Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
MicrosoftWindows Server 2022 23h2

509 matches found

cve
cveadded 2025/01/14 6:16 p.m.120 views

CVE-2025-21382

Windows Graphics Component Elevation of Privilege Vulnerability

7.8CVSS7.7AI score0.00208EPSS
cve
cveadded 2025/04/08 6:16 p.m.118 views

CVE-2025-27736

Exposure of sensitive information to an unauthorized actor in Windows Power Dependency Coordinator allows an authorized attacker to disclose information locally.

5.5CVSS6.6AI score0.00041EPSS
cve
cveadded 2025/01/14 6:15 p.m.117 views

CVE-2025-21275

Windows App Package Installer Elevation of Privilege Vulnerability

7.8CVSS7.7AI score0.00234EPSS
cve
cveadded 2025/01/14 6:15 p.m.116 views

CVE-2025-21274

Windows Event Tracing Denial of Service Vulnerability

5.5CVSS5.5AI score0.00098EPSS
cve
cveadded 2025/01/14 6:15 p.m.115 views

CVE-2025-21286

Windows Telephony Service Remote Code Execution Vulnerability

8.8CVSS9AI score0.01435EPSS
cve
cveadded 2025/01/14 6:15 p.m.115 views

CVE-2025-21303

Windows Telephony Service Remote Code Execution Vulnerability

8.8CVSS9AI score0.0052EPSS
cve
cveadded 2025/01/14 6:15 p.m.113 views

CVE-2025-21332

MapUrlToZone Security Feature Bypass Vulnerability

8.8CVSS4.6AI score0.0013EPSS
cve
cveadded 2025/03/11 5:16 p.m.113 views

CVE-2025-24997

Null pointer dereference in Windows Kernel Memory allows an authorized attacker to deny service locally.

4.4CVSS6.8AI score0.00105EPSS
cve
cveadded 2025/02/11 6:15 p.m.111 views

CVE-2025-21376

Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability

8.1CVSS8.5AI score0.00512EPSS
cve
cveadded 2025/04/08 6:16 p.m.111 views

CVE-2025-29810

Improper access control in Active Directory Domain Services allows an authorized attacker to elevate privileges over a network.

7.5CVSS7.1AI score0.00019EPSS
cve
cveadded 2025/06/10 5:23 p.m.111 views

CVE-2025-47160

Protection mechanism failure in Windows Shell allows an unauthorized attacker to bypass a security feature over a network.

5.4CVSS5.4AI score0.00087EPSS
cve
cveadded 2025/06/10 5:21 p.m.109 views

CVE-2025-24068

Buffer over-read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.

5.5CVSS5.3AI score0.00056EPSS
cve
cveadded 2025/04/08 6:15 p.m.109 views

CVE-2025-27482

Sensitive data storage in improperly locked memory in Remote Desktop Gateway Service allows an unauthorized attacker to execute code over a network.

8.1CVSS7.5AI score0.00046EPSS
cve
cveadded 2025/02/11 6:15 p.m.108 views

CVE-2025-21369

Microsoft Digest Authentication Remote Code Execution Vulnerability

8.8CVSS8.8AI score0.00565EPSS
cve
cveadded 2025/01/14 6:15 p.m.107 views

CVE-2025-21340

Windows Virtualization-Based Security (VBS) Security Feature Bypass Vulnerability

5.5CVSS5.5AI score0.00091EPSS
cve
cveadded 2025/01/14 6:15 p.m.106 views

CVE-2025-21318

Windows Kernel Memory Information Disclosure Vulnerability

5.5CVSS5.3AI score0.00104EPSS
cve
cveadded 2025/02/11 6:15 p.m.105 views

CVE-2025-21208

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

8.8CVSS8.8AI score0.00584EPSS
cve
cveadded 2025/01/14 6:15 p.m.104 views

CVE-2025-21251

Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability

7.5CVSS7.4AI score0.01098EPSS
cve
cveadded 2025/01/14 6:15 p.m.104 views

CVE-2025-21297

Windows Remote Desktop Services Remote Code Execution Vulnerability

8.1CVSS8.3AI score0.01083EPSS
cve
cveadded 2025/04/08 6:15 p.m.104 views

CVE-2025-26647

Improper input validation in Windows Kerberos allows an unauthorized attacker to elevate privileges over a network.

