Lucene search
+L
MicrosoftWindows Server 2019*

1844 matches found

CVE
CVE
added 2024/12/10 5:49 p.m.176 views

CVE-2024-49128

CVE-2024-49128 describes a vulnerability in Windows Remote Desktop Services where sensitive data is stored in improperly locked memory. This can allow an unauthenticated, network-based attacker to execute code remotely. The CVSS 3.1 vector provided indicates network access as the attack vector, h...

8.1CVSS8.9AI score0.01154EPSS
CVE
CVE
added 2024/04/09 5:1 p.m.175 views

CVE-2024-28897

CVE-2024-28897 is referenced in connected data as a Windows Secure Boot vulnerability with the label “Circumvention of security measure.” The primary public document (NVD) lists it as a Secure Boot security feature bypass, with a CVSS v3.1 score of 6.8 (Medium) and details like attack vector adja...

6.8CVSS7.4AI score0.00869EPSS
CVE
CVE
added 2024/10/08 5:36 p.m.175 views

CVE-2024-43560

CVE-2024-43560 is a Windows Storage Port Driver elevation-of-privilege vulnerability. A local attacker with low privileges could exploit it to obtain elevated rights (CVE-2024-43560 details: CVSS v3.1 7.8, high impact; affected component: Windows Storage Port Driver). The NCSC advisory confirms M...

7.8CVSS8.3AI score0.03426EPSS
CVE
CVE
added 2024/12/10 5:49 p.m.175 views

CVE-2024-49132

CVE-2024-49132 affects Windows Remote Desktop Services and is a remote code execution vulnerability exploitable over the network (attack vector: network; no privileges required; user interaction not needed). The CVSSv3.1 base score is 8.1 (HIGH) with high impact on confidentiality, integrity, and...

8.1CVSS8.2AI score0.01079EPSS
CVE
CVE
added 2024/04/09 5:0 p.m.174 views

CVE-2024-26252

CVE-2024-26252 refers to a Windows kernel vulnerability in the rndismp6.sys driver that enables remote code execution. The issue is described as affecting the Windows component rndismp6.sys with a CVSSv3.1 base score of 6.8 (Medium), and usability concerns indicate a physical attack vector, low a...

6.8CVSS7.7AI score0.0073EPSS
CVE
CVE
added 2024/05/14 4:57 p.m.174 views

CVE-2024-29994

CVE-2024-29994 is Microsoft Windows SCSI Class System File Elevation of Privilege. Connected sources (NCSC advisory) list CVE-2024-29994 with CVSS v3.1 base 7.8 (high), Local attack vector, Low privileges required, no user interaction, and impact to confidentiality, integrity, and availability. T...

7.8CVSS6.4AI score0.00674EPSS
CVE
CVE
added 2024/08/13 5:29 p.m.173 views

CVE-2024-38199

Technical details about CVE-2024-38199 are not publicly provided in the connected documents. Monitor for updates from Microsoft and NVD for affected products, fixes, and exploit information.

9.8CVSS9.8AI score0.0223EPSS
CVE
CVE
added 2026/04/14 4:58 p.m.173 views

CVE-2026-33829

CVE-2026-33829 concerns the Windows Snipping Tool and is assigned a CVSSv3.1 base score of 4.3 (Medium). The vulnerability is described with a network attack vector but requires user interaction and does not affect integrity or availability, with confidentiality impact listed as Low. The metric i...

4.3CVSS5.8AI score0.03447EPSS
Web
CVE
CVE
added 2024/08/13 5:30 p.m.172 views

CVE-2024-37968

CVE-2024-37968 is a Windows DNS Spoofing vulnerability rated High (CVSS 7.5) with network attack vector and impact on confidentiality. The connected documents confirm this CVE affects Windows DNS and that Microsoft released fixes in the August 2024 updates (examples: KB5041578, KB5041160, KB50418...

7.5CVSS7.5AI score0.01019EPSS
CVE
CVE
added 2019/04/08 11:45 p.m.171 views

CVE-2019-0697

The connected advisories describe a remote code execution vulnerability in the Microsoft Windows DHCP Client caused by improper processing of DHCP responses (memory corruption) in the DhcpExtractFullOptions path. A remote attacker could send crafted DHCP replies to execute arbitrary code with adm...

