Windows Server 2016@1709 Security Vulnerabilities and Issues — Page 6 of Windows Server 2016@1709 CVE List

Lucene search

MicrosoftWindows Server 20161709

305 matches found

CVE•added 2018/05/09 7:29 p.m.•104 views

CVE-2018-8134

An elevation of privilege vulnerability exists in the way that the Windows Kernel API enforces permissions, aka "Windows Elevation of Privilege Vulnerability." This affects Windows Server 2012 R2, Windows RT 8.1, Windows Server 2016, Windows 8.1, Windows 10, Windows 10 Servers.

7CVSS7.5AI score0.07473EPSS

CVE•added 2018/06/14 12:29 p.m.•104 views

CVE-2018-8140

An Elevation of Privilege vulnerability exists when Cortana retrieves data from user input services without consideration for status, aka "Cortana Elevation of Privilege Vulnerability." This affects Windows 10 Servers, Windows 10.

6.8CVSS7.4AI score0.00929EPSS

CVE•added 2018/06/14 12:29 p.m.•104 views

CVE-2018-8169

An elevation of privilege vulnerability exists when the (Human Interface Device) HID Parser Library driver improperly handles objects in memory, aka "HIDParser Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server ...

7CVSS7.6AI score0.01451EPSS

CVE•added 2018/07/11 12:29 a.m.•104 views

CVE-2018-8307

A security feature bypass vulnerability exists when Microsoft WordPad improperly handles embedded OLE objects, aka "WordPad Security Feature Bypass Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2...

6.8CVSS6.5AI score0.01151EPSS

CVE•added 2018/09/13 12:29 a.m.•104 views

CVE-2018-8449

A security feature bypass exists when Device Guard incorrectly validates an untrusted file, aka "Device Guard Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers.

3.3CVSS5.3AI score0.01112EPSS

CVE•added 2018/11/09 9:29 p.m.•103 views

CVE-2018-17612

Sennheiser HeadSetup 7.3.4903 places Certification Authority (CA) certificates into the Trusted Root CA store of the local system, and publishes the private key in the SennComCCKey.pem file within the public software distribution, which allows remote attackers to spoof arbitrary web sites or softwa...

7.5CVSS7.4AI score0.01029EPSS

CVE•added 2018/06/14 12:29 p.m.•103 views

CVE-2018-8214

An elevation of privilege vulnerability exists in Windows when Desktop Bridge does not properly manage the virtual registry, aka "Windows Desktop Bridge Elevation of Privilege Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-8208.

7CVSS7.6AI score0.46044EPSS

CVE•added 2018/06/14 12:29 p.m.•103 views

CVE-2018-8226

A denial of service vulnerability exists in the HTTP 2.0 protocol stack (HTTP.sys) when HTTP.sys improperly parses specially crafted HTTP 2.0 requests, aka "HTTP.sys Denial of Service Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers.

7.8CVSS7.6AI score0.07148EPSS

CVE•added 2018/10/10 1:29 p.m.•103 views

CVE-2018-8472

An information disclosure vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory, allowing an attacker to retrieve information from a targeted system, aka "Windows GDI Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2...

5.5CVSS5.7AI score0.00974EPSS

CVE•added 2018/10/10 1:29 p.m.•103 views

CVE-2018-8481

An information disclosure vulnerability exists when Windows Media Player improperly discloses file information, aka "Windows Media Player Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2...

3.1CVSS4.9AI score0.02455EPSS

CVE•added 2018/10/10 1:29 p.m.•103 views

CVE-2018-8495

A remote code execution vulnerability exists when Windows Shell improperly handles URIs, aka "Windows Shell Remote Code Execution Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers.

7.6CVSS7.8AI score0.68211EPSS

CVE•added 2018/02/15 2:29 a.m.•102 views

CVE-2018-0843

The Windows kernel in Windows 10 version 1709 and Windows Server, version 1709 allows an information disclosure vulnerability due to how objects in memory are handled, aka "Windows Kernel Information Disclosure Vulnerability". This CVE is unique from CVE-2018-0742, CVE-2018-0756, CVE-2018-0809 and ...

4.7CVSS4.9AI score0.02947EPSS

CVE•added 2018/04/12 1:29 a.m.•102 views

CVE-2018-0890

A security feature bypass vulnerability exists when Active Directory incorrectly applies Network Isolation settings, aka "Active Directory Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers.

5.3CVSS6.5AI score0.09956EPSS

CVE•added 2018/12/12 12:29 a.m.•102 views

CVE-2018-8612

A Denial Of Service vulnerability exists when Connected User Experiences and Telemetry Service fails to validate certain function values, aka "Connected User Experiences and Telemetry Service Denial of Service Vulnerability." This affects Windows Server 2016, Windows 10, Windows Server 2019, Window...

