Windows Server 2016@- Security Vulnerabilities and Issues — Page 49 of Windows Server 2016@- CVE List

7.8CVSS8.5AI score0.003EPSS

CVE-2020-1357

An elevation of privilege vulnerability exists when the Windows System Events Broker improperly handles file operations, aka 'Windows System Events Broker Elevation of Privilege Vulnerability'.

7.8CVSS8.5AI score0.00505EPSS

CVE-2020-1406

An elevation of privilege vulnerability exists in the way that the Windows Network List Service handles objects in memory, aka 'Windows Network List Service Elevation of Privilege Vulnerability'.

5.5CVSS5.9AI score0.00842EPSS

CVE-2020-1419

An information disclosure vulnerability exists when the Windows kernel fails to properly initialize a memory address, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-1367, CVE-2020-1389, CVE-2020-1426.

5.5CVSS6.7AI score0.00641EPSS

CVE-2020-1420

An information disclosure vulnerability exists when Windows Error Reporting improperly handles file operations.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows Error Reporting Information Disclosure Vulnerability'.

7.8CVSS8.1AI score0.00513EPSS

CVE-2020-1427

An elevation of privilege vulnerability exists in the way that the Windows Network Connections Service handles objects in memory, aka 'Windows Network Connections Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1373, CVE-2020-1390, CVE-2020-1428, CVE-2020-1438.

7.8CVSS8.4AI score0.00505EPSS

CVE-2020-1429

An elevation of privilege vulnerability exists when Windows Error Reporting manager improperly handles a process crash, aka 'Windows Error Reporting Manager Elevation of Privilege Vulnerability'.

CVE•added 2021/12/15 3:15 p.m.•81 views

CVE-2021-43236

Microsoft Message Queuing Information Disclosure Vulnerability

7.5CVSS8.2AI score0.07871EPSS

CVE•added 2023/05/31 7:15 p.m.•81 views

CVE-2022-35747

Windows Point-to-Point Protocol (PPP) Denial of Service Vulnerability

5.9CVSS7.3AI score0.00794EPSS

CVE•added 2023/05/31 7:15 p.m.•81 views

CVE-2022-35759

Windows Local Security Authority (LSA) Denial of Service Vulnerability

6.5CVSS7.8AI score0.03945EPSS

CVE•added 2023/07/11 6:15 p.m.•81 views

CVE-2023-33173

Remote Procedure Call Runtime Denial of Service Vulnerability

7.5CVSS7.8AI score0.03672EPSS

CVE•added 2016/12/20 6:59 a.m.•80 views

CVE-2016-7292

The Installer in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 mishandles library loading, which allows local users to gain privileges via a craft...

7.8CVSS7.5AI score0.00849EPSS

CVE•added 2017/03/17 12:59 a.m.•80 views

CVE-2017-0102

Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2; Windows 7 SP1; Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 let attackers with access to targets systems gain privileges when Windows fails to properly validate buf...

7.8CVSS6.3AI score0.00687EPSS

5CVSS5.1AI score0.24455EPSS

CVE-2017-0287

Graphics in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows improper disclosure of memory contents, aka "Graphics Uniscribe Information Disclosure Vulnerability". This ...

CVE•added 2017/10/13 1:29 p.m.•80 views

CVE-2017-11816

The Microsoft Windows Graphics Device Interface (GDI) on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an information disclosure vulnerability in the wa...

5.5CVSS6.6AI score0.00619EPSS

CVE•added 2017/11/15 3:29 a.m.•80 views

CVE-2017-11831

Windows kernel in Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016, and Windows Server, version 1709 allows an attacker to log on to an affected system, and run a specially crafted app...

4.7CVSS5.2AI score0.01334EPSS

5CVSS4.8AI score0.15731EPSS

CVE-2017-8479

The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an authenticated attacker to obtain information via a specially crafted application. aka "Window...

5CVSS4.8AI score0.15731EPSS

CVE-2017-8481

5CVSS4.8AI score0.15731EPSS

CVE-2017-8490

CVE•added 2018/02/15 2:29 a.m.•80 views

CVE-2018-0828

Windows 10 version 1607 and Windows Server 2016 allow an elevation of privilege vulnerability due to how the MultiPoint management account password is stored, aka "Windows Elevation of Privilege Vulnerability".

