Lucene search
K
MicrosoftWindows Server 2022

2813 matches found

CVE
CVE
added 2023/10/10 12:0 a.m.5290 views

CVE-2023-44487

CVE-2023-44487 – HTTP/2 Rapid Reset DoS Root cause: HTTP/2 stream resets can cause servers to continue processing, leading to unbounded resource consumption and potential DoS when clients rapidly cancel streams. What’s affected: Various HTTP/2 implementations and deployments, including servers, p...

7.5CVSS8AI score0.99999EPSS
In wildWeb
CVE
CVE
added 2024/06/11 4:59 p.m.4289 views

CVE-2024-30078

Technical details about CVE-2024-30078 are not publicly available in the provided documents. No specifics on affected driver, root cause, or remediation are present; monitor for updates from vendor/security advisories.

8.8CVSS9.4AI score0.05158EPSS
CVE
CVE
added 2024/02/14 12:0 a.m.3251 views

CVE-2023-50387

CVE-2023-50387 (KeyTrap) affects DNSSEC processing in DNS resolvers. Multiple advisories note excessive CPU/DoS risk when validating DNSKEY/RRSIG in zones with many records. Affected products include Bind (bind9) and Unbound across Linux distributions (e.g., AL2, AlmaLinux) with patches/released ...

7.5CVSS7.7AI score0.99995EPSS
CVE
CVE
added 2013/12/11 12:0 a.m.3238 views

CVE-2013-3900

CVE-2013-3900 describes a remote code execution in the WinVerifyTrust Authenticode verification for PE files. An attacker could modify a signed executable to execute code without invalidating the signature, potentially gaining full control of the system. Microsoft republished this CVE in the Secu...

8.8CVSS7.4AI score0.44647EPSS
In wildWeb
CVE
CVE
added 2021/07/02 9:25 p.m.2633 views

CVE-2021-34527

CVE-2021-34527, known as PrintNightmare, is a Windows Print Spooler remote code execution vulnerability. The flaw allows an authenticated attacker to execute arbitrary code with SYSTEM privileges by abusing privileged file operations in the Print Spooler, enabling installation of programs, data a...

9CVSS9AI score0.99759EPSS
In wildWeb
CVE
CVE
added 2022/06/01 8:10 p.m.2200 views

CVE-2022-30190

Technical details beyond the MSDT/Follina description are not provided in the connected documents. Public specifics (affected versions, exploit paths, patches) are not available here; monitor for updates.

9.3CVSS8.5AI score0.99374EPSS
In wild
CVE
CVE
added 2021/11/10 12:47 a.m.1727 views

CVE-2021-42278

CVE-2021-42278 is an Active Directory Domain Services privilege-escalation vulnerability in Microsoft Windows. The connected documents describe exploits/frameworks (e.g., Pachine, sam-the-admin, noPac) that impersonate a Domain Administrator from a standard domain user using Kerberos delegation t...

7.5CVSS8.2AI score0.70207EPSS
In wild
CVE
CVE
added 2021/09/15 11:24 a.m.1552 views

CVE-2021-40444

CVE-2021-40444 is a Microsoft MSHTML remote-code-execution vulnerability exploited via specially crafted Word documents containing malicious ActiveX controls. Public details confirm an exploit chain: a Word doc opens, a relationship in document.xml.rels points to a malicious HTML, IE Preview load...

8.8CVSS7.3AI score0.96843EPSS
In wild
CVE
CVE
added 2022/04/15 7:3 p.m.1478 views

CVE-2022-24521

CVE-2022-24521 is a Windows Windows Common Log File System Driver Privilege Escalation vulnerability. The CVE entry reports an elevation-of-privilege flaw in the CLFS driver; CVSS scores shown include a 2.0/2.0 base (MEDIUM) on NVD and a 3.1-based HIGH score from Microsoft, both indicating local ...

7.8CVSS8.9AI score0.07304EPSS
In wild
CVE
CVE
added 2021/10/13 12:26 a.m.1474 views

CVE-2021-40449

CVE-2021-40449 is a Win32k use-after-free local privilege escalation in GreResetDCInternal. The vulnerability arises when a user‑mode callback hook on the driver’s PDEV path (DrvEnablePDEV) can trigger a subsequent ResetDC call, freeing the original device context and causing a kernel‑mode use‑af...

