Windows Server 2016@1909 Security Vulnerabilities and Issues — Windows Server 2016@1909 CVE List

Lucene search

MicrosoftWindows Server 20161909

954 matches found

CVE•added 2020/11/11 7:15 a.m.•1244 views

CVE-2020-17087

Windows Kernel Local Elevation of Privilege Vulnerability

7.8CVSS8.3AI score0.15084EPSS

CVE•added 2020/11/11 7:15 a.m.•935 views

CVE-2020-17049

A security feature bypass vulnerability exists in the way Key Distribution Center (KDC) determines if a service ticket can be used for delegation via Kerberos Constrained Delegation (KCD).To exploit the vulnerability, a compromised service that is configured to use KCD could tamper with a service t...

9CVSS6.8AI score0.20086EPSS

CVE•added 2020/06/09 8:15 p.m.•380 views

CVE-2020-1206

An information disclosure vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requests, aka 'Windows SMBv3 Client/Server Information Disclosure Vulnerability'.

7.5CVSS7.4AI score0.47718EPSS

CVE•added 2020/03/12 4:15 p.m.•369 views

CVE-2020-0645

A tampering vulnerability exists when Microsoft IIS Server improperly handles malformed request headers, aka 'Microsoft IIS Server Tampering Vulnerability'.

7.5CVSS8.2AI score0.08197EPSS

CVE•added 2020/07/29 6:15 p.m.•318 views

CVE-2020-15707

Integer overflows were discovered in the functions grub_cmd_initrd and grub_initrd_init in the efilinux component of GRUB2, as shipped in Debian, Red Hat, and Ubuntu (the functionality is not included in GRUB2 upstream), leading to a heap-based buffer overflow. These could be triggered by an extrem...

6.4CVSS7.6AI score0.00033EPSS

CVE•added 2021/01/12 8:15 p.m.•291 views

CVE-2021-1648

Microsoft splwow64 Elevation of Privilege Vulnerability

7.8CVSS7.7AI score0.00979EPSS

CVE•added 2020/06/09 8:15 p.m.•288 views

CVE-2020-1269

An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0986, CVE-2020-1237, CVE-2020-1246, CVE-2020-1262, CVE-2020-1264, CVE-2020-1266, CVE-2020...

7.8CVSS7.7AI score0.19295EPSS

CVE•added 2020/07/29 6:15 p.m.•285 views

CVE-2020-15706

GRUB2 contains a race condition in grub_script_function_create() leading to a use-after-free vulnerability which can be triggered by redefining a function whilst the same function is already executing, leading to arbitrary code execution and secure boot restriction bypass. This issue affects GRUB2 ...

6.4CVSS7.7AI score0.00064EPSS

CVE•added 2020/07/29 6:15 p.m.•284 views

CVE-2020-15705

GRUB2 fails to validate kernel signature when booted directly without shim, allowing secure boot to be bypassed. This only affects systems where the kernel signing certificate has been imported directly into the secure boot database and the GRUB image is booted directly without the use of shim. Thi...

6.4CVSS7.1AI score0.00018EPSS

CVE•added 2020/11/11 7:15 a.m.•273 views

CVE-2020-17051

Windows Network File System Remote Code Execution Vulnerability

10CVSS9.6AI score0.14901EPSS

CVE•added 2020/01/14 11:15 p.m.•270 views

CVE-2020-0611

A remote code execution vulnerability exists in the Windows Remote Desktop Client when a user connects to a malicious server, aka 'Remote Desktop Client Remote Code Execution Vulnerability'.

7.5CVSS8.8AI score0.14967EPSS

CVE•added 2020/05/21 11:15 p.m.•263 views

CVE-2020-1048

An elevation of privilege vulnerability exists when the Windows Print Spooler service improperly allows arbitrary writing to the file system, aka 'Windows Print Spooler Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1070.

7.8CVSS7.7AI score0.72379EPSS

CVE•added 2020/01/14 11:15 p.m.•262 views

CVE-2020-0624

An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0642.

7.8CVSS7.7AI score0.15527EPSS

CVE•added 2020/08/17 7:15 p.m.•243 views

CVE-2020-1337

An elevation of privilege vulnerability exists when the Windows Print Spooler service improperly allows arbitrary writing to the file system. An attacker who successfully exploited this vulnerability could run arbitrary code with elevated system privileges. An attacker could then install programs; ...