9.8CVSS9.5AI score0.29648EPSS
CVE
CVE
added 2024/04/09 5:1 p.m.171 views

CVE-2024-26216

CVE-2024-26216 is a Windows vulnerability affecting the Windows File Server Resource Management Service, categorized as a privilege-escalation issue with a CVSS-like score around 7.3 (high) in public guidance. The connected documents confirm the vulnerability is tied to Windows File Server Resour...

7.3CVSS7.8AI score0.0087EPSS
CVE
CVE
added 2024/04/09 5:1 p.m.171 views

CVE-2024-26230

CVE-2024-26230 is a Windows Telephony Server elevation-of-privilege vulnerability. Reported as a local privilege escalation with CVSS 3.1 base score 7.8 (HIGH): vectors/local, attack complexity LOW, privileges required LOW, no user interaction. Impacts on confidentiality, integrity, and availabil...

7.8CVSS8.1AI score0.24294EPSS
CVE
CVE
added 2024/04/09 5:1 p.m.171 views

CVE-2024-26239

COVID: CVE-2024-26239 is a Windows Telephony Server Elevation of Privilege vulnerability with LOCAL attack vector, requiring LOW privileges and no user interaction. The CVSS 3.1 base score is 7.8 (HIGH), with CONFIDENTIALITY, INTEGRITY, and AVAILABILITY impacts rated HIGH. The initial description...

7.8CVSS8.1AI score0.0058EPSS
CVE
CVE
added 2024/04/09 5:0 p.m.171 views

CVE-2024-28902

CVE-2024-28902 is associated with Windows Remote Access Connection Manager and is listed in an ENISA/NCSC-style advisory as a local, low-complexity information-disclosure vulnerability with potential impact to data confidentiality (CVE-2024-28902, Windows Remote Access Connection Manager). The co...

5.5CVSS6.6AI score0.00755EPSS
CVE
CVE
added 2025/01/14 6:4 p.m.171 views

CVE-2025-21327

CVE-2025-21327 is a Windows Digital Media elevation-of-privilege vulnerability. The CVSS3.1 base vector indicates physical access required, low attack complexity and low privileges, with high impact on confidentiality, integrity, and availability (base score 6.6, medium). The connected data confi...

6.6CVSS6.5AI score0.00744EPSS
CVE
CVE
added 2024/01/09 5:56 p.m.170 views

CVE-2024-21313

CVE-2024-21313 is described as a Windows TCP/IP Information Disclosure Vulnerability. The entry provides a CVSSv3.1 base score of 5.3 (Medium) with network attack vector, high attack complexity, no privileges required, user interaction required, and a privacy-focused impact (Confidentiality: High...

5.3CVSS5.8AI score0.01499EPSS
CVE
CVE
added 2024/04/09 5:0 p.m.169 views

CVE-2024-26171

CVE-2024-26171 is reported as a Windows Secure Boot vulnerability with the impact labeled as circumvention of a security measure (CVSS-like score 6.70). The connected documents corroborate its placement under Windows Secure Boot in the security advisories and vulnerability feeds, but they do not ...

6.7CVSS7.3AI score0.00636EPSS
CVE
CVE
added 2024/04/09 5:0 p.m.169 views

CVE-2024-26248

CVE-2024-26248 is a Windows Kerberos Elevation of Privilege vulnerability with a CVSS v3.1 base score of 7.5 (Impact: High; Privileges Required: Low; Attack Vector: Network; User Interaction: None). The connected sources list this CVE under Windows Kerberos and assign an impact of Obtaining Incre...

7.5CVSS8AI score0.01034EPSS
CVE
CVE
added 2024/04/09 5:0 p.m.169 views

CVE-2024-26254

CVE-2024-26254 is a Denial-of-Service in Microsoft Windows Virtual Machine Bus (VMBus). The provided OpenVAS listings confirm VMBus involvement, but do not disclose a concrete root cause, exploit technique, affected product versions, or a remediation in these documents. No patch details are expli...