5.5CVSS6.9AI score0.00352EPSS

CVE•added 2018/04/12 1:29 a.m.•101 views

CVE-2018-0964

An information disclosure vulnerability exists when Windows Hyper-V on a host operating system fails to properly validate input from an authenticated user on a guest operating system, aka "Hyper-V Information Disclosure Vulnerability." This affects Windows 10, Windows 10 Servers. This CVE ID is uni...

6.1CVSS5.9AI score0.00534EPSS

CVE•added 2018/03/14 5:29 p.m.•101 views

CVE-2018-0977

The Windows kernel mode driver in Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege vulnerability due to how objects are handled in memory, aka "Win32k Elevation of Privilege Vulnerability".

7CVSS6.9AI score0.00718EPSS

CVE•added 2018/05/09 7:29 p.m.•101 views

CVE-2018-8132

A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard, aka "Windows Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-0854, CVE-2018-0958, CVE-2018-81...

5.3CVSS6.4AI score0.00558EPSS

CVE•added 2018/08/15 5:29 p.m.•100 views

CVE-2018-8204

A security feature bypass vulnerability exists in Device Guard that could allow an attacker to inject malicious code into a Windows PowerShell session, aka "Device Guard Code Integrity Policy Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers. T...

5.3CVSS6.7AI score0.00231EPSS

CVE•added 2018/09/13 12:29 a.m.•100 views

CVE-2018-8433

An information disclosure vulnerability exists when the Windows Graphics component improperly handles objects in memory, aka "Microsoft Graphics Component Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012,...

4.7CVSS5.2AI score0.01419EPSS

CVE•added 2018/10/10 1:29 p.m.•100 views

CVE-2018-8506

An Information Disclosure vulnerability exists in the way that Microsoft Windows Codecs Library handles objects in memory, aka "Microsoft Windows Codecs Library Information Disclosure Vulnerability." This affects Windows 10 Servers, Windows 10, Windows Server 2019.

5.5CVSS6AI score0.18897EPSS

CVE•added 2018/06/14 12:29 p.m.•99 views

CVE-2018-8175

An denial of service vulnerability exists when Windows NT WEBDAV Minirdr attempts to query a WEBDAV directory, aka "WEBDAV Denial of Service Vulnerability." This affects Windows 10 Servers, Windows 10.

7.1CVSS6.9AI score0.1091EPSS

CVE•added 2018/07/11 12:29 a.m.•99 views

CVE-2018-8313

7.8CVSS6.1AI score0.00563EPSS

CVE•added 2018/06/14 12:29 p.m.•98 views

CVE-2018-0982

7CVSS7.6AI score0.11334EPSS

CVE•added 2018/05/21 1:29 p.m.•98 views

CVE-2018-8142

A security feature bypass exists when Windows incorrectly validates kernel driver signatures, aka "Windows Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-1035.

5.3CVSS5.4AI score0.00421EPSS

CVE•added 2018/04/19 1:29 a.m.•97 views

CVE-2018-1035

5.3CVSS5.4AI score0.00421EPSS

CVE•added 2018/06/14 12:29 p.m.•97 views

CVE-2018-8239

An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka "Windows GDI Information Disclosure Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers.

5.5CVSS6.1AI score0.64467EPSS

CVE•added 2018/09/13 12:29 a.m.•97 views

CVE-2018-8438

A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system, aka "Windows Hyper-V Denial of Service Vulnerability." This affects Windows Server 2012 R2, Windows RT 8.1, Windows Se...

6.8CVSS6.2AI score0.00513EPSS

CVE•added 2018/10/10 1:29 p.m.•97 views

CVE-2018-8484

An elevation of privilege vulnerability exists when the DirectX Graphics Kernel (DXGKRNL) driver improperly handles objects in memory, aka "DirectX Graphics Kernel Elevation of Privilege Vulnerability." This affects Windows Server 2012 R2, Windows RT 8.1, Windows Server 2012, Windows Server 2019, W...

7.8CVSS7.5AI score0.00358EPSS

CVE•added 2018/10/10 1:29 p.m.•97 views

CVE-2018-8492

5.3CVSS6.2AI score0.00245EPSS

CVE•added 2018/08/15 5:29 p.m.•96 views

CVE-2018-8200

5.3CVSS6.7AI score0.00231EPSS

CVE•added 2018/06/14 12:29 p.m.•95 views

CVE-2018-8209

An information disclosure vulnerability exists when Windows allows a normal user to access the Wireless LAN profile of an administrative user, aka "Windows Wireless Network Profile Information Disclosure Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers.