7.8CVSS8AI score0.73381EPSS
In wild
CVE
CVE
added 2023/07/11 6:14 p.m.1375 views

CVE-2023-36884

CVE-2023-36884 is a Windows/Office RCE via Windows Search (.search-ms) triggered by specially crafted OOXML documents; active exploitation was noted (Storm-0978 campaign) and Microsoft released a patch/Defense in Depth mitigations in August 2023 to break the exploitation chain. Public PoCs/exploi...

7.5CVSS9.1AI score0.99083EPSS
In wild
CVE
CVE
added 2022/01/11 8:22 p.m.1360 views

CVE-2022-21882

CVE-2022-21882 is a Windows Win32k local privilege-escalation vulnerability. It arises when an incomplete patch for CVE-2021-1732 leaves a bypass path that lets attackers trigger the vulnerability via a manipulated user-callback flow in Win32k, enabling a full compromise of the affected process. ...

7.8CVSS7.8AI score0.55711EPSS
In wild
CVE
CVE
added 2021/11/10 12:47 a.m.1347 views

CVE-2021-42287

CVE-2021-42287 is an Active Directory Domain Services privilege-escalation vulnerability. Connected documents corroborate it as part of a vulnerability family targeting domain controllers (CVE-2021-42278/42287) and describe exploitation via impersonation from a standard domain user to a DA, inclu...

8.8CVSS8.2AI score0.74265EPSS
In wild
CVE
CVE
added 2023/04/11 7:13 p.m.1322 views

CVE-2023-21554

The CVE-2023-21554 vulnerability is an RCE in Microsoft Message Queuing (MSMQ) due to improper input validation (CWE-20) in the MSMQ service. When MSMQ is enabled, a crafted MSMQ packet over TCP port 1801 can trigger an out-of-bounds/overflow condition, potentially allowing remote code execution....

9.8CVSS9.6AI score0.95454EPSS
CVE
CVE
added 2023/04/11 7:13 p.m.1303 views

CVE-2023-28252

CVE-2023-28252 – Windows CLFS driver local privilege escalation : The vulnerability stems from CLFS.sys handling of file blocks in memory (m_rgBlocks) and associated metadata, enabling an out-of-bounds access that lets an unprivileged user hijack the SYSTEM token. Public PoCs and in-the-wild acti...

7.8CVSS8.1AI score0.48973EPSS
In wild
CVE
CVE
added 2022/02/09 4:36 p.m.1276 views

CVE-2022-21971

CVE-2022-21971 is a Windows Runtime Remote Code Execution vulnerability. The CVE entry references a Windows Runtime flaw with high severity, and connected sources corroborate that patches exist (MSRC/update guides and CISA-kev). Malwarebytes’ 2022 article notes Microsoft patches for CVE-2022-2197...

9.3CVSS8.3AI score0.53655EPSS
In wild
CVE
CVE
added 2022/02/09 4:37 p.m.1268 views

CVE-2022-22718

CVE-2022-22718 is a Windows Print Spooler elevation of privilege vulnerability. Connected sources confirm an exploit exists (e.g., SpoolFool PoC) and that it has been tracked in exploit catalogs; Microsoft/MSRC guidance and CISA KEV catalog list it among known issues. Affected component: Windows ...

7.8CVSS7.8AI score0.18464EPSS
In wild
CVE
CVE
added 2022/02/09 4:36 p.m.1232 views

CVE-2022-21999

Technical details about CVE-2022-21999 are not publicly provided in the supplied connected documents. Based on the materials, we cannot specify affected software, root cause, or remediation. Monitor for updates from official advisories and vendor disclosures.

7.8CVSS7.7AI score0.41683EPSS
In wild
CVE
CVE
added 2021/11/10 12:46 a.m.1219 views

CVE-2021-41379

CVE-2021-41379 is a Windows Installer Elevation of Privilege vulnerability affecting Windows Installer across Windows 10/11 and Windows Server. Public details in connected sources describe the issue as a Windows Installer privilege-escalation flaw, with references to InstallerFileTakeOver as the ...

7.8CVSS7AI score0.20255EPSS
In wild
CVE
CVE
added 2022/05/10 8:33 p.m.1219 views

CVE-2022-26925

CVE-2022-26925 is a Windows Local Security Authority (LSA) spoofing vulnerability. The issue allows an unauthenticated attacker to coerce a domain controller to authenticate to the attacker using NTLM by calling a method on the LSARPC interface, enabling potential credential exposure in an NTLM-r...

