Windows Server 2016@- Security Vulnerabilities and Issues — Page 51 of Windows Server 2016@- CVE List

7.5CVSS7.6AI score0.07585EPSS

CVE-2020-0660

A denial of service vulnerability exists in Remote Desktop Protocol (RDP) when an attacker connects to the target system using RDP and sends specially crafted requests, aka 'Windows Remote Desktop Protocol (RDP) Denial of Service Vulnerability'.

7.8CVSS7.7AI score0.00549EPSS

CVE-2020-0722

An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0691, CVE-2020-0719, CVE-2020-0720, CVE-2020-0721, CVE-2020-0723, CVE-2020-0724, CVE...

7.8CVSS8.1AI score0.00502EPSS

CVE-2020-0747

An elevation of privilege vulnerability exists when the Windows Data Sharing Service improperly handles file operations, aka 'Windows Data Sharing Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0659.

7.8CVSS7.7AI score0.00502EPSS

CVE-2020-0749

An elevation of privilege vulnerability exists in the way that the Connected Devices Platform Service handles objects in memory, aka 'Connected Devices Platform Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0740, CVE-2020-0741, CVE-2020-0742, CVE-2020-0743, CVE-...

5.5CVSS5.2AI score0.00996EPSS

CVE-2020-0756

An information disclosure vulnerability exists in the Cryptography Next Generation (CNG) service when it fails to properly handle objects in memory.To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application.The security update addre...

CVE•added 2020/03/12 4:15 p.m.•76 views

CVE-2020-0774

An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-0874, CVE-2020-0879, CVE-2020-0880, CVE-2020-0882.

6.5CVSS6.2AI score0.29411EPSS

CVE•added 2020/03/12 4:15 p.m.•76 views

CVE-2020-0864

An elevation of privilege vulnerability exists when the Windows Work Folder Service improperly handles file operations, aka 'Windows Work Folder Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0777, CVE-2020-0797, CVE-2020-0800, CVE-2020-0865, CVE-2020-0866, CVE-2...

7.8CVSS7.6AI score0.00538EPSS

CVE•added 2020/03/12 4:15 p.m.•76 views

CVE-2020-0898

An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handles objects in memory, aka 'Windows Graphics Component Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0791.

7.8CVSS8.1AI score0.00526EPSS

CVE•added 2020/09/11 5:15 p.m.•76 views

CVE-2020-1228

A denial of service vulnerability exists in Windows DNS when it fails to properly handle queries. An attacker who successfully exploited this vulnerability could cause the DNS service to become nonresponsive.To exploit the vulnerability, an authenticated attacker could send malicious DNS queries to...

7.5CVSS7.6AI score0.1594EPSS

CVE•added 2020/07/14 11:15 p.m.•76 views

CVE-2020-1396

An elevation of privilege vulnerability exists when Windows improperly handles calls to Advanced Local Procedure Call (ALPC).An attacker who successfully exploited this vulnerability could run arbitrary code in the security context of the local system, aka 'Windows ALPC Elevation of Privilege Vulne...

7.8CVSS8.4AI score0.00513EPSS

CVE•added 2020/07/14 11:15 p.m.•76 views

CVE-2020-1402

An elevation of privilege vulnerability exists when the Windows ActiveX Installer Service improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows ActiveX Installer Service Elevation of Privilege Vulnerability'.

7.8CVSS8.6AI score0.00319EPSS

CVE•added 2020/07/14 11:15 p.m.•76 views

CVE-2020-1413

An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka 'Windows Runtime Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1249, CVE-2020-1353, CVE-2020-1370, CVE-2020-1399, CVE-2020-1404, CVE-2020-1414, CVE-2020-141...

7.8CVSS7.7AI score0.00513EPSS

CVE•added 2020/11/11 7:15 a.m.•76 views

CVE-2020-17026

Windows Remote Access Elevation of Privilege Vulnerability

7.8CVSS7.7AI score0.00514EPSS

CVE•added 2021/03/11 4:15 p.m.•76 views

CVE-2021-26878

Windows Print Spooler Elevation of Privilege Vulnerability

7.8CVSS8.6AI score0.00378EPSS

CVE•added 2023/12/12 6:15 p.m.•76 views

CVE-2023-35622

Windows DNS Spoofing Vulnerability

7.5CVSS7.9AI score0.00282EPSS

CVE•added 2023/12/12 6:15 p.m.•76 views

CVE-2023-36011

Win32k Elevation of Privilege Vulnerability

7.8CVSS8.1AI score0.00102EPSS

CVE•added 2016/11/10 6:59 a.m.•75 views

CVE-2016-3333

The Common Log File System (CLFS) driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows local users to gain privileges via a crafted appl...

9.3CVSS7.5AI score0.1385EPSS

CVE•added 2017/06/15 1:29 a.m.•75 views

CVE-2017-0219

Microsoft Windows 10 Gold, Windows 10 1511, Windows 10 1607, and Windows Server 2016 allow an attacker to exploit a security feature bypass vulnerability in Device Guard that could allow the attacker to inject malicious code into a Windows PowerShell session, aka "Device Guard Code Integrity Policy...

5.3CVSS5.3AI score0.5143EPSS

CVE•added 2017/11/15 3:29 a.m.•75 views

CVE-2017-11842

Windows kernel in Windows 8.1 and RT 8.1, Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016, and Windows Server, version 1709 allows an attacker to log in and run a specially crafted application due to the Windows kernel improperly initializing a memory address, a...

