Windows Server 2016@* Security Vulnerabilities and Issues — Page 53 of Windows Server 2016@* CVE List

The kernel-mode drivers in Microsoft Windows 10 1607 and Windows Server 2016 allow local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability." This vulnerability is different from those described in CVE-2017-0026, CVE-2017-0056, CVE-2017-0078, CVE-20...

7.8CVSS6AI score0.06734EPSS

CVE•added 2017/03/17 12:59 a.m.•74 views

CVE-2017-0095

Hyper-V in Microsoft Windows 10 Gold, 1511, and 1607 and Windows Server 2016 does not properly validate vSMB packet data, which allows attackers to execute arbitrary code on a target OS, aka "Hyper-V vSMB Remote Code Execution Vulnerability." This vulnerability is different from that described in C...

7.9CVSS7.7AI score0.01164EPSS

CVE•added 2017/04/12 2:59 p.m.•74 views

CVE-2017-0191

A denial of service vulnerability exists in the way that Windows 7, Windows 8.1, Windows 10, Windows Server 2008 R2, Windows Server 2012, Windows Server 2012 R2, and Windows Server 2016 handles objects in memory. An attacker who successfully exploited the vulnerability could cause a target system t...

5.8CVSS6.1AI score0.01574EPSS

CVE•added 2017/06/15 1:29 a.m.•74 views

CVE-2017-0292

Windows PDF in Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows remote code execution if a user opens a specially crafted PDF file, aka "Windows PDF Remote Code Execution Vulnerability". This CVE ID is unique from CVE-20...

9.3CVSS6.4AI score0.28742EPSS

CVE•added 2017/06/15 1:29 a.m.•74 views

CVE-2017-0298

A DCOM object in Helppane.exe in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016, when configured to run as the interactive user, allows an authenticated attacker to...

7.3CVSS5.8AI score0.00872EPSS

CVE•added 2017/09/13 1:29 a.m.•74 views

CVE-2017-8688

Windows GDI+ on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, allows information disclosure by the way it discloses kernel memory addresses, aka "Windows GDI+...

5.5CVSS6.1AI score0.26895EPSS

CVE•added 2019/11/12 7:15 p.m.•74 views

CVE-2019-1415

An elevation of privilege vulnerability exists in Windows Installer because of the way Windows Installer handles certain filesystem operations.To exploit the vulnerability, an attacker would require unprivileged execution on the victim system, aka 'Windows Installer Elevation of Privilege Vulnerabi...

7.8CVSS8.5AI score0.0038EPSS

CVE•added 2019/11/12 7:15 p.m.•74 views

CVE-2019-1420

An elevation of privilege vulnerability exists in the way that the dssvc.dll handles file creation allowing for a file overwrite or creation in a secured location, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1422, CVE-2019-1423.

7.8CVSS8.5AI score0.10472EPSS

CVE•added 2020/02/11 10:15 p.m.•74 views

CVE-2020-0752

An elevation of privilege vulnerability exists in the way that the Windows Search Indexer handles objects in memory, aka 'Windows Search Indexer Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0666, CVE-2020-0667, CVE-2020-0735.

7.8CVSS8.1AI score0.00511EPSS

CVE•added 2020/03/12 4:15 p.m.•74 views

CVE-2020-0779

An elevation of privilege vulnerability exists in the Windows Installer when MSI packages process symbolic links, aka 'Windows Installer Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0798, CVE-2020-0814, CVE-2020-0842, CVE-2020-0843.

5.5CVSS6.4AI score0.00646EPSS

CVE•added 2020/03/12 4:15 p.m.•74 views

CVE-2020-0780

An elevation of privilege vulnerability exists in the way that the Windows Network List Service handles objects in memory, aka 'Windows Network List Service Elevation of Privilege Vulnerability'.

7.8CVSS8.5AI score0.00502EPSS

CVE•added 2020/03/12 4:15 p.m.•74 views

CVE-2020-0867

An elevation of privilege vulnerability exists when the Windows Update Orchestrator Service improperly handles file operations, aka 'Windows Update Orchestrator Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0868.