8.1CVSS7.5AI score0.09823EPSS
In wild
CVE
CVE
added 2022/01/11 8:23 p.m.1173 views

CVE-2022-21919

CVE-2022-21919 is a Windows User Profile Service elevation-of-privilege bug. Connected docs describe the root cause as improper validation in profext.dll’s CreateDirectoryJunction, enabling a directory junction attack to escalate to SYSTEM by abusing UI/UX (Narrator/consent.exe) and UAC. Some sou...

7CVSS8.2AI score0.0295EPSS
In wild
CVE
CVE
added 2021/09/15 11:23 a.m.1138 views

CVE-2021-36955

CVE-2021-36955 is a Windows privilege-escalation flaw in the Common Log File System (CLFS) driver. The vulnerability stems from the CLFS driver (clfs.sys) and enables local privilege escalation to SYSTEM when exploited. Connected guidance and threat intel cite this CVE alongside Windows CLFS-rela...

7.8CVSS8AI score0.03054EPSS
In wild
CVE
CVE
added 2022/05/10 8:33 p.m.1131 views

CVE-2022-26923

CVE-2022-26923 affects Microsoft Active Directory Domain Services with AD CS involvement. The vulnerability stems from certificates issued by AD CS where an attacker who manages computer accounts can modify the dNSHostName attribute to impersonate a Domain Controller in a certificate, enabling pr...

9CVSS9.2AI score0.83277EPSS
In wild
CVE
CVE
added 2023/10/18 3:52 a.m.1130 views

CVE-2023-38545

CVE-2023-38545 is a heap-based buffer overflow in curl/libcurl during SOCKS5 proxy hostname handling. When a long host name (over 255 bytes) is passed for proxy resolution, curl may copy the full hostname into the target buffer due to a race in a slow handshake, enabling arbitrary code execution....

9.8CVSS9.4AI score0.78483EPSS
CVE
CVE
added 2022/04/15 7:5 p.m.1118 views

CVE-2022-26904

CVE-2022-26904 is a Windows User Profile Service Elevation of Privilege vulnerability. The issue is a race-condition–driven LPE in the User Profile Service, with attacker-controlled code execution at SYSTEM granted by bypasses and PoCs described in public sources. A Metasploit module exists for t...

7CVSS8.2AI score0.09817EPSS
In wild
CVE
CVE
added 2022/07/12 10:37 p.m.1103 views

CVE-2022-22047

CVE-2022-22047 is a Windows CSRSS Elevation of Privilege vulnerability. The CSRSS component may allow a local attacker who can execute code on the target to gain SYSTEM privileges. Public exploitation has been reported; Microsoft’s July 2022 Patch Tuesday addressed this family of issues (CSRSS Eo...

7.8CVSS8.3AI score0.18912EPSS
In wild
CVE
CVE
added 2021/10/13 12:26 a.m.1092 views

CVE-2021-40450

CVE-2021-40450 is a Win32k elevation-of-privilege vulnerability (local, privilege escalation) in Windows. The CVE is described as a Win32k Privilege Escalation issue with high impact (confidentiality, integrity, availability) per CVSS 3.1/3.1 vector; attack is local and requires no user interacti...

7.8CVSS7.9AI score0.01968EPSS
In wild
CVE
CVE
added 2022/08/09 7:55 p.m.1084 views

CVE-2022-34713

CVE-2022-34713 (DogWalk) is a remote code execution vulnerability in Microsoft Windows MSDT that is triggered when MSDT is invoked via the URL protocol from a calling application (e.g., Word). The CVSS 3.1 entry indicates a local attack vector with low attack complexity, no privileges required, b...

7.8CVSS8.9AI score0.6798EPSS
In wild
CVE
CVE
added 2021/10/13 12:28 a.m.1083 views

CVE-2021-41357

CVE-2021-41357 is a Windows Win32k privilege-escalation vulnerability (local, low complexity, no user interaction) with CVSS v3.1 base score 7.8 (high). Affected component is Win32k; root cause involves elevation of privileges on Windows systems. Public disclosures in the connected documents indi...

7.8CVSS7.5AI score0.01968EPSS
In wild
CVE
CVE
added 2023/09/12 4:58 p.m.1059 views

CVE-2023-36802

CVE-2023-36802 is an Elevation of Privilege vulnerability in the Microsoft Streaming Service Proxy (MSKSSRV.SYS). The connected documents identify the root cause as an object type confusion in the Windows kernel-mode driver, enabling local privilege escalation to SYSTEM on vulnerable Windows 10/1...