7.8CVSS7.8AI score0.53476EPSS

CVE•added 2020/06/09 8:15 p.m.•239 views

CVE-2020-1307

9.3CVSS7.7AI score0.19295EPSS

CVE•added 2021/05/11 7:15 p.m.•239 views

CVE-2021-31167

Windows Container Manager Service Elevation of Privilege Vulnerability

7.8CVSS7.6AI score0.0033EPSS

CVE•added 2020/09/11 5:15 p.m.•236 views

CVE-2020-1013

An elevation of privilege vulnerability exists when Microsoft Windows processes group policy updates. An attacker who successfully exploited this vulnerability could potentially escalate permissions or perform additional privileged actions on the target machine.To exploit this vulnerabili...

9.3CVSS8.1AI score0.15904EPSS

CVE•added 2021/01/12 8:15 p.m.•233 views

CVE-2021-1678

Windows Print Spooler Spoofing Vulnerability

8.8CVSS8AI score0.53619EPSS

CVE•added 2020/11/11 7:15 a.m.•227 views

CVE-2020-1599

Windows Spoofing Vulnerability

5.5CVSS7.2AI score0.05733EPSS

CVE•added 2020/06/09 8:15 p.m.•224 views

CVE-2020-1299

A remote code execution vulnerability exists in Microsoft Windows that could allow remote code execution if a .LNK file is processed.An attacker who successfully exploited this vulnerability could gain the same user rights as the local user, aka 'LNK Remote Code Execution Vulnerability'.

9.3CVSS8.4AI score0.32912EPSS

CVE•added 2020/06/09 8:15 p.m.•221 views

CVE-2020-1301

A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 1.0 (SMBv1) server handles certain requests, aka 'Windows SMB Remote Code Execution Vulnerability'.

8.8CVSS8.5AI score0.34234EPSS

CVE•added 2020/06/09 8:15 p.m.•220 views

CVE-2020-1300

A remote code execution vulnerability exists when Microsoft Windows fails to properly handle cabinet files.To exploit the vulnerability, an attacker would have to convince a user to either open a specially crafted cabinet file or spoof a network printer and trick a user into installing a malicious ...

8.8CVSS8.3AI score0.40477EPSS

CVE•added 2020/06/09 8:15 p.m.•219 views

CVE-2020-1274

7.8CVSS7.7AI score0.19295EPSS

CVE•added 2020/06/09 8:15 p.m.•216 views

CVE-2020-1237

An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0986, CVE-2020-1246, CVE-2020-1262, CVE-2020-1264, CVE-2020-1266, CVE-2020-1269, CVE-2020-1273,...

7.8CVSS7.8AI score0.19295EPSS

CVE•added 2021/05/11 7:15 p.m.•215 views

CVE-2021-28476

Windows Hyper-V Remote Code Execution Vulnerability

9.9CVSS9.7AI score0.63205EPSS

CVE•added 2020/06/09 8:15 p.m.•214 views

CVE-2020-1316

7.8CVSS7.7AI score0.19295EPSS

CVE•added 2020/06/09 8:15 p.m.•213 views

CVE-2020-1276

7.8CVSS7.7AI score0.19295EPSS

CVE•added 2020/10/16 11:15 p.m.•213 views

CVE-2020-16916

An elevation of privilege vulnerability exists when Windows improperly handles COM object creation. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges.To exploit this vulnerability, an attacker would first have to log on to the syste...

7.8CVSS8.2AI score0.00744EPSS

CVE•added 2020/06/09 8:15 p.m.•212 views

CVE-2020-1275

7.8CVSS7.7AI score0.19295EPSS

CVE•added 2020/06/09 8:15 p.m.•211 views

CVE-2020-1262

7.8CVSS7.7AI score0.19295EPSS

CVE•added 2020/06/09 8:15 p.m.•210 views

CVE-2020-1246

An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0986, CVE-2020-1237, CVE-2020-1262, CVE-2020-1264, CVE-2020-1266, CVE-2020-1269, CVE-2020...

