AI score0.00045EPSS

CVE•added 2017/06/15 1:29 a.m.•63 views

CVE-2017-8460

Windows PDF in Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows information disclosure when a user opens a specially crafted PDF file, aka "Windows PDF Information Disclosure Vulnerability".

7.3CVSS5AI score0.01927EPSS

CVE•added 2017/06/15 1:29 a.m.•63 views

CVE-2017-8466

Windows Cursor in Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and Windows Server 2016 allows improper elevation of privilege, aka "Windows Cursor Elevation of Privilege Vulnerability".

7.8CVSS5.7AI score0.00692EPSS

CVE•added 2017/09/13 1:29 a.m.•63 views

CVE-2017-8711

The Windows Hyper-V component on Microsoft Windows 10 1607 and Windows Server 2016 allows an information disclosure vulnerability when it fails to properly validate input from an authenticated user on a guest operating system, aka "Hyper-V Information Disclosure Vulnerability". This CVE ID is uniqu...

5.3CVSS4.9AI score0.03199EPSS

CVE•added 2020/03/12 4:15 p.m.•63 views

CVE-2020-0786

A denial of service vulnerability exists when the Windows Tile Object Service improperly handles hard links, aka 'Windows Tile Object Service Denial of Service Vulnerability'.

7.1CVSS7.8AI score0.00406EPSS

CVE•added 2020/03/12 4:15 p.m.•63 views

CVE-2020-0854

An elevation of privilege vulnerability exists when Windows Mobile Device Management (MDM) Diagnostics improperly handles junctions, aka 'Windows Mobile Device Management Diagnostics Elevation of Privilege Vulnerability'.

7.1CVSS8.1AI score0.00371EPSS

CVE•added 2020/05/21 11:15 p.m.•63 views

CVE-2020-1090

An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka 'Windows Runtime Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1077, CVE-2020-1086, CVE-2020-1125, CVE-2020-1139, CVE-2020-1149, CVE-2020-1151, CVE-2020-115...

7.8CVSS7.7AI score0.12134EPSS

CVE•added 2020/05/21 11:15 p.m.•63 views

CVE-2020-1134

7.8CVSS7.7AI score0.00278EPSS

CVE•added 2020/05/21 11:15 p.m.•63 views

CVE-2020-1166

An elevation of privilege vulnerability exists when Windows improperly handles calls to Clipboard Service, aka 'Windows Clipboard Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1111, CVE-2020-1121, CVE-2020-1165.

7.8CVSS7.6AI score0.00274EPSS

CVE•added 2024/10/08 6:15 p.m.•63 views

CVE-2024-43593

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

8.8CVSS9.1AI score0.1027EPSS

CVE•added 2025/01/14 6:15 p.m.•63 views

CVE-2025-21218

Windows Kerberos Denial of Service Vulnerability

7.5CVSS7.5AI score0.01023EPSS

CVE•added 2025/01/14 6:15 p.m.•63 views

CVE-2025-21301

Windows Geolocation Service Information Disclosure Vulnerability