7.5CVSS8.6AI score0.03136EPSS
CVE
CVE
added 2024/04/09 5:1 p.m.169 views

CVE-2024-28925

CVE-2024-28925 is listed in the Microsoft Windows Secure Boot family as a Secure Boot security feature bypass with high impact (CVSS 3.1: 8.0; Adjacent access, no privileges required, user interaction required). The connected advisory (NCSC) confirms a Windows Secure Boot bypass in the same CVE g...

8CVSS8.1AI score0.01231EPSS
CVE
CVE
added 2024/04/09 5:1 p.m.168 views

CVE-2024-26215

Technical details about CVE-2024-26215 are not publicly available in the provided connected documents. Monitor for updates from official vendors and advisories to obtain affected products, impact and remediation information.

7.5CVSS7.9AI score0.02671EPSS
CVE
CVE
added 2024/04/09 5:0 p.m.168 views

CVE-2024-26253

CVE-2024-26253 corresponds to a Windows rndismp6.sys remote code execution vulnerability. The entry notes an affected Windows component (rndismp6.sys) and an exploit path that could allow remote code execution with a high impact on confidentiality, integrity, and availability, while the attack ve...

6.8CVSS7.7AI score0.0073EPSS
CVE
CVE
added 2024/04/09 5:0 p.m.168 views

CVE-2024-28901

Microsoft Windows: CVE-2024-28901 affects the Windows Remote Access Connection Manager. The vulnerability is an information disclosure in RasMan, exploitable locally with low complexity and requiring low privileges; it grants high confidentiality impact and does not affect integrity or availabili...

5.5CVSS6.6AI score0.00674EPSS
CVE
CVE
added 2024/04/09 5:1 p.m.168 views

CVE-2024-29061

Technical details about CVE-2024-29061 are not publicly provided in the supplied documents. The records mention a Secure Boot security feature bypass but do not specify affected products, versions, root cause, exploitability, or mitigations. Monitor for updates.

7.8CVSS7.3AI score0.00655EPSS
CVE
CVE
added 2025/02/11 5:58 p.m.168 views

CVE-2025-21377

Technical details for CVE-2025-21377 are not publicly provided in the supplied documents. No affected products, root cause, impact, or remediation are specified here. Monitor for updates in the connected feeds.

6.5CVSS7.4AI score0.23168EPSS
CVE
CVE
added 2024/04/09 5:0 p.m.167 views

CVE-2024-26205

CVE-2024-26205 is a Windows RRAS remote code execution vulnerability. Connected sources corroborate that it is network-exploitable with a high base score (8.8) and requires user interaction, enabling remote code execution with high impact on confidentiality, integrity and availability. The issue ...

8.8CVSS8.8AI score0.01805EPSS
CVE
CVE
added 2024/04/09 5:0 p.m.167 views

CVE-2024-28922

CVE-2024-28922 is a Secure Boot security feature bypass vulnerability. CVSS‑3.1 metrics show a physical attack vector, low attack complexity, low privileges required, user interaction needed, with no confidentiality impact, but high integrity impact (base score 4.1, Medium). Connected sources ref...

4.1CVSS6.1AI score0.00721EPSS
CVE
CVE
added 2024/04/09 5:0 p.m.166 views

CVE-2024-26183

CVE-2024-26183 is a Windows Kerberos Denial-of-Service vulnerability. The CVSS 3.1 base metrics (AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H) indicate a NETWORK-exploitable issue with a MEDIUM severity (6.5) and a HIGH impact on availability, requiring LOW privileges and no user interaction. The descript...

6.5CVSS7.3AI score0.02159EPSS
CVE
CVE
added 2024/04/09 5:1 p.m.166 views

CVE-2024-28900

CVE-2024-28900 is a Windows vulnerability affecting the Windows Remote Access Connection Manager, with information disclosure (confidentiality impact). It is exploitable locally (attack vector: LOCAL) and requires LOW privileges with no user interaction. The CVSS vector in the Initial Description...

