Windows Server 2019 Security Vulnerabilities and Issues — Windows Server 2019 CVE List

A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. This may result in speculative execution at an attacker-controlled address, potentially leading to information disclosure.

4.7CVSS6.6AI score0.00633EPSS

CVE•added 2023/10/10 6:15 p.m.•363 views

CVE-2023-36698

Windows Kernel Security Feature Bypass Vulnerability

4.4CVSS6.7AI score0.0008EPSS

CVE•added 2022/01/11 9:15 p.m.•355 views

CVE-2022-21894

Secure Boot Security Feature Bypass Vulnerability

4.9CVSS6.2AI score0.45082EPSS

In wild

CVE•added 2025/01/14 6:15 p.m.•319 views

CVE-2025-21189

MapUrlToZone Security Feature Bypass Vulnerability

4.3CVSS4.6AI score0.00174EPSS

CVE•added 2022/03/09 5:15 p.m.•268 views

CVE-2022-21977

Media Foundation Information Disclosure Vulnerability

4.3CVSS5.7AI score0.01033EPSS

CVE•added 2025/03/11 5:16 p.m.•240 views

CVE-2025-24984

Insertion of sensitive information into log file in Windows NTFS allows an unauthorized attacker to disclose information with a physical attack.

4.6CVSS6.1AI score0.17667EPSS

In wild

CVE•added 2024/04/09 5:15 p.m.•232 views

CVE-2024-29056

Windows Authentication Elevation of Privilege Vulnerability

4.3CVSS6.3AI score0.01412EPSS

CVE•added 2022/10/11 7:15 p.m.•211 views

CVE-2022-37981

Windows Event Logging Service Denial of Service Vulnerability

4.3CVSS6.3AI score0.05031EPSS

CVE•added 2022/07/12 11:15 p.m.•205 views

CVE-2022-21845

Windows Kernel Information Disclosure Vulnerability

4.7CVSS6.1AI score0.00875EPSS

CVE•added 2022/03/09 5:15 p.m.•204 views

CVE-2022-21975

Windows Hyper-V Denial of Service Vulnerability

4.7CVSS6.2AI score0.00137EPSS

CVE•added 2024/02/13 6:15 p.m.•201 views

CVE-2024-21304

Trusted Compute Base Elevation of Privilege Vulnerability

4.1CVSS5.3AI score0.00053EPSS

CVE•added 2022/08/09 8:15 p.m.•198 views

CVE-2022-34704

Windows Defender Credential Guard Information Disclosure Vulnerability

4.7CVSS6.5AI score0.0173EPSS

CVE•added 2023/06/14 12:15 a.m.•191 views

CVE-2023-32019

Windows Kernel Information Disclosure Vulnerability

4.7CVSS6.5AI score0.03184EPSS

CVE•added 2024/01/09 6:15 p.m.•184 views

CVE-2024-21305

Hypervisor-Protected Code Integrity (HVCI) Security Feature Bypass Vulnerability

4.4CVSS5.6AI score0.00369EPSS

CVE•added 2024/01/09 6:15 p.m.•179 views

CVE-2024-20691

Windows Themes Information Disclosure Vulnerability

4.7CVSS5.3AI score0.00095EPSS

CVE•added 2018/11/14 1:29 a.m.•165 views

CVE-2018-8566

A security feature bypass vulnerability exists when Windows improperly suspends BitLocker Device Encryption, aka "BitLocker Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows 10, Windows Server 2019, Windows 10 Servers.

4.6CVSS4.9AI score0.00217EPSS

CVE•added 2024/01/09 6:15 p.m.•159 views

CVE-2024-20662

Windows Online Certificate Status Protocol (OCSP) Information Disclosure Vulnerability

4.9CVSS5.6AI score0.00817EPSS

CVE•added 2023/01/10 10:15 p.m.•154 views

CVE-2023-21536

Event Tracing for Windows Information Disclosure Vulnerability

4.7CVSS4.8AI score0.00188EPSS

CVE•added 2022/05/10 9:15 p.m.•153 views

CVE-2022-29127

BitLocker Security Feature Bypass Vulnerability

4.2CVSS6.5AI score0.00193EPSS

CVE•added 2024/04/09 5:15 p.m.•152 views

CVE-2024-28922

Secure Boot Security Feature Bypass Vulnerability

4.1CVSS6.1AI score0.0015EPSS

CVE•added 2019/03/06 12:0 a.m.•147 views

CVE-2019-0601

An information disclosure vulnerability exists when the Human Interface Devices (HID) component improperly handles objects in memory, aka 'HID Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0600.

4.7CVSS6.2AI score0.00549EPSS

CVE•added 2021/11/10 1:18 a.m.•136 views

CVE-2021-38631

Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability

4.4CVSS6.3AI score0.00352EPSS

CVE•added 2023/03/14 5:15 p.m.•131 views

CVE-2023-24911

Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability

4.3CVSS4.6AI score0.01968EPSS

CVE•added 2019/04/09 9:29 p.m.•129 views

CVE-2019-0839

An information disclosure vulnerability exists when the Terminal Services component improperly discloses the contents of its memory, aka 'Windows Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0838.

