Windows Server 2019 Security Vulnerabilities and Issues — Windows Server 2019 CVE List

Lucene search

MicrosoftWindows Server 2019

415 matches found

CVE•added 2019/04/09 12:29 a.m.•1058 views

CVE-2019-0703

An information disclosure vulnerability exists in the way that the Windows SMB Server handles certain requests, aka 'Windows SMB Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0704, CVE-2019-0821.

6.5CVSS6.8AI score0.14208EPSS

CVE•added 2023/10/10 6:15 p.m.•716 views

CVE-2023-36563

Microsoft WordPad Information Disclosure Vulnerability

6.5CVSS7.1AI score0.00725EPSS

CVE•added 2023/05/09 6:15 p.m.•596 views

CVE-2023-24932

Secure Boot Security Feature Bypass Vulnerability

6.7CVSS6.9AI score0.00536EPSS

CVE•added 2024/08/08 2:15 a.m.•531 views

CVE-2024-21302

Summary:As of July 8, 2025 Microsoft has completed mitigations to address this vulnerability. See KB5042562: Guidance for blocking rollback of virtualization-based security related updates and the Recommended Actions section of this CVE for guidance on how to protect your systems from this vulnerab...

6.7CVSS5.8AI score0.00598EPSS

CVE•added 2024/11/12 6:15 p.m.•492 views

CVE-2024-38203

Windows Package Library Manager Information Disclosure Vulnerability

6.2CVSS5.8AI score0.00125EPSS

CVE•added 2024/03/12 5:15 p.m.•411 views

CVE-2024-21429

Windows USB Hub Driver Remote Code Execution Vulnerability

6.8CVSS7.2AI score0.00311EPSS

CVE•added 2023/10/10 6:15 p.m.•370 views

CVE-2023-36564

Windows Search Security Feature Bypass Vulnerability

6.5CVSS7.8AI score0.00135EPSS

CVE•added 2023/10/10 6:15 p.m.•366 views

CVE-2023-36706

Windows Deployment Services Information Disclosure Vulnerability

6.5CVSS7.6AI score0.0608EPSS

CVE•added 2023/10/10 6:15 p.m.•359 views

CVE-2023-36717

Windows Virtual Trusted Platform Module Denial of Service Vulnerability

6.5CVSS7.7AI score0.00064EPSS

CVE•added 2024/01/09 6:15 p.m.•341 views

CVE-2024-20666

BitLocker Security Feature Bypass Vulnerability

6.6CVSS6.8AI score0.11655EPSS

CVE•added 2022/07/12 11:15 p.m.•338 views

CVE-2022-22048

BitLocker Security Feature Bypass Vulnerability

6.6CVSS7.2AI score0.00265EPSS

CVE•added 2025/03/11 5:16 p.m.•336 views

CVE-2025-24071

Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an unauthorized attacker to perform spoofing over a network.

6.5CVSS7.3AI score0.6231EPSS

CVE•added 2020/07/29 6:15 p.m.•318 views

CVE-2020-15707

Integer overflows were discovered in the functions grub_cmd_initrd and grub_initrd_init in the efilinux component of GRUB2, as shipped in Debian, Red Hat, and Ubuntu (the functionality is not included in GRUB2 upstream), leading to a heap-based buffer overflow. These could be triggered by an extrem...

6.4CVSS7.6AI score0.00033EPSS

CVE•added 2021/06/08 11:15 p.m.•315 views

CVE-2021-26414

Windows DCOM Server Security Feature Bypass

6.5CVSS6.9AI score0.08955EPSS

CVE•added 2024/11/12 6:15 p.m.•310 views

CVE-2024-43451

NTLM Hash Disclosure Spoofing Vulnerability

6.5CVSS6.5AI score0.89087EPSS

CVE•added 2020/07/29 6:15 p.m.•285 views

CVE-2020-15706

GRUB2 contains a race condition in grub_script_function_create() leading to a use-after-free vulnerability which can be triggered by redefining a function whilst the same function is already executing, leading to arbitrary code execution and secure boot restriction bypass. This issue affects GRUB2 ...