7.8CVSS7AI score0.00814EPSS

CVE•added 2020/02/11 10:15 p.m.•80 views

CVE-2020-0659

An elevation of privilege vulnerability exists when the Windows Data Sharing Service improperly handles file operations, aka 'Windows Data Sharing Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0747.

7.8CVSS8.1AI score0.00502EPSS

CVE•added 2020/02/11 10:15 p.m.•80 views

CVE-2020-0742

An elevation of privilege vulnerability exists in the way that the Connected Devices Platform Service handles objects in memory, aka 'Connected Devices Platform Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0740, CVE-2020-0741, CVE-2020-0743, CVE-2020-0749, CVE-...

7.8CVSS7.7AI score0.00502EPSS

CVE•added 2020/02/11 10:15 p.m.•80 views

CVE-2020-0745

An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handles objects in memory, aka 'Windows Graphics Component Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0715, CVE-2020-0792.

7.8CVSS8.1AI score0.00549EPSS

CVE•added 2020/03/12 4:15 p.m.•80 views

CVE-2020-0783

An elevation of privilege vulnerability exists when the Windows Universal Plug and Play (UPnP) service improperly handles objects in memory, aka 'Windows UPnP Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0781.

7.8CVSS8.5AI score0.00538EPSS

CVE•added 2020/04/15 3:15 p.m.•80 views

CVE-2020-0821

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-1007.

5.5CVSS6.1AI score0.00409EPSS

CVE•added 2020/09/11 5:15 p.m.•80 views

CVE-2020-0875

An information disclosure vulnerability exists in how splwow64.exe handles certain calls. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system (low-integrity to medium-integrity).This vulnerability by itself does not allow arbitr...

5.5CVSS7.4AI score0.22378EPSS

CVE•added 2020/04/15 3:15 p.m.•80 views

CVE-2020-0950

9.3CVSS8.7AI score0.2125EPSS

CVE•added 2020/05/21 11:15 p.m.•80 views

CVE-2020-1010

An elevation of privilege vulnerability exists in Windows Block Level Backup Engine Service (wbengine) that allows file deletion in arbitrary locations.To exploit the vulnerability, an attacker would first have to log on to the system, aka 'Microsoft Windows Elevation of Privilege Vulnerability'. T...

7.8CVSS8.5AI score0.00397EPSS

CVE•added 2020/05/21 11:15 p.m.•80 views

CVE-2020-1154

An elevation of privilege vulnerability exists when the Windows Common Log File System (CLFS) driver improperly handles objects in memory, aka 'Windows Common Log File System Driver Elevation of Privilege Vulnerability'.

7.8CVSS8.5AI score0.00274EPSS

CVE•added 2020/05/21 11:15 p.m.•80 views

CVE-2020-1191

An elevation of privilege vulnerability exists when the Windows State Repository Service improperly handles objects in memory, aka 'Windows State Repository Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1124, CVE-2020-1131, CVE-2020-1134, CVE-2020-1144, CVE-2020...

7.8CVSS7.7AI score0.00278EPSS

CVE•added 2020/09/11 5:15 p.m.•80 views

CVE-2020-1250

An information disclosure vulnerability exists when the win32k component improperly provides kernel information. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system.To exploit this vulnerability, an attacker would have to log on ...

5.5CVSS6.3AI score0.0112EPSS

CVE•added 2020/06/09 8:15 p.m.•80 views

CVE-2020-1279

An elevation of privilege vulnerability exists when Windows Lockscreen fails to properly load spotlight images from a secure location, aka 'Windows Lockscreen Elevation of Privilege Vulnerability'.

7.8CVSS8AI score0.0037EPSS

7.8CVSS8.6AI score0.00827EPSS

CVE-2020-1354

An elevation of privilege vulnerability exists when the Windows UPnP Device Host improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows UPnP Device Host Elevation of Privilege Vulnerability'. This CVE ID is unique f...

7.8CVSS8.5AI score0.00278EPSS

CVE-2020-1356

An elevation of privilege vulnerability exists when the Windows iSCSI Target Service improperly handles file operations, aka 'Windows iSCSI Target Service Elevation of Privilege Vulnerability'.

7.5CVSS8.7AI score0.09496EPSS

CVE-2020-1374

A remote code execution vulnerability exists in the Windows Remote Desktop Client when a user connects to a malicious server, aka 'Remote Desktop Client Remote Code Execution Vulnerability'.