4.4CVSS5.7AI score0.00695EPSS

CVE•added 2022/01/11 9:15 p.m.•128 views

CVE-2022-21900

Windows Hyper-V Security Feature Bypass Vulnerability

4.6CVSS6.7AI score0.00274EPSS

CVE•added 2021/11/10 1:19 a.m.•127 views

CVE-2021-41371

Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability

4.4CVSS6.3AI score0.00432EPSS

CVE•added 2019/04/09 3:29 a.m.•124 views

CVE-2019-0775

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0702, CVE-2019-0755, CVE-2019-0767, CVE-2019-0782.

4.7CVSS5.6AI score0.00908EPSS

CVE•added 2025/01/14 6:15 p.m.•123 views

CVE-2025-21329

MapUrlToZone Security Feature Bypass Vulnerability

4.3CVSS4.6AI score0.00111EPSS

CVE•added 2025/01/14 6:15 p.m.•122 views

CVE-2025-21213

Secure Boot Security Feature Bypass Vulnerability

4.6CVSS4.7AI score0.00143EPSS

CVE•added 2019/03/06 12:0 a.m.•121 views

CVE-2019-0600

4.7CVSS6.2AI score0.00549EPSS

CVE•added 2022/07/12 11:15 p.m.•117 views

CVE-2022-30212

Windows Connected Devices Platform Service Information Disclosure Vulnerability

4.7CVSS6.1AI score0.00312EPSS

CVE•added 2021/10/13 1:15 a.m.•115 views

CVE-2021-41337

Active Directory Security Feature Bypass Vulnerability

4.9CVSS6.2AI score0.00524EPSS

CVE•added 2022/05/10 9:15 p.m.•110 views

CVE-2022-24466

Windows Hyper-V Security Feature Bypass Vulnerability

4.1CVSS6.5AI score0.01318EPSS

CVE•added 2020/08/17 7:15 p.m.•108 views

CVE-2020-1578

An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (ASLR) bypass. An attacker who successfully exploited the vulnerability could retrieve the memory address of a ker...

4.7CVSS5.7AI score0.00378EPSS

CVE•added 2023/01/10 10:15 p.m.•108 views

CVE-2023-21766

Windows Overlay Filter Information Disclosure Vulnerability

4.7CVSS4.8AI score0.03918EPSS

CVE•added 2018/10/10 1:29 p.m.•106 views

CVE-2018-8320

A security feature bypass vulnerability exists in DNS Global Blocklist feature, aka "Windows DNS Security Feature Bypass Vulnerability." This affects Windows Server 2012 R2, Windows Server 2008, Windows Server 2012, Windows Server 2019, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windo...

4.3CVSS5.6AI score0.01939EPSS

CVE•added 2024/07/09 5:15 p.m.•105 views

CVE-2024-30071

Windows Remote Access Connection Manager Information Disclosure Vulnerability

4.7CVSS6.1AI score0.00172EPSS

CVE•added 2021/04/13 8:15 p.m.•103 views

CVE-2021-28447

Windows Early Launch Antimalware Driver Security Feature Bypass Vulnerability

4.4CVSS6.3AI score0.00407EPSS

CVE•added 2019/09/11 10:15 p.m.•100 views

CVE-2019-1294

A security feature bypass exists when Windows Secure Boot improperly restricts access to debugging functionality, aka 'Windows Secure Boot Security Feature Bypass Vulnerability'.

4.6CVSS6.1AI score0.00936EPSS

CVE•added 2023/04/11 9:15 p.m.•98 views

CVE-2023-28276

Windows Group Policy Security Feature Bypass Vulnerability

4.4CVSS4.9AI score0.00196EPSS

CVE•added 2024/08/13 6:15 p.m.•98 views

CVE-2024-38143

Windows WLAN AutoConfig Service Elevation of Privilege Vulnerability

4.2CVSS4.6AI score0.02126EPSS

CVE•added 2020/09/11 5:15 p.m.•97 views

CVE-2020-1592

An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory.To exploit this vulnerability, an authenticated attacker could run a specially crafted application. An attacker who successfully exploited this vulnerability could obtain information to f...

4.4CVSS4.2AI score0.00433EPSS

CVE•added 2019/08/14 9:15 p.m.•96 views

CVE-2019-1172

An information disclosure vulnerability exists in Azure Active Directory (AAD) Microsoft Account (MSA) during the login request session. An attacker who successfully exploited the vulnerability could take over a user's account.To exploit the vulnerability, an attacker would have to trick a user int...

4.3CVSS6AI score0.065EPSS

CVE•added 2021/04/13 8:15 p.m.•96 views

CVE-2021-27094

Windows Early Launch Antimalware Driver Security Feature Bypass Vulnerability

4.4CVSS6.3AI score0.00407EPSS

CVE•added 2025/01/14 6:15 p.m.•95 views

CVE-2025-21215

Secure Boot Security Feature Bypass Vulnerability

4.6CVSS4.7AI score0.00118EPSS

CVE•added 2020/01/14 11:15 p.m.•94 views

CVE-2020-0621

A security feature bypass vulnerability exists in Windows 10 when third party filters are called during a password update, aka 'Windows Security Feature Bypass Vulnerability'.

4.4CVSS6.7AI score0.00132EPSS

CVE•added 2022/10/11 7:15 p.m.•93 views

CVE-2022-38030

Windows USB Serial Driver Information Disclosure Vulnerability

4.3CVSS5.2AI score0.00376EPSS

Total number of security vulnerabilities69