6.4CVSS7.7AI score0.00064EPSS

CVE•added 2020/07/29 6:15 p.m.•284 views

CVE-2020-15705

GRUB2 fails to validate kernel signature when booted directly without shim, allowing secure boot to be bypassed. This only affects systems where the kernel signing certificate has been imported directly into the secure boot database and the GRUB image is booted directly without the use of shim. Thi...

6.4CVSS7.1AI score0.00018EPSS

CVE•added 2023/05/09 6:15 p.m.•276 views

CVE-2023-29324

Windows MSHTML Platform Security Feature Bypass Vulnerability

6.5CVSS8AI score0.02256EPSS

CVE•added 2023/11/28 7:15 a.m.•259 views

CVE-2023-24023

Bluetooth BR/EDR devices with Secure Simple Pairing and Secure Connections pairing in Bluetooth Core Specification 4.2 through 5.4 allow certain man-in-the-middle attacks that force a short key length, and might lead to discovery of the encryption key and live injection, aka BLUFFS.

6.8CVSS6.8AI score0.00157EPSS

CVE•added 2024/08/13 6:15 p.m.•245 views

CVE-2024-38213

Windows Mark of the Web Security Feature Bypass Vulnerability

6.5CVSS6.5AI score0.73855EPSS

CVE•added 2022/05/10 9:15 p.m.•243 views

CVE-2022-29120

Windows Clustered Shared Volume Information Disclosure Vulnerability

6.5CVSS7.6AI score0.00607EPSS

CVE•added 2024/10/08 6:15 p.m.•239 views

CVE-2024-37976

Windows Resume Extensible Firmware Interface Security Feature Bypass Vulnerability

6.7CVSS7.3AI score0.0029EPSS

CVE•added 2019/04/09 3:29 a.m.•236 views

CVE-2019-0821

6.5CVSS6.8AI score0.14208EPSS

CVE•added 2025/03/11 5:16 p.m.•234 views

CVE-2025-24054

External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing over a network.

6.5CVSS6.5AI score0.38746EPSS

CVE•added 2024/03/12 5:15 p.m.•233 views

CVE-2024-21430

Windows USB Attached SCSI (UAS) Protocol Remote Code Execution Vulnerability

6.4CVSS6.5AI score0.00203EPSS

CVE•added 2024/03/12 5:15 p.m.•227 views

CVE-2024-26197

Windows Standards-Based Storage Management Service Denial of Service Vulnerability

6.5CVSS7.3AI score0.03989EPSS

CVE•added 2019/04/09 12:29 a.m.•225 views

CVE-2019-0704

6.5CVSS6.8AI score0.14208EPSS

CVE•added 2024/02/13 6:15 p.m.•219 views

CVE-2024-21341

Windows Kernel Remote Code Execution Vulnerability

6.8CVSS7.2AI score0.00376EPSS

CVE•added 2024/02/13 6:15 p.m.•218 views

CVE-2024-21356

Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability

6.5CVSS6.8AI score0.0533EPSS

CVE•added 2022/01/11 9:15 p.m.•215 views

CVE-2022-21839

Windows Event Tracing Discretionary Access Control List Denial of Service Vulnerability

