Lucene search
+L
MicrosoftWindows Server 2019*

1844 matches found

CVE
CVE
added 2024/03/12 4:57 p.m.445 views

CVE-2024-21429

The CVE-2024-21429 entry covers a remote code execution vulnerability in the Windows USB Hub Driver. According to the description, the issue affects the USB Hub Driver and could lead to arbitrary code execution with high impact on confidentiality, integrity, and availability. Exploitation details...

6.8CVSS7.2AI score0.00904EPSS
CVE
CVE
added 2024/11/12 5:54 p.m.443 views

CVE-2024-49039

CVE-2024-49039 is a Windows Task Scheduler privilege-escalation vulnerability. An authenticated local attacker can elevate privileges outside of AppContainer and access privileged RPC functions via the Task Scheduler, enabling local privilege escalation with high impact (CVE-2024-49039). There ar...

8.8CVSS8.6AI score0.13719EPSS
In wild
CVE
CVE
added 2026/01/13 5:56 p.m.442 views

CVE-2026-20862

CVE-2026-20862 is a Windows Management Services information disclosure vulnerability. The description in the initial document states that it allows an authorized attacker to disclose sensitive information locally. The connected Nessus/NCSC/ENISA entries confirm this is a local-impact issue tied t...

5.5CVSS6.1AI score0.00614EPSS
CVE
CVE
added 2024/02/13 6:2 p.m.436 views

CVE-2024-21340

Technical details for CVE-2024-21340 are not provided in the supplied documents. Monitor for updates.

4.6CVSS5.3AI score0.00752EPSS
CVE
CVE
added 2026/05/12 4:58 p.m.414 views

CVE-2026-41089

CVE-2026-41089 is a Windows Netlogon RCE via a stack-based buffer overflow in CLDAP handling. Affected: Windows Server 2012 through 2025 domain controllers. Mechanism (per provided PoCs): unauthenticated remote is possible by sending crafted CLDAP UDP packets; a 528-byte stack buffer overflow occ...

9.8CVSS6.1AI score0.72253EPSS
In wild
CVE
CVE
added 2025/06/10 5:2 p.m.411 views

CVE-2025-33073

CVE-2025-33073 is a network-accessible elevation of privilege in the Windows SMB Client caused by improper access control in the SMB protocol stack. The initial description confirms privilege escalation with network access. Connected documents provide concrete exploit presence: PoCs and proof‑of‑...

8.8CVSS8.7AI score0.64987EPSS
In wild
CVE
CVE
added 2024/07/09 5:2 p.m.408 views

CVE-2024-38112

CVE-2024-38112 Windows MSHTML Platform Spoofing is a Windows/MSHTML vulnerability exploited in the wild by the Void Banshee group. The issue involves spoofing UI within the MSHTML/IE rendering path, enabling code execution when a user opens a crafted .url payload that references an embedded MHTML...

7.5CVSS8.8AI score0.84345EPSS
In wild
CVE
CVE
added 2024/11/12 5:53 p.m.408 views

CVE-2024-43451

CVE-2024-43451 is a Windows NTLMv2 hash disclosure spoofing vulnerability. Affected: Windows; root cause: NTLM hash leakage occurs when the shell processes .URL shortcuts, triggering NTLM authentication over SMB to an attacker-controlled server. Impact: attackers can obtain NTLMv2 hashes and perf...

6.5CVSS6.5AI score0.81817EPSS
In wild
CVE
CVE
added 2025/03/11 4:59 p.m.407 views

CVE-2025-26633

CVE-2025-26633 is a local-privilege-escalation in Microsoft Management Console (MMC) caused by improper neutralization in how MMC loads language-twin .msc files. A malicious “evil twin” .msc in a language directory can execute payloads with the user’s privileges when a user opens a legitimate MMC...

7CVSS6.8AI score0.31894EPSS
In wild
CVE
CVE
added 2025/06/10 5:2 p.m.402 views

CVE-2025-33053

Summary of CVE-2025-33053 : A vulnerability in Windows WebDAV/Internet Shortcut handling allows remote code execution when a vulnerable host opens a crafted .url file that points to a WebDAV share. Exploitation relies on the WebClient service resolving UNC paths via WebDAV and may trigger arbitra...