7.8CVSS7.7AI score0.19295EPSS

CVE•added 2020/06/09 8:15 p.m.•204 views

CVE-2020-1266

7.8CVSS7.7AI score0.19295EPSS

CVE•added 2020/10/16 11:15 p.m.•204 views

CVE-2020-16891

A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system. To exploit the vulnerability, an attacker could run a specially crafted application on a guest operating system that could c...

8.8CVSS8.7AI score0.00539EPSS

CVE•added 2020/06/09 8:15 p.m.•201 views

CVE-2020-1273

7.8CVSS7.7AI score0.19295EPSS

CVE•added 2021/03/11 4:15 p.m.•201 views

CVE-2021-26868

Windows Graphics Component Elevation of Privilege Vulnerability

7.8CVSS8.4AI score0.12212EPSS

CVE•added 2020/02/11 10:15 p.m.•197 views

CVE-2020-0686

An elevation of privilege vulnerability exists in the Windows Installer when MSI packages process symbolic links, aka 'Windows Installer Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0683.

7.8CVSS8AI score0.27418EPSS

CVE•added 2020/06/09 8:15 p.m.•197 views

CVE-2020-1264

7.8CVSS7.7AI score0.19295EPSS

CVE•added 2020/12/10 12:15 a.m.•197 views

CVE-2020-17096

Windows NTFS Remote Code Execution Vulnerability

9CVSS8AI score0.08663EPSS

CVE•added 2020/02/11 10:15 p.m.•196 views

CVE-2020-0668

7.8CVSS7.7AI score0.79504EPSS

CVE•added 2021/02/25 11:15 p.m.•186 views

CVE-2021-24086

Windows TCP/IP Denial of Service Vulnerability

7.5CVSS8.5AI score0.37202EPSS

CVE•added 2021/03/11 4:15 p.m.•184 views

CVE-2021-26897

Windows DNS Server Remote Code Execution Vulnerability

10CVSS9.7AI score0.10792EPSS

CVE•added 2020/10/16 11:15 p.m.•183 views

CVE-2020-16898

A remote code execution vulnerability exists when the Windows TCP/IP stack improperly handles ICMPv6 Router Advertisement packets. An attacker who successfully exploited this vulnerability could gain the ability to execute code on the target server or client.To exploit this vulnerability,...

8.8CVSS8.7AI score0.30684EPSS

CVE•added 2020/02/11 10:15 p.m.•182 views

CVE-2020-0662

A remote code execution vulnerability exists in the way that Windows handles objects in memory, aka 'Windows Remote Code Execution Vulnerability'.

9CVSS8.4AI score0.34804EPSS

CVE•added 2021/05/11 7:15 p.m.•182 views

CVE-2021-28455

Microsoft Jet Red Database Engine and Access Connectivity Engine Remote Code Execution Vulnerability

8.8CVSS9.3AI score0.09683EPSS

CVE•added 2020/01/14 11:15 p.m.•180 views

CVE-2020-0642

7.8CVSS8.5AI score0.15527EPSS

CVE•added 2020/08/17 7:15 p.m.•179 views

CVE-2020-1530

An elevation of privilege vulnerability exists when Windows Remote Access improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.The security updat...

7.8CVSS8.3AI score0.00594EPSS

CVE•added 2020/02/11 10:15 p.m.•178 views

CVE-2020-0689

A security feature bypass vulnerability exists in secure boot, aka 'Microsoft Secure Boot Security Feature Bypass Vulnerability'.

6.7CVSS6.8AI score0.00158EPSS

CVE•added 2021/03/11 4:15 p.m.•177 views

CVE-2021-26899

Windows UPnP Device Host Elevation of Privilege Vulnerability

7.8CVSS8.6AI score0.00436EPSS

CVE•added 2021/02/25 11:15 p.m.•176 views

CVE-2021-24084

Windows Mobile Device Management Information Disclosure Vulnerability

5.5CVSS5.5AI score0.06294EPSS

CVE•added 2020/10/16 11:15 p.m.•175 views

CVE-2020-16933

A security feature bypass vulnerability exists in Microsoft Word software when it fails to properly handle .LNK files. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the file...

8.8CVSS6.6AI score0.0284EPSS

Total number of security vulnerabilities954