5.5CVSS6.6AI score0.00674EPSS
CVE
CVE
added 2024/04/09 5:0 p.m.166 views

CVE-2024-28921

CVE-2024-28921 is a Windows Secure Boot security feature bypass vulnerability. The CVE entry is supported by multiple sources (NVD/NCSC/related feeds) indicating a local-attack-path bypassing Secure Boot with elevated privileges required and no user interaction. The CVSS vector shows: Local attac...

6.7CVSS7.3AI score0.00734EPSS
CVE
CVE
added 2024/05/14 4:57 p.m.166 views

CVE-2024-30038

CVE-2024-30038 is a Win32k local privilege escalation vulnerability. The issue exists in Win32k’s kernel-user boundary; exploitation would require local access with low privileges and no user interaction, potentially granting HIGH confidentiality/integrity/availability impact. Microsoft has issue...

7.8CVSS6.4AI score0.02551EPSS
CVE
CVE
added 2023/06/13 11:26 p.m.165 views

CVE-2023-29351

Technical details about CVE-2023-29351 are not publicly available in the provided documents. Monitor Microsoft and NVD for updates on affected products, impact, and remediation.

8.1CVSS8.8AI score0.01805EPSS
CVE
CVE
added 2024/04/09 5:0 p.m.165 views

CVE-2024-26232

The CVE-2024-26232 entry describes a Remote Code Execution vulnerability in Microsoft Message Queuing (MSMQ). The available details indicate a LOCAL attack with LOW privileges required and USER INTERACTION required, with HIGH impact on confidentiality, integrity, and availability (CVSS 7.3). The ...

7.3CVSS8.6AI score0.00926EPSS
CVE
CVE
added 2024/04/09 5:0 p.m.164 views

CVE-2024-26194

CVE-2024-26194 is a Secure Boot security feature bypass vulnerability. The CVSS vector indicates Local access, high attack complexity, and no privileges/UI required, with high confidentiality, integrity, and availability impact. Microsoft’s MSRC page is referenced for a potential fix, and ENISA/N...

7.4CVSS7.9AI score0.0035EPSS
CVE
CVE
added 2024/04/09 5:0 p.m.164 views

CVE-2024-26242

CVE-2024-26242 is a Windows Telephony Server elevation-of-privilege vulnerability. The connected documents indicate a local-privilege escalation with CVSS v3.1 base score 7.0 (AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H). Root cause and exact exploit details are not provided in the sources. Microsoft has...

7CVSS7.7AI score0.00346EPSS
CVE
CVE
added 2024/04/09 5:0 p.m.164 views

CVE-2024-26244

CVE-2024-26244 is a remote code execution vulnerability in the Microsoft WDAC OLE DB provider for SQL Server. According to the CVSS 3.1 vector, it is exploitable over the network with no privileges required, but requires user interaction, and has high impact on confidentiality, integrity, and ava...

8.8CVSS9AI score0.01962EPSS
CVE
CVE
added 2024/04/09 5:0 p.m.164 views

CVE-2024-28920

CVE-2024-28920 is a Secure Boot security feature bypass vulnerability. The connected ENISA/NCSC records indicate this CVE is associated with Microsoft Windows Secure Boot components and is classified as bypassing a security measure. The NVD entry confirms a Secure Boot bypass description, and rel...

7.8CVSS8AI score0.00715EPSS
CVE
CVE
added 2024/04/09 5:1 p.m.164 views

CVE-2024-28924

Technical details about CVE-2024-28924 are not publicly provided in the connected documents. Monitor for updates from Microsoft, NVD, or CVE editors for affected products, impact, root cause, and available fixes.

6.7CVSS7.3AI score0.00567EPSS
CVE
CVE
added 2024/05/14 4:57 p.m.164 views

CVE-2024-30037

The CVE-2024-30037 entry affects Windows Common Log File System Driver and is categorized as a local Elevation of Privilege vulnerability (requires local access; may grant elevated privileges). The connected documents corroborate the CVE mapping and indicate it is part of a set of Windows fixes; ...

5.5CVSS7.3AI score0.05275EPSS
CVE
CVE
added 2024/08/13 5:30 p.m.164 views

CVE-2024-38144

CVE-2024-38144 is a local elevation-of-privilege vulnerability in the Windows Kernel Streaming WOW Thunk Service Driver. The connected sources state a local attacker could obtain SYSTEM privileges and that exploit code appeared in the TyphoonPWN 2024 event, with a write‑up from SSD Secure Disclos...