8.8CVSS8.8AI score0.81558EPSS
In wild
CVE
CVE
added 2024/10/08 5:36 p.m.394 views

CVE-2024-43583

CVE-2024-43583 is a Winlogon elevation of privilege vulnerability. Connected PoC details show an attacker with low local privileges can escalate to SYSTEM by abusing the Image File Execution Options (IFEO) registry hijack to replace a legitimate system process with a malicious payload. Affected W...

7.8CVSS8.4AI score0.01341EPSS
Web
CVE
CVE
added 2024/12/10 5:49 p.m.394 views

CVE-2024-49112

CVE-2024-49112 affects Windows LDAP on Domain Controllers. Connected sources describe an integer-overflow flaw in the LDAP server that can allow unauthenticated remote code execution via crafted CLDAP/LDAP traffic, leading to arbitrary code execution and potential DoS. Exploitation may require lo...

9.8CVSS9.7AI score0.70906EPSS
CVE
CVE
added 2025/05/13 4:58 p.m.390 views

CVE-2025-30394

Technical details for CVE-2025-30394 are not publicly provided in the supplied documents. The description notes a memory locking issue causing a network denial of service, but no vendor/version/impact/fix specifics are available here. Monitor for updates.

5.9CVSS5.7AI score0.21026EPSS
CVE
CVE
added 2024/04/09 5:0 p.m.389 views

CVE-2024-29988

CVE-2024-29988 is a Microsoft Windows SmartScreen security feature bypass vulnerability (MotW bypass) that enables arbitrary code execution when a user opens a zip/executable delivered in a crafted file. Public exploit activity exists (GitHub exploit repository) and reports indicate in-the-wild u...

8.8CVSS8.4AI score0.45151EPSS
In wild
CVE
CVE
added 2025/05/13 4:59 p.m.388 views

CVE-2025-29974

Technical details about CVE-2025-29974 are not publicly provided in the supplied documents. Monitor for updates from Microsoft and other security bulletins to obtain confirmed affected products, scope, and remediation.

5.7CVSS5.6AI score0.00564EPSS
CVE
CVE
added 2025/02/11 5:58 p.m.381 views

CVE-2025-21420

CVE-2025-21420 is evidenced by PoCs showing a Disk Cleanup Tool (cleanmgr.exe) elevation via a DLL sideload approach. The GitHub PoCs demonstrate loading dokan1.dll/dokannp1.dll to trigger arbitrary code paths, with the exploit chain listing SetProcessMitigationPolicy (ProcessRedirectionTrustPoli...

7.8CVSS8.1AI score0.03597EPSS
Web
CVE
CVE
added 2024/10/08 5:35 p.m.378 views

CVE-2024-30092

CVE-2024-30092 corresponds to a Windows Hyper-V remote code execution vulnerability. Connected sources corroborate a Hyper-V RCE issue affecting Windows Hyper-V with an entry showing 8.0 base-vector severity and adjacent attack vector; Microsoft has released updates to fix vulnerabilities in Wind...

8CVSS8.3AI score0.00669EPSS
CVE
CVE
added 2025/02/11 5:58 p.m.376 views

CVE-2025-21337

CVE-2025-21337 is a Windows vulnerability categorized as an elevation of privileges (impact: obtaining elevated privileges) with a low base score (CVSS v3.1: 3.3) and local attack vector. The connected advisory from NCSC-2025-0047 aligns this CVE to a Windows component issue with a CVSS ~3.3 and ...

3.3CVSS6AI score0.00596EPSS
CVE
CVE
added 2026/01/13 5:56 p.m.370 views

CVE-2026-0386

CVE-2026-0386 : Windows Deployment Services has an improper access control vulnerability that can allow an adjacent-network attacker to execute code remotely. This entry is supported by multiple sources confirming the issue and indicating Microsoft has released January 2026 security updates to ad...

7.5CVSS7AI score0.00525EPSS
CVE
CVE
added 2023/08/08 5:6 p.m.369 views

CVE-2023-20588

CVE-2023-20588 is a division-by-zero vulnerability on some AMD Zen1 CPUs that could cause speculative data leakage and affect confidentiality. The connected Amazon Linux 2 advisory (ALAS2KERNEL-5.4-2025-116) confirms the Linux kernel fix for kernel-5.4 series (e.g., 5.4.254-169.358.amzn2.aarch64/...