7.8CVSS8.2AI score0.261EPSS
In wild
CVE
CVE
added 2024/08/13 5:29 p.m.1018 views

CVE-2024-38063

CVE-2024-38063 is a Windows IPv6/tcpip.sys vulnerability involving improper handling of IPv6 extension headers and fragmentation. Technical material in connected docs shows an integer underflow in the IPv6 fragment reassembly path (Ipv6pReassemblyTimeout) and a risky code path where IppSendErrorL...

9.8CVSS9.8AI score0.70564EPSS
CVE
CVE
added 2025/01/14 6:3 p.m.963 views

CVE-2025-21298

CVE-2025-21298 is a Windows OLE use-after-free memory corruption vulnerability in ole32.dll (UtOlePresStmToContentsStm) that enables remote code execution via specially crafted RTF, including zero-click scenarios when previews are shown in Outlook. The issue arises from a double-free of the CONTE...

9.8CVSS9.8AI score0.80912EPSS
CVE
CVE
added 2023/01/10 12:0 a.m.929 views

CVE-2023-21674

CVE-2023-21674 affects Windows Advanced Local Procedure Call (ALPC). The documented root cause is an Elevation of Privilege in ALPC that could enable browser sandbox escape and gain SYSTEM privileges. Public exploits exist (Kaspersky notes exploitation in the wild; a GitHub PoC is referenced), in...

8.8CVSS8.6AI score0.41538EPSS
In wild
CVE
CVE
added 2022/09/13 6:42 p.m.915 views

CVE-2022-37969

CVE-2022-37969 is a local privilege escalation in Windows CLFS (clfs.sys). The provided connected exploit discussion describes an out-of-bounds/memory-spraying chain that corrupts CLFS kernel structures (notably pContainer in a CLFS container) via crafted .blf files and memory spraying, enabling ...

7.8CVSS8.9AI score0.28483EPSS
In wild
CVE
CVE
added 2022/11/09 12:0 a.m.889 views

CVE-2022-41128

CVE-2022-41128 is a Windows Scripting Languages Remote Code Execution vulnerability in the JScript9 scripting language. Reports consistently describe a network-exploitable RCE where visiting a malicious site can trigger memory corruption and arbitrary code execution on affected Windows systems. E...

8.8CVSS8.3AI score0.24808EPSS
In wild
CVE
CVE
added 2022/11/09 12:0 a.m.884 views

CVE-2022-38023

CVE-2022-38023 (NetLogon RC4-HMAC vulnerability) affects Samba and related packages (samba, samba-client, libsmbclient, libwbclient, etc.). Technical detail: the issue stems from allowing RC4/HMAC-MD5 in the NetLogon Secure Channel, weakening authentication between clients and servers. Affected p...

8.1CVSS8.3AI score0.02559EPSS
CVE
CVE
added 2022/10/11 12:0 a.m.873 views

CVE-2022-41033

CVE-2022-41033 is a Windows Privilege Escalation affecting the COM+ Event System Service. The root cause is an improper privilege handling in the service, enabling a local attacker with low privileges to obtain SYSTEM level access, compromising confidentiality, integrity, and availability. The CV...

7.8CVSS8.1AI score0.01777EPSS
In wild
CVE
CVE
added 2023/03/14 4:55 p.m.872 views

CVE-2023-24880

CVE-2023-24880 is a Windows SmartScreen Security Feature Bypass vulnerability. The Connected sources describe MOTW bypass via crafted files that can defeat SmartScreen/Protected View, enabling execution of malicious code without proper MOTW checks. Exploitation in the wild is mentioned in multipl...

4.4CVSS7AI score0.78152EPSS
In wild
CVE
CVE
added 2023/02/14 8:9 p.m.853 views

CVE-2023-21823

CVE-2023-21823 (Windows Graphics Component RCE) : A Windows Graphics Component remote code execution vulnerability that can give an attacker SYSTEM-level code execution when exploited. Public discussion across sources notes exploitation risk and active exploitation in the wild around Patch Tuesda...

7.8CVSS7.9AI score0.05563EPSS
In wild
CVE
CVE
added 2022/11/09 12:0 a.m.806 views

CVE-2022-41073

CVE-2022-41073 — Windows Print Spooler Elevation of Privilege affects Windows Print Spooler. Connected docs note exploitation in the wild and public patching via Microsoft updates (Nov 2022 Patch Tuesday). Remediation is to apply the Microsoft update for CVE-2022-41073 per MSRC/update guidance in...