8CVSS7.4AI score0.03861EPSS

CVE•added 2018/09/13 12:29 a.m.•95 views

CVE-2018-8462

7.8CVSS7.5AI score0.00502EPSS

CVE•added 2018/05/09 7:29 p.m.•94 views

CVE-2018-8165

7.8CVSS8AI score0.00397EPSS

CVE•added 2018/05/09 7:29 p.m.•94 views

CVE-2018-8170

An elevation of privilege vulnerability exists in the way that the Windows kernel image handles objects in memory, aka "Windows Image Elevation of Privilege Vulnerability." This affects Windows 10, Windows 10 Servers.

7CVSS7.5AI score0.00626EPSS

CVE•added 2018/06/14 12:29 p.m.•94 views

CVE-2018-8211

5.3CVSS5.2AI score0.01097EPSS

CVE•added 2018/02/15 2:29 a.m.•93 views

CVE-2018-0831

The Windows kernel in Windows 10 versions 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege vulnerability due to how objects in memory are handled, aka "Windows Kernel Elevation of Privilege Vulnerability".

7.8CVSS6.7AI score0.00717EPSS

CVE•added 2018/06/14 12:29 p.m.•93 views

CVE-2018-8201

4.5CVSS5.2AI score0.01097EPSS

CVE•added 2018/06/14 12:29 p.m.•93 views

CVE-2018-8219

An elevation of privilege vulnerability exists when Windows Hyper-V instruction emulation fails to properly enforce privilege levels, aka "Hypervisor Code Integrity Elevation of Privilege Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers.

8.8CVSS8.6AI score0.0056EPSS

CVE•added 2018/06/14 12:29 p.m.•93 views

CVE-2018-8221

5.3CVSS5.2AI score0.01097EPSS

CVE•added 2018/10/10 1:29 p.m.•93 views

CVE-2018-8497

An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory, aka "Windows Kernel Elevation of Privilege Vulnerability." This affects Windows Server 2016, Windows 10, Windows Server 2019, Windows 10 Servers.

7.8CVSS7.6AI score0.00245EPSS

CVE•added 2018/06/14 12:29 p.m.•92 views

CVE-2018-8121

An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 10 Servers, Windows 10. This CVE ID is unique from CVE-2018-8207.

4.7CVSS5.3AI score0.01934EPSS

CVE•added 2018/05/09 7:29 p.m.•92 views

CVE-2018-8141

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-8127.

4.7CVSS5.3AI score0.02721EPSS

CVE•added 2018/09/13 12:29 a.m.•92 views

CVE-2018-8435

A security feature bypass vulnerability exists when Windows Hyper-V BIOS loader fails to provide a high-entropy source, aka "Windows Hyper-V Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers.

4.2CVSS5.4AI score0.0031EPSS

CVE•added 2018/07/11 12:29 a.m.•91 views

CVE-2018-8222

5.3CVSS6.6AI score0.00233EPSS

CVE•added 2018/06/14 12:29 p.m.•90 views

CVE-2018-8212

5.3CVSS5.2AI score0.01097EPSS

CVE•added 2018/06/14 12:29 p.m.•90 views

CVE-2018-8231

A remote code execution vulnerability exists when HTTP Protocol Stack (Http.sys) improperly handles objects in memory, aka "HTTP Protocol Stack Remote Code Execution Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers.

9.3CVSS8.6AI score0.51157EPSS

CVE•added 2018/08/15 5:29 p.m.•90 views

CVE-2018-8347

An elevation of privilege vulnerability exists in Microsoft Windows when the Windows kernel fails to properly handle parsing of certain symbolic links, aka "Windows Kernel Elevation of Privilege Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers.

7.8CVSS7.8AI score0.00375EPSS

CVE•added 2018/06/14 12:29 p.m.•89 views

CVE-2018-8215

5.3CVSS5.2AI score0.01097EPSS

CVE•added 2018/06/14 12:29 p.m.•87 views

CVE-2018-8218

7.7CVSS7.6AI score0.01415EPSS

CVE•added 2018/09/13 12:29 a.m.•87 views

CVE-2018-8337

A security feature bypass vulnerability exists when Windows Subsystem for Linux improperly handles case sensitivity, aka "Windows Subsystem for Linux Security Feature Bypass Vulnerability." This affects Windows 10, Windows 10 Servers.

5.3CVSS6.3AI score0.0029EPSS

Total number of security vulnerabilities305