5.5CVSS6.9AI score0.12405EPSS
CVE
CVE
added 2024/09/10 4:54 p.m.369 views

CVE-2024-43461

CVE-2024-43461 — Windows MSHTML Platform Spoofing Vulnerability : A UI misrepresentation in MSHTML that can be used to spoof a web page. Affected component: Windows MSHTML Platform. Underlying issue is a UI spoofing flaw; CVSSv3.1 score 8.8 ( NETWORK, LOW, NONE, UI: REQUIRED; Confidentiality/Inte...

8.8CVSS9.3AI score0.51883EPSS
In wild
CVE
CVE
added 2026/01/13 5:56 p.m.367 views

CVE-2026-20962

CVE-2026-20962 is described as a local-information-disclosure vulnerability in the Dynamic Root of Trust for Measurement (DRTM) mechanism. The initial and connected sources indicate an issue arising from use of an uninitialized resource, allowing an authorized attacker with local access to disclo...

4.4CVSS6.2AI score0.00399EPSS
CVE
CVE
added 2023/02/28 6:2 p.m.366 views

CVE-2023-1017

CVE-2023-1017 describes an out-of-bounds write in TPM2.0/Module Library CryptParameterDecryption. A local attacker could crash the TPM or gain arbitrary code execution in the TPM context. Affected scope includes TPM2.0 implementations via libtpms in VM TPM support and TPM modules. Public details ...

7.8CVSS7.7AI score0.01286EPSS
CVE
CVE
added 2024/04/09 5:0 p.m.366 views

CVE-2024-26229

CVE-2024-26229 is a Windows local privilege-escalation vulnerability in the CSC service (csc.sys) that can enable kernel R/W access via a vulnerable IOCTL, permitting DKOM-based token replacement to achieve SYSTEM-level LPE. Exploitation details in connected docs describe using kernel memory acce...

7.8CVSS8.1AI score0.09375EPSS
CVE
CVE
added 2026/02/10 5:51 p.m.365 views

CVE-2026-21510

CVE-2026-21510 is a Windows Shell security feature bypass vulnerability (Protection Mechanism Failure) that can allow remote code execution by bypassing SmartScreen prompts and shell warnings. Affected component: Windows Shell (explorer.exe) and related UI elements. Exploitation requires social e...

8.8CVSS5.5AI score0.25835EPSS
In wild
CVE
CVE
added 2024/03/12 4:57 p.m.363 views

CVE-2024-26161

CVE-2024-26161 affects the Microsoft WDAC OLE DB provider for SQL Server and is described as a Remote Code Execution vulnerability. The CVE entry lists a CVSS v3.1 base score of 8.8 (HIGH) with NETWORK attack vector, LOW attack complexity, and NONE privileges required, but user interaction is REQ...

8.8CVSS9.2AI score0.01947EPSS
CVE
CVE
added 2025/01/14 6:4 p.m.362 views

CVE-2025-21189

CVE-2025-21189 is listed as MapUrlToZone Security Feature Bypass. Connected sources categorize its impact as circumvention of a security measure. Public technical detail in the provided documents is limited; no explicit root-cause, vulnerable product/version, or exploitation information is given....

4.3CVSS4.6AI score0.02913EPSS
CVE
CVE
added 2023/11/28 12:0 a.m.359 views

CVE-2023-24023

CVE-2023-24023 describes a Bluetooth BR/EDR MITM vulnerability (BLUFFS) where Secure Simple Pairing and Secure Connections in Bluetooth Core 4.2–5.4 can be forced to use short keys, potentially enabling encryption-key discovery and live injection. Connected IBM/AS/Android material confirms the sa...

6.8CVSS6.8AI score0.01297EPSS
CVE
CVE
added 2022/10/11 12:0 a.m.357 views

CVE-2022-38028

CVE-2022-38028 is a Windows Print Spooler privilege-escalation vulnerability. It arises from improper privilege assignment in the Print Spooler service, enabling a local attacker with low privileges and no user interaction to escalate to SYSTEM. Public exploits have been observed; CISA/KEV and MS...

7.8CVSS8.3AI score0.14949EPSS
In wild
CVE
CVE
added 2025/01/14 6:3 p.m.348 views

CVE-2025-21293

CVE-2025-21293 — Active Directory Domain Services Elevation of Privilege. The vulnerability affects Active Directory Domain Services and enables an attacker to obtain elevated privileges via network access, with a CVSS v3.1 base score of 8.8 (High) and impact on confidentiality, integrity, and av...