7.8CVSS8.1AI score0.02389EPSS
In wild
CVE
CVE
added 2022/11/09 12:0 a.m.799 views

CVE-2022-41091

CVE-2022-41091 is a Windows security feature bypass in Mark of the Web (MOTW). The vulnerability allows bypassing MOTW protections, with a CVSS v3.1 base score of 5.4 (AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L). Public sources note exploitation in the wild and patches are delivered via Microsoft’s upda...

5.4CVSS7AI score0.01986EPSS
In wild
CVE
CVE
added 2022/11/09 12:0 a.m.797 views

CVE-2022-41049

CVE-2022-41049 refers to a Windows Mark of the Web (MotW) security feature bypass vulnerability. Affected: Windows MotW handling; Root cause: bypass of MotW checks that normally protect against untrusted content. Impact: limited loss of integrity and availability of security features; exploitatio...

5.4CVSS6.8AI score0.02482EPSS
In wild
CVE
CVE
added 2024/10/08 5:35 p.m.792 views

CVE-2024-38124

CVE-2024-38124 is a Windows Netlogon Elevation of Privilege vulnerability. The provided exploitation context shows an attacker with network access on an AD domain can craft Netlogon messages to impersonate machines (including DCs), enabling privilege escalation and potential full AD compromise. A...

9CVSS9AI score0.01153EPSS
CVE
CVE
added 2022/11/09 12:0 a.m.785 views

CVE-2022-41125

CVE-2022-41125 affects Windows CNG Key Isolation Service (Windows Cryptographic Next Generation). The underlying issue is an Elevation of Privilege in that service, enabling an authenticated attacker to gain SYSTEM privileges. Patch guidance is to install the Microsoft updates for this CVE (per M...

7.8CVSS8.1AI score0.03021EPSS
In wild
CVE
CVE
added 2023/10/10 5:8 p.m.777 views

CVE-2023-36563

CVE-2023-36563 refers to a Microsoft WordPad Information Disclosure vulnerability. The connected materials confirm that exploitation could disclose NTLM hashes when a user opens a specially crafted file or if an attacker has access to the host, with signs of exploitation in the wild cited by Patc...

6.5CVSS7.1AI score0.20719EPSS
In wild
CVE
CVE
added 2023/09/12 4:58 p.m.772 views

CVE-2023-38148

Mode C: CVE-2023-38148 is described in connected sources as a Windows Internet Connection Sharing (ICS) Remote Code Execution vulnerability. It is reported that an unauthenticated attacker could exploit ICS by sending a specially crafted data packet to a vulnerable system to install malware. The ...

8.8CVSS8.8AI score0.08176EPSS
CVE
CVE
added 2023/01/10 12:0 a.m.767 views

CVE-2023-21768

CVE-2023-21768 affects the Windows Ancillary Function Driver for WinSock (afd.sys). The vulnerability stems from a flaw in AfdNotifyRemoveIoCompletion, enabling a local privilege escalation to SYSTEM by manipulating I/O ring structures. Documented impact shows LPE on Windows 11 22H2 up to build 2...

7.8CVSS7.7AI score0.65417EPSS
In wild
CVE
CVE
added 2025/04/08 5:23 p.m.747 views

CVE-2025-29824

CVE-2025-29824 is a Use-After-Free vulnerability in the Windows Common Log File System Driver (CLFS) kernel driver, caused by a race condition in W32PROCESS handling via WaitForInputIdle that enables local privilege escalation to SYSTEM. Microsoft patched this in April 2025 (KB5044284). Public ex...

7.8CVSS7.5AI score0.1806EPSS
In wild
CVE
CVE
added 2022/12/13 12:0 a.m.743 views

CVE-2022-44698

CVE-2022-44698 is a Windows SmartScreen security feature bypass that enables bypass of Mark-of-the-Web protections via specially crafted files. The public data confirms exploitation in the wild and active exploitation historically cited by multiple sources (CISA KEV, KrebsOnSecurity). The underly...

5.4CVSS6.8AI score0.76106EPSS
In wild
CVE
CVE
added 2024/02/13 6:2 p.m.741 views

CVE-2024-21338

CVE-2024-21338 is a Windows kernel local privilege escalation caused by an exposed IOCTL with insufficient access control in the appid.sys component. The vulnerability enables local attackers with LOW privileges and no user interaction to escalate to kernel to access high-privilege operations (CV...

7.8CVSS8.1AI score0.51865EPSS
In wild
Total number of security vulnerabilities2813