4.7CVSS5.2AI score0.06375EPSS

CVE•added 2017/06/15 1:29 a.m.•75 views

CVE-2017-8471

Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an authenticated attacker to run a specially crafted application when the Windows kernel improperly initializ...

5CVSS4.7AI score0.15731EPSS

CVE•added 2019/11/12 7:15 p.m.•75 views

CVE-2019-1374

An information disclosure vulnerability exists in the way Windows Error Reporting (WER) handles objects in memory, aka 'Windows Error Reporting Information Disclosure Vulnerability'.

5.5CVSS6.6AI score0.1377EPSS

CVE•added 2020/02/11 10:15 p.m.•75 views

CVE-2020-0676

5.5CVSS5.2AI score0.00996EPSS

CVE•added 2020/02/11 10:15 p.m.•75 views

CVE-2020-0715

7.8CVSS8.1AI score0.00549EPSS

CVE•added 2020/03/12 4:15 p.m.•75 views

CVE-2020-0880

6.5CVSS6.2AI score0.29411EPSS

CVE•added 2020/03/12 4:15 p.m.•75 views

CVE-2020-0885

An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows Graphics Component Information Disclosure Vulnerability'.

4.3CVSS5.9AI score0.08498EPSS

7.8CVSS8.5AI score0.0038EPSS

CVE-2020-1078

An elevation of privilege vulnerability exists in Windows Installer because of the way Windows Installer handles certain filesystem operations.To exploit the vulnerability, an attacker would require unprivileged execution on the victim system, aka 'Windows Installer Elevation of Privilege Vulnerabi...

7.8CVSS8.5AI score0.00274EPSS

CVE-2020-1132

An elevation of privilege vulnerability exists when Windows Error Reporting manager improperly handles file and folder links, aka 'Windows Error Reporting Manager Elevation of Privilege Vulnerability'.

7.8CVSS7.7AI score0.12134EPSS

CVE-2020-1149

An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka 'Windows Runtime Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1077, CVE-2020-1086, CVE-2020-1090, CVE-2020-1125, CVE-2020-1139, CVE-2020-1151, CVE-2020-115...

7.8CVSS7.7AI score0.00278EPSS

CVE-2020-1184

An elevation of privilege vulnerability exists when the Windows State Repository Service improperly handles objects in memory, aka 'Windows State Repository Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1124, CVE-2020-1131, CVE-2020-1134, CVE-2020-1144, CVE-2020...

CVE•added 2020/07/14 11:15 p.m.•75 views

CVE-2020-1358

An information disclosure vulnerability exists when the Windows Resource Policy component improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows Resource Policy Information Disclosure Vulnerability'.

5.5CVSS6.7AI score0.00937EPSS

CVE•added 2020/07/14 11:15 p.m.•75 views

CVE-2020-1434

An elevation of privilege vulnerability exists in the way that the Windows Sync Host Service handles objects in memory, aka 'Windows Sync Host Service Elevation of Privilege Vulnerability'.

5.3CVSS7AI score0.00239EPSS

CVE•added 2021/12/15 3:15 p.m.•75 views

CVE-2021-43223

Windows Remote Access Connection Manager Elevation of Privilege Vulnerability

7.8CVSS8.6AI score0.00295EPSS

CVE•added 2021/12/15 3:15 p.m.•75 views

CVE-2021-43235

Storage Spaces Controller Information Disclosure Vulnerability

5.5CVSS7AI score0.00413EPSS

CVE•added 2017/06/15 1:29 a.m.•74 views

CVE-2017-8484

5CVSS4.7AI score0.15731EPSS

CVE•added 2017/06/15 1:29 a.m.•74 views

CVE-2017-8492

The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an authenticated attacker to obtain information via a specially crafted application. aka "Window...

5CVSS4.8AI score0.15731EPSS

CVE•added 2017/08/08 9:29 p.m.•74 views

CVE-2017-8620

Windows Search in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows a remote code execution vulnerability when it improperly handles objects in memory, aka "Windows S...

9.3CVSS8.6AI score0.71568EPSS

CVE•added 2017/09/13 1:29 a.m.•74 views

CVE-2017-8720

The Microsoft Windows graphics component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an elevation of privilege vulnerability when the Win32k compon...

7.8CVSS7.2AI score0.01052EPSS

CVE•added 2018/06/14 12:29 p.m.•74 views

CVE-2018-8216

A security feature bypass vulnerability exists in Device Guard that could allow an attacker to inject malicious code into a Windows PowerShell session, aka "Device Guard Code Integrity Policy Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows 10. This CVE ID is unique...

5.3CVSS5.2AI score0.01097EPSS

5.5CVSS6.1AI score0.00571EPSS

CVE-2020-0658

An information disclosure vulnerability exists in the Windows Common Log File System (CLFS) driver when it fails to properly handle objects in memory, aka 'Windows Common Log File System Driver Information Disclosure Vulnerability'.

7.8CVSS7.7AI score0.00549EPSS

CVE-2020-0723

5.5CVSS6.3AI score0.13946EPSS

CVE-2020-0728

An information vulnerability exists when Windows Modules Installer Service improperly discloses file information, aka 'Windows Modules Installer Service Information Disclosure Vulnerability'.