Windows Server 2019 Security Vulnerabilities and Issues — Page 66 of Windows Server 2019 CVE List

7.8CVSS8.6AI score0.00827EPSS

CVE-2020-1354

An elevation of privilege vulnerability exists when the Windows UPnP Device Host improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows UPnP Device Host Elevation of Privilege Vulnerability'. This CVE ID is unique f...

7.8CVSS8.5AI score0.00278EPSS

CVE-2020-1356

An elevation of privilege vulnerability exists when the Windows iSCSI Target Service improperly handles file operations, aka 'Windows iSCSI Target Service Elevation of Privilege Vulnerability'.

7.8CVSS8.1AI score0.12863EPSS

CVE-2020-1369

An elevation of privilege vulnerability exists in the way that the Windows WalletService handles objects in memory, aka 'Windows WalletService Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1344, CVE-2020-1362.

7.5CVSS8.7AI score0.09496EPSS

CVE-2020-1374

A remote code execution vulnerability exists in the Windows Remote Desktop Client when a user connects to a malicious server, aka 'Remote Desktop Client Remote Code Execution Vulnerability'.

5.5CVSS6.1AI score0.00842EPSS

CVE-2020-1426

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-1367, CVE-2020-1389, CVE-2020-1419.

7.8CVSS8.1AI score0.00513EPSS

CVE-2020-1438

An elevation of privilege vulnerability exists in the way that the Windows Network Connections Service handles objects in memory, aka 'Windows Network Connections Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1373, CVE-2020-1390, CVE-2020-1427, CVE-2020-1428.

CVE•added 2021/03/11 4:15 p.m.•81 views

CVE-2021-27063

Windows DNS Server Denial of Service Vulnerability

7.5CVSS8.4AI score0.12525EPSS

CVE•added 2021/04/13 8:15 p.m.•81 views

CVE-2021-28435

Windows Event Tracing Information Disclosure Vulnerability

5.5CVSS6.6AI score0.00542EPSS

CVE•added 2021/12/15 3:15 p.m.•81 views

CVE-2021-43219

DirectX Graphics Kernel File Denial of Service Vulnerability

7.8CVSS8.3AI score0.01557EPSS

CVE•added 2022/10/11 7:15 p.m.•81 views

CVE-2022-37993

Windows Group Policy Preference Client Elevation of Privilege Vulnerability

7.8CVSS8.1AI score0.00272EPSS

6.5CVSS7.6AI score0.00169EPSS

CVE-2023-32037

Windows Layer-2 Bridge Network Driver Information Disclosure Vulnerability

7.5CVSS7.8AI score0.03672EPSS

CVE-2023-33168

Remote Procedure Call Runtime Denial of Service Vulnerability

7.8CVSS8.6AI score0.0014EPSS

CVE-2023-35320

Connected User Experiences and Telemetry Elevation of Privilege Vulnerability

6.5CVSS7.8AI score0.00157EPSS

CVE-2023-35331

Windows Local Security Authority (LSA) Denial of Service Vulnerability

7.8CVSS8.8AI score0.00324EPSS

CVE-2023-35343

Windows Geolocation Service Remote Code Execution Vulnerability

CVE•added 2023/12/12 6:15 p.m.•81 views

CVE-2023-35641

Internet Connection Sharing (ICS) Remote Code Execution Vulnerability

8.8CVSS8.8AI score0.05218EPSS

8CVSS8.4AI score0.01503EPSS

CVE-2024-37975

Secure Boot Security Feature Bypass Vulnerability

8CVSS8.4AI score0.00927EPSS

CVE-2024-38011

Secure Boot Security Feature Bypass Vulnerability

7.8CVSS8.6AI score0.00619EPSS

CVE-2024-38050

Windows Workstation Service Elevation of Privilege Vulnerability

7.5CVSS8.4AI score0.09955EPSS

CVE-2024-38067

Windows Online Certificate Status Protocol (OCSP) Server Denial of Service Vulnerability