7.8CVSS8.5AI score0.0037EPSS

CVE•added 2020/05/21 11:15 p.m.•74 views

CVE-2020-1021

An elevation of privilege vulnerability exists in Windows Error Reporting (WER) when WER handles and executes files, aka 'Windows Error Reporting Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1082, CVE-2020-1088.

7.8CVSS8.5AI score0.00285EPSS

CVE•added 2020/05/21 11:15 p.m.•74 views

CVE-2020-1068

An elevation of privilege vulnerability exists in Windows Media Service that allows file creation in arbitrary locations.To exploit the vulnerability, an attacker would first have to log on to the system, aka 'Microsoft Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2...

7.8CVSS8.5AI score0.00397EPSS

CVE•added 2020/05/21 11:15 p.m.•74 views

CVE-2020-1079

An elevation of privilege vulnerability exists when the Windows fails to properly handle objects in memory, aka 'Microsoft Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1010, CVE-2020-1068.

7.8CVSS8.4AI score0.00397EPSS

CVE•added 2020/05/21 11:15 p.m.•74 views

CVE-2020-1131

An elevation of privilege vulnerability exists when the Windows State Repository Service improperly handles objects in memory, aka 'Windows State Repository Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1124, CVE-2020-1134, CVE-2020-1144, CVE-2020-1184, CVE-2020...