8.8CVSS8.8AI score0.18481EPSS
CVE
CVE
added 2025/02/11 5:58 p.m.347 views

CVE-2025-21418

CVE-2025-21418 is a heap-based buffer overflow in the Windows Ancillary Function Driver for WinSock that enables local privilege escalation to SYSTEM. Affected: Windows components exposed to local attack surface; exploitability is local with low attack complexity and no user interaction. Public r...

7.8CVSS8.2AI score0.01537EPSS
In wild
CVE
CVE
added 2024/03/12 4:57 p.m.342 views

CVE-2024-21407

CVE-2024-21407 is a Windows Hyper-V Remote Code Execution vulnerability tied to the Hyper-V component. Exploitation requires an authenticated attacker on a guest to send specially crafted file operation requests to hardware resources on the VM, which could lead to remote code execution on the hos...

8.1CVSS8.5AI score0.16384EPSS
CVE
CVE
added 2025/03/11 4:59 p.m.342 views

CVE-2025-24054

CVE-2025-24054 is a Windows NTLM vulnerability allowing an attacker to induce NTLMv2-SSP hash disclosure by leveraging explorer.exe to fetch remote SMB resources via crafted file types (notably .library-ms and .lnk/.library-ms payloads). Public PoCs and exploits demonstrate creating malicious .li...

6.5CVSS6.5AI score0.58974EPSS
In wildWeb
CVE
CVE
added 2024/08/13 5:29 p.m.341 views

CVE-2024-38193

CVE-2024-38193 concerns the Windows Ancillary Function Driver for WinSock (AFD) used by Winsock. The vulnerability is a local privilege-escalation issue in the AFD/WinSock stack, with a resource-management error cited by CNNVD and a privilege-escalation capability described by CISA KEV. Public ex...

7.8CVSS7.7AI score0.27561EPSS
In wild
CVE
CVE
added 2025/06/10 5:2 p.m.328 views

CVE-2025-33052

CVE-2025-33052 is a local-information-disclosure in the Windows DWM Core Library caused by use of an uninitialized resource. In NVD, it’s rated CVSSv3.1: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N; impact: confidentiality High. The Connected docs confirm affected component (Windows DWM Core Library) and...

5.5CVSS5.3AI score0.00534EPSS
CVE
CVE
added 2026/06/09 5:4 p.m.327 views

CVE-2026-47291

The CVE-2026-47291 entry describes an integer overflow/ wraparound in Windows HTTP.sys that enables a remote attacker to execute code over the network. Affected software component: Windows HTTP.sys. Root cause: integer overflow/wraparound in the HTTP.sys processing path. Impact: unauthenticated n...

9.8CVSS5.7AI score0.21506EPSS
CVE
CVE
added 2024/05/14 4:57 p.m.326 views

CVE-2024-30040

CVE-2024-30040 is a Windows MSHTML Platform Security Feature Bypass vulnerability. The affected component is MSHTML (Windows), with a root cause described as a security feature bypass in the MSHTML engine. Impact per CVSS: CVSS 3.1 base score 8.8 (High) affecting confidentiality, integrity, and a...

8.8CVSS6.3AI score0.03939EPSS
In wild
CVE
CVE
added 2025/06/10 5:2 p.m.324 views

CVE-2025-33065

CVE-2025-33065 is an information-disclosure vulnerability: an out-of-bounds read in Windows Storage Management Provider could allow an authorized attacker (local access, low privileges) to disclose information. CVSS v3.1 base metrics indicate Local access, Low attack complexity, Privileges requir...

5.5CVSS5.2AI score0.00529EPSS
CVE
CVE
added 2024/09/10 4:54 p.m.322 views

CVE-2024-21416

CVE-2024-21416 refers to a Windows TCP/IP Remote Code Execution vulnerability in the Windows TCP/IP stack. The CVE entry is corroborated by multiple sources (NVD, CVE list, and MSRC advisories) and is rated with high impact; the NVD metrics list a critical base score (9.8) with network access and...

9.8CVSS9AI score0.01381EPSS
CVE
CVE
added 2024/03/12 4:57 p.m.317 views

CVE-2024-21408

Microsoft’s CVE-2024-21408 is a Windows Hyper-V Denial of Service vulnerability that can be triggered by a guest to cause a host crash. The available connected sources confirm Hyper-V as the affected product, the host compromise from a guest as the attack scenario, and a DoS impact. The CVSS vect...