8.8CVSS8.8AI score0.32347EPSS
CVE
CVE
added 2025/03/11 4:58 p.m.164 views

CVE-2025-24035

CVE-2025-24035 affects Windows Remote Desktop Services. The connected data corroborates a remote code execution risk over a network, arising from memory handling (sensitive data stored in improperly locked memory). The impact is described as executing arbitrary code, with the network as the attac...

8.1CVSS8.2AI score0.01744EPSS
CVE
CVE
added 2023/06/13 11:26 p.m.163 views

CVE-2023-29358

CVE-2023-29358 is a Windows GDI Elevation of Privilege vulnerability. Per the sources, it is a LOCAL, low-attack-complexity issue with LOW privileges required, and it has HIGH confidentiality, integrity, and availability impact. The connected documents corroborate the Windows context and do not p...

7.8CVSS8.6AI score0.0473EPSS
CVE
CVE
added 2023/06/13 11:26 p.m.163 views

CVE-2023-32016

Technical details about CVE-2023-32016 are not publicly available in the provided connected documents. Monitor for updates from Microsoft and security feeds for affected products, vulnerable components, and fixes.

5.5CVSS7AI score0.00668EPSS
CVE
CVE
added 2024/10/08 5:35 p.m.163 views

CVE-2024-43519

CVE-2024-43519 : Microsoft WDAC OLE DB provider for SQL Server is affected by a Remote Code Execution vulnerability. The CVSS v3.1 base score is 8.8 (HIGH); attack vector is NETWORK, with LOW attack complexity and no privileges required, but user interaction is required. The issue stems from the ...

8.8CVSS9AI score0.014EPSS
CVE
CVE
added 2024/08/13 5:30 p.m.162 views

CVE-2024-38131

Technical details about CVE-2024-38131 are not publicly provided in the connected documents. The available material lacks product/version/root-cause/remediation specifics. Monitor official advisories/updates for concrete information.

8.8CVSS9AI score0.01237EPSS
CVE
CVE
added 2024/04/09 5:0 p.m.161 views

CVE-2024-26180

Technical details about CVE-2024-26180 are not provided in the supplied documents. Monitor for updates from official advisories and affected vendors.

8CVSS7.3AI score0.01451EPSS
CVE
CVE
added 2024/04/09 5:0 p.m.161 views

CVE-2024-26189

CVE-2024-26189 is a Secure Boot security feature bypass affecting Windows Secure Boot. The CVE is listed in the Windows Secure Boot table with CVSS v3.1 base score 8.0 (HIGH) and impact described as bypassing security measures. Connected sources corroborate a Secure Boot bypass characterization, ...

8CVSS8.1AI score0.01362EPSS
CVE
CVE
added 2025/01/14 6:4 p.m.161 views

CVE-2025-21245

CVE-2025-21245 is a Windows Telephony Service remote code execution vulnerability. The CIRCL feed and CVE listings indicate it affects Windows Telephony Service with potential for executing code from an attacker-supplied payload (impact: execution of arbitrary code) and a CVSS v3.1 base score of ...

8.8CVSS9AI score0.01653EPSS
CVE
CVE
added 2024/04/09 5:0 p.m.160 views

CVE-2024-26224

CVE-2024-26224 affects Windows DNS Server and is described as a remote code execution vulnerability. Connected sources (CNVD/NCSC tables) list the impact as allowing execution of arbitrary code or executing random code via the DNS service, with CVSS-like references around 7.2 (HIGH) impact, netwo...

7.2CVSS7.9AI score0.0156EPSS
CVE
CVE
added 2024/04/09 5:0 p.m.160 views

CVE-2024-26237

Technical details for CVE-2024-26237 are not publicly available in the provided connected documents. No concrete exploit, impact, or remediation specifics are present beyond the vulnerability title. Monitor for updates from Microsoft and security advisories.

7.8CVSS8.1AI score0.00675EPSS
Total number of security vulnerabilities1844