7.8CVSS7.7AI score0.00278EPSS

CVE•added 2023/07/11 6:15 p.m.•74 views

CVE-2023-35346

Windows DNS Server Remote Code Execution Vulnerability

6.6CVSS8.1AI score0.00226EPSS

CVE•added 2024/09/10 5:15 p.m.•74 views

CVE-2024-38238

Kernel Streaming Service Driver Elevation of Privilege Vulnerability

7.8CVSS8.6AI score0.00588EPSS

CVE•added 2024/09/10 5:15 p.m.•74 views

CVE-2024-38247

Windows Graphics Component Elevation of Privilege Vulnerability

7.8CVSS8.6AI score0.00588EPSS

CVE•added 2024/09/10 5:15 p.m.•74 views

CVE-2024-38249

Windows Graphics Component Elevation of Privilege Vulnerability

7.8CVSS8.6AI score0.01311EPSS

CVE•added 2024/10/08 6:15 p.m.•74 views

CVE-2024-43564

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

8.8CVSS9.1AI score0.05181EPSS

CVE•added 2024/12/12 2:4 a.m.•74 views

CVE-2024-49108

Windows Remote Desktop Services Remote Code Execution Vulnerability

8.1CVSS8.3AI score0.0033EPSS

CVE•added 2025/01/14 6:15 p.m.•74 views

CVE-2025-21217

Windows NTLM Spoofing Vulnerability

6.5CVSS6.5AI score0.00194EPSS

CVE•added 2025/01/14 6:15 p.m.•74 views

CVE-2025-21227

Windows Digital Media Elevation of Privilege Vulnerability

6.6CVSS6.5AI score0.00151EPSS

CVE•added 2025/01/14 6:15 p.m.•74 views

CVE-2025-21239

Windows Telephony Service Remote Code Execution Vulnerability

8.8CVSS9AI score0.0052EPSS

CVE•added 2025/01/14 6:15 p.m.•74 views

CVE-2025-21240

Windows Telephony Service Remote Code Execution Vulnerability

8.8CVSS9AI score0.00706EPSS

CVE•added 2025/01/14 6:15 p.m.•74 views

CVE-2025-21243

Windows Telephony Service Remote Code Execution Vulnerability

8.8CVSS9AI score0.0076EPSS

CVE•added 2025/01/14 6:15 p.m.•74 views

CVE-2025-21256

Windows Digital Media Elevation of Privilege Vulnerability

6.6CVSS6.5AI score0.00151EPSS

CVE•added 2025/01/14 6:15 p.m.•74 views

CVE-2025-21266

Windows Telephony Service Remote Code Execution Vulnerability

8.8CVSS9AI score0.00706EPSS

CVE•added 2025/01/14 6:15 p.m.•74 views

CVE-2025-21269

Windows HTML Platforms Security Feature Bypass Vulnerability

4.3CVSS4.6AI score0.00128EPSS

CVE•added 2025/01/14 6:15 p.m.•74 views

CVE-2025-21299

Windows Kerberos Security Feature Bypass Vulnerability

7.8CVSS6.9AI score0.00272EPSS

CVE•added 2025/01/14 6:15 p.m.•74 views

CVE-2025-21305

Windows Telephony Service Remote Code Execution Vulnerability

8.8CVSS9AI score0.0052EPSS

CVE•added 2025/01/14 6:15 p.m.•74 views

CVE-2025-21314

Windows SmartScreen Spoofing Vulnerability

6.5CVSS6.5AI score0.00103EPSS

CVE•added 2025/03/11 5:16 p.m.•74 views

CVE-2025-24048

Heap-based buffer overflow in Role: Windows Hyper-V allows an authorized attacker to elevate privileges locally.

7.8CVSS7.9AI score0.00106EPSS

CVE•added 2025/06/10 5:21 p.m.•74 views

CVE-2025-24069

Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.

5.5CVSS5.2AI score0.00056EPSS

CVE•added 2025/03/11 5:16 p.m.•74 views

CVE-2025-24995

Heap-based buffer overflow in Kernel Streaming WOW Thunk Service Driver allows an authorized attacker to elevate privileges locally.

7.8CVSS7.8AI score0.00121EPSS

CVE•added 2025/04/08 6:15 p.m.•74 views

CVE-2025-26641

Uncontrolled resource consumption in Windows Cryptographic Services allows an unauthorized attacker to deny service over a network.

7.5CVSS7AI score0.1074EPSS

CVE•added 2016/11/10 6:59 a.m.•73 views

CVE-2016-7221

Input Method Editor (IME) in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 mishandles DLL loading, which allows local users to gain privileges via...

7.8CVSS7.6AI score0.01519EPSS

CVE•added 2017/04/12 2:59 p.m.•73 views

CVE-2017-0156

An elevation of privilege vulnerability exists in Windows 7, Windows 8.1, Windows RT 8.1, Windows 10, Windows Server 2008 R2, Windows Server 2012, Windows Server 2012 R2, and Windows Server 2016 when the Microsoft Graphics Component fails to properly handle objects in memory, aka "Windows Graphics ...

7CVSS7.2AI score0.01085EPSS

CVE•added 2017/10/13 1:29 p.m.•73 views

CVE-2017-11782

The Microsoft Server Block Message (SMB) on Microsoft Windows 10 1607 and Windows Server 2016, allows an elevation of privilege vulnerability when an attacker sends specially crafted requests to the server, aka "Windows SMB Elevation of Privilege Vulnerability".

7.8CVSS8.5AI score0.00724EPSS

CVE•added 2017/06/15 1:29 a.m.•73 views

CVE-2017-8474

The kernel in Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an authenticated attacker to obtain information via a specially crafted application. aka "Windows Kernel...

5CVSS4.8AI score0.14765EPSS

CVE•added 2017/06/15 1:29 a.m.•73 views

CVE-2017-8544

Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to obtain information to further compromise the user's system when Windows Search fails to handle...

5.5CVSS5.3AI score0.0347EPSS

CVE•added 2017/07/11 9:29 p.m.•73 views

CVE-2017-8573

Graphics in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an elevation of privilege vulnerability when it fails to properly handle objects in memory, ak...

7CVSS6.9AI score0.00972EPSS

CVE•added 2017/09/13 1:29 a.m.•73 views

CVE-2017-8699

Windows Shell in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to run arbitrary code in the context of the current user, due to the way that Windows S...

7.6CVSS7.5AI score0.30581EPSS

Total number of security vulnerabilities2999