5.5CVSS6.8AI score0.04507EPSS
CVE
CVE
added 2024/08/13 5:29 p.m.315 views

CVE-2024-38213

CVE-2024-38213 is a Windows Mark of the Web (MoTW) security feature bypass vulnerability. Affected software involves Windows MoTW handling; the flaw allows downloaded web-origin files to bypass warnings/ protections, enabling potentially malicious content to execute. Exploitation information in c...

6.5CVSS6.5AI score0.1337EPSS
In wild
CVE
CVE
added 2026/02/10 5:51 p.m.306 views

CVE-2026-21533

CVE-2026-21533 affects Windows Remote Desktop Services (RDS) and is caused by improper privilege management (CWE-269), allowing a local authenticated attacker with low privileges to elevate to SYSTEM. Multiple connected sources corroborate that the issue is a local EoP in RDS with CVSSv3 7.8 (HIG...

7.8CVSS5.5AI score0.03846EPSS
In wild
CVE
CVE
added 2024/08/13 5:29 p.m.305 views

CVE-2024-38178

CVE-2024-38178 is a Microsoft Windows Scripting Engine memory corruption vulnerability that exists in Edge when running Internet Explorer mode. It enables remote code execution and is being actively exploited in the wild, with public pressure reflected in multiple advisories and exploit catalogs....

7.5CVSS7.4AI score0.39196EPSS
In wild
CVE
CVE
added 2025/03/11 4:59 p.m.298 views

CVE-2025-24993

CVE-2025-24993 is a Windows NTFS heap-based buffer overflow that allows a locally authenticated attacker to execute arbitrary code. Affected component is NTFS on Windows; root cause is a heap-based overflow in NTFS handling. CVSS v3.1 indicates local attack vector, no privileges required, user in...

7.8CVSS8AI score0.02092EPSS
In wild
CVE
CVE
added 2025/03/11 4:59 p.m.297 views

CVE-2025-24985

CVE-2025-24985 affects the Windows Fast FAT File System Driver and is caused by an integer overflow/wraparound, enabling local code execution. The vulnerability has seen exploitation in the wild (per Krebs/Microsoft Patch Tuesday coverage), and mitigation is to install the MSRC-released updates l...

7.8CVSS7.8AI score0.03705EPSS
In wild
CVE
CVE
added 2026/04/14 4:58 p.m.297 views

CVE-2026-33824

CVE-2026-33824 is a Windows IKE Extension (ikeext) remote code execution vulnerability caused by a double-free in IKEEXT. ZDI notes it is wormable and affects systems with IKE enabled; exploitation can occur over UDP/500-4500 and may enable lateral movement from inside networks. Microsoft has iss...

9.8CVSS5.9AI score0.5585EPSS
CVE
CVE
added 2023/02/28 5:54 p.m.296 views

CVE-2023-1018

CVE-2023-1018 is an out-of-bounds read in TPM 2.0’s Module Library (CryptParameterDecryption) that could allow a local attacker to read sensitive data stored in the TPM. Connected advisories confirm a local, authenticated access scenario and note TPM exposure on affected IBM Power firmware (Power...

5.5CVSS6.5AI score0.05552EPSS
CVE
CVE
added 2024/03/12 4:57 p.m.294 views

CVE-2024-21438

Technical details for CVE-2024-21438 are not provided in the supplied documents. Monitor for updates from the connected sources to obtain affected product, root cause, impact, and remediation information.

7.5CVSS7.6AI score0.02718EPSS
CVE
CVE
added 2024/04/09 5:0 p.m.292 views

CVE-2024-26207

CVE-2024-26207 is a Windows Remote Access Connection Manager information disclosure vulnerability. Affected component: Windows Remote Access Connection Manager (local attacker? per CVSS v3.1 shows LOCAL with low complexity and low privileges). Documented impact in the connected NCSC advisory (NCS...

5.5CVSS6.6AI score0.00755EPSS
CVE
CVE
added 2024/08/13 5:29 p.m.288 views

CVE-2024-38106

CVE-2024-38106 is a Windows kernel local privilege escalation vulnerability. The Windows kernel race condition allows a local attacker with low privileges to gain SYSTEM-level access and execute code with high impact. Microsoft lists this CVE as being actively exploited in the wild. The advisory ...

7CVSS6.9AI score0.06337EPSS
In wild
Total number of security vulnerabilities1844