7.8CVSS8.3AI score0.00602EPSS

CVE-2024-38070

Windows LockDown Policy (WLDP) Security Feature Bypass Vulnerability

CVE•added 2024/08/13 6:15 p.m.•81 views

CVE-2024-38145

Windows Layer-2 Bridge Network Driver Denial of Service Vulnerability

7.5CVSS7.5AI score0.30301EPSS

CVE•added 2024/09/10 5:15 p.m.•81 views

CVE-2024-38230

Windows Standards-Based Storage Management Service Denial of Service Vulnerability

7.5CVSS7.8AI score0.02577EPSS

CVE•added 2024/09/10 5:15 p.m.•81 views

CVE-2024-38237

Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability

7.8CVSS8.6AI score0.00962EPSS

CVE•added 2024/10/08 6:15 p.m.•81 views

CVE-2024-43509

Windows Graphics Component Elevation of Privilege Vulnerability

7.8CVSS8.4AI score0.00588EPSS

CVE•added 2024/11/12 6:15 p.m.•81 views

CVE-2024-43620

Windows Telephony Service Remote Code Execution Vulnerability

8.8CVSS8.8AI score0.01686EPSS

CVE•added 2024/11/12 6:15 p.m.•81 views

CVE-2024-43643

Windows USB Video Class System Driver Elevation of Privilege Vulnerability

6.8CVSS6.7AI score0.00328EPSS

CVE•added 2024/12/12 2:4 a.m.•81 views

CVE-2024-49081

Wireless Wide Area Network Service (WwanSvc) Elevation of Privilege Vulnerability

6.6CVSS6.5AI score0.00383EPSS

CVE•added 2025/01/14 6:15 p.m.•81 views

CVE-2025-21202

Windows Recovery Environment Agent Elevation of Privilege Vulnerability

6.1CVSS6.3AI score0.00137EPSS

CVE•added 2025/01/14 6:15 p.m.•81 views

CVE-2025-21290

Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability

7.5CVSS7.4AI score0.01098EPSS

CVE•added 2025/02/11 6:15 p.m.•81 views

CVE-2025-21359

Windows Kernel Security Feature Bypass Vulnerability

7.8CVSS8AI score0.0011EPSS

CVE•added 2025/03/11 5:16 p.m.•81 views

CVE-2025-24046

Use after free in Microsoft Streaming Service allows an authorized attacker to elevate privileges locally.

7.8CVSS7.9AI score0.00106EPSS

CVE•added 2025/04/08 6:15 p.m.•81 views

CVE-2025-26686

Sensitive data storage in improperly locked memory in Windows TCP/IP allows an unauthorized attacker to execute code over a network.

7.5CVSS7.5AI score0.00107EPSS

CVE•added 2025/04/08 6:15 p.m.•81 views

CVE-2025-27474

Use of uninitialized resource in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.

6.5CVSS6.9AI score0.00133EPSS

CVE•added 2025/04/08 6:16 p.m.•81 views

CVE-2025-27735

Insufficient verification of data authenticity in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to bypass a security feature locally.

6CVSS7.1AI score0.00028EPSS

CVE•added 2025/04/08 6:16 p.m.•81 views

CVE-2025-27740

Weak authentication in Windows Active Directory Certificate Services allows an authorized attacker to elevate privileges over a network.

8.8CVSS7.3AI score0.00338EPSS

CVE•added 2025/04/08 6:16 p.m.•81 views

CVE-2025-27741

Out-of-bounds read in Windows NTFS allows an unauthorized attacker to elevate privileges locally.

7.8CVSS7AI score0.00056EPSS

CVE•added 2025/06/10 5:22 p.m.•81 views

CVE-2025-33070

Use of uninitialized resource in Windows Netlogon allows an unauthorized attacker to elevate privileges over a network.

8.1CVSS8AI score0.00212EPSS

6.8CVSS7.1AI score0.00983EPSS

CVE-2019-0712

A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system, aka 'Windows Hyper-V Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-1309, CVE-2019-1310, CVE-20...

6.8CVSS7.1AI score0.00983EPSS

CVE-2019-1309

6.8CVSS7.1AI score0.00983EPSS

CVE-2019-1310

7.8CVSS8.5AI score0.00404EPSS

CVE-2019-1437

An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handles objects in memory, aka 'Windows Graphics Component Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1407, CVE-2019-1433, CVE-2019-1435, CVE-2019-1438.