6.1CVSS7.3AI score0.00312EPSS

CVE•added 2022/05/10 9:15 p.m.•206 views

CVE-2022-29123

Windows Clustered Shared Volume Information Disclosure Vulnerability

6.5CVSS7.6AI score0.0047EPSS

CVE•added 2024/04/09 5:15 p.m.•205 views

CVE-2024-26234

Proxy Driver Spoofing Vulnerability

6.7CVSS7.4AI score0.02069EPSS

CVE•added 2022/05/10 9:15 p.m.•201 views

CVE-2022-22015

Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability

6.5CVSS7.7AI score0.09009EPSS

CVE•added 2023/01/10 10:15 p.m.•201 views

CVE-2023-21563

BitLocker Security Feature Bypass Vulnerability

6.8CVSS7AI score0.00639EPSS

CVE•added 2022/12/13 7:15 p.m.•197 views

CVE-2022-44707

Windows Kernel Denial of Service Vulnerability

6.5CVSS7AI score0.02836EPSS

CVE•added 2019/07/15 7:15 p.m.•195 views

CVE-2019-0975

A security feature bypass vulnerability exists when Active Directory Federation Services (ADFS) improperly updates its list of banned IP addresses. To exploit this vulnerability, an attacker would have to convince a victim ADFS administrator to update the list of banned IP addresses. This security ...

6.8CVSS6AI score0.02066EPSS

CVE•added 2022/05/10 9:15 p.m.•194 views

CVE-2022-29122

Windows Clustered Shared Volume Information Disclosure Vulnerability

6.5CVSS7.6AI score0.00607EPSS

CVE•added 2024/01/09 6:15 p.m.•191 views

CVE-2024-21320

Windows Themes Spoofing Vulnerability

6.5CVSS7.1AI score0.29324EPSS

CVE•added 2022/08/26 6:15 p.m.•189 views

CVE-2022-34303

A flaw was found in Eurosoft bootloaders before 2022-06-01. An attacker may use this bootloader to bypass or tamper with Secure Boot protections. In order to load and execute arbitrary code in the pre-boot stage, an attacker simply needs to replace the existing signed bootloader currently in use wi...

6.7CVSS8.2AI score0.00048EPSS

CVE•added 2022/08/09 8:15 p.m.•189 views

CVE-2022-34709

Windows Defender Credential Guard Security Feature Bypass Vulnerability

6CVSS7.5AI score0.00972EPSS

CVE•added 2023/07/11 6:15 p.m.•188 views

CVE-2023-35321

Windows Deployment Services Denial of Service Vulnerability

6.5CVSS7.8AI score0.0363EPSS

CVE•added 2024/01/09 6:15 p.m.•187 views

CVE-2024-21314

Microsoft Message Queuing Information Disclosure Vulnerability

6.5CVSS6.2AI score0.04684EPSS

CVE•added 2022/03/09 5:15 p.m.•185 views

CVE-2022-23253

Windows Point-to-Point Tunneling Protocol Denial of Service Vulnerability

6.5CVSS7.3AI score0.25443EPSS

CVE•added 2023/11/14 6:15 p.m.•185 views

CVE-2023-36398

Windows NTFS Information Disclosure Vulnerability

6.5CVSS7.6AI score0.00081EPSS

CVE•added 2024/02/13 6:15 p.m.•185 views

CVE-2024-21339

Windows USB Generic Parent Driver Remote Code Execution Vulnerability

6.4CVSS7AI score0.00112EPSS

CVE•added 2024/01/09 6:15 p.m.•182 views

CVE-2024-20663

Windows Message Queuing Client (MSMQC) Information Disclosure

6.5CVSS6.3AI score0.03672EPSS

CVE•added 2019/07/15 7:15 p.m.•179 views

CVE-2019-1094

An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1095, CVE-2019-1098, CVE-2019-1099, CVE-2019-1100, CVE-2019-1101, CVE-2019-1116.

6.5CVSS6.1AI score0.12437EPSS

CVE•added 2022/07/12 11:15 p.m.•179 views

CVE-2022-22042

Windows Hyper-V Information Disclosure Vulnerability

6.5CVSS7.1AI score0.17685EPSS

CVE•added 2020/02/11 10:15 p.m.•178 views

CVE-2020-0689

A security feature bypass vulnerability exists in secure boot, aka 'Microsoft Secure Boot Security Feature Bypass Vulnerability'.

6.7CVSS6.8AI score0.00158EPSS

CVE•added 2024/01/09 6:15 p.m.•176 views

CVE-2024-21316

Windows Server Key Distribution Service Security Feature Bypass