8.8CVSS7AI score0.0012EPSS
cve
cveadded 2025/04/08 6:15 p.m.104 views

CVE-2025-26651

Exposed dangerous method or function in Windows Local Session Manager (LSM) allows an authorized attacker to deny service over a network.

6.5CVSS7.1AI score0.154EPSS
cve
cveadded 2025/01/14 6:15 p.m.102 views

CVE-2025-21226

Windows Digital Media Elevation of Privilege Vulnerability

6.6CVSS6.5AI score0.00151EPSS
cve
cveadded 2025/01/14 6:15 p.m.102 views

CVE-2025-21307

Windows Reliable Multicast Transport Driver (RMCAST) Remote Code Execution Vulnerability

9.8CVSS9.8AI score0.06471EPSS
cve
cveadded 2025/04/08 6:15 p.m.102 views

CVE-2025-26671

Use after free in Windows Remote Desktop Services allows an unauthorized attacker to execute code over a network.

8.1CVSS8AI score0.00111EPSS
cve
cveadded 2025/01/14 6:15 p.m.101 views

CVE-2025-21242

Windows Kerberos Information Disclosure Vulnerability

5.9CVSS5.5AI score0.00125EPSS
cve
cveadded 2025/04/08 6:16 p.m.101 views

CVE-2025-27492

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Secure Channel allows an authorized attacker to elevate privileges locally.

7CVSS7.2AI score0.0002EPSS
cve
cveadded 2025/06/10 5:22 p.m.101 views

CVE-2025-33059

Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.

5.5CVSS5.2AI score0.00056EPSS
cve
cveadded 2025/04/08 6:15 p.m.100 views

CVE-2025-21191

Time-of-check time-of-use (toctou) race condition in Windows Local Security Authority (LSA) allows an authorized attacker to elevate privileges locally.

7CVSS7.1AI score0.00023EPSS
cve
cveadded 2025/01/14 6:15 p.m.100 views

CVE-2025-21241

Windows Telephony Service Remote Code Execution Vulnerability

8.8CVSS9AI score0.00706EPSS
cve
cveadded 2025/01/14 6:15 p.m.100 views

CVE-2025-21295

SPNEGO Extended Negotiation (NEGOEX) Security Mechanism Remote Code Execution Vulnerability

8.1CVSS8.3AI score0.01083EPSS
cve
cveadded 2025/03/11 5:16 p.m.100 views

CVE-2025-26645

Relative path traversal in Remote Desktop Client allows an unauthorized attacker to execute code over a network.

8.8CVSS8.8AI score0.00459EPSS
cve
cveadded 2025/04/08 6:16 p.m.100 views

CVE-2025-27731

Improper input validation in OpenSSH for Windows allows an authorized attacker to elevate privileges locally.

7.8CVSS7.1AI score0.00075EPSS
cve
cveadded 2025/02/11 6:15 p.m.99 views

CVE-2025-21349

Windows Remote Desktop Configuration Service Tampering Vulnerability

6.8CVSS7.5AI score0.00103EPSS
cve
cveadded 2025/01/14 6:15 p.m.98 views

CVE-2025-21270

Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability

7.5CVSS7.4AI score0.01098EPSS
cve
cveadded 2025/01/14 6:15 p.m.98 views

CVE-2025-21312

Windows Smart Card Reader Information Disclosure Vulnerability

2.4CVSS3.6AI score0.00137EPSS
cve
cveadded 2025/01/14 6:15 p.m.98 views

CVE-2025-21324

Windows Digital Media Elevation of Privilege Vulnerability

6.6CVSS6.5AI score0.00151EPSS
cve
cveadded 2025/02/11 6:15 p.m.98 views

CVE-2025-21368

Microsoft Digest Authentication Remote Code Execution Vulnerability

8.8CVSS8.8AI score0.00517EPSS
cve
cveadded 2025/02/11 6:15 p.m.98 views

CVE-2025-21419

Windows Setup Files Cleanup Elevation of Privilege Vulnerability

7.1CVSS7.6AI score0.00179EPSS
cve
cveadded 2025/03/11 5:16 p.m.98 views

CVE-2025-24035

Sensitive data storage in improperly locked memory in Windows Remote Desktop Services allows an unauthorized attacker to execute code over a network.

8.1CVSS8.2AI score0.00325EPSS
cve
cveadded 2025/04/08 6:15 p.m.98 views

CVE-2025-24058

Improper input validation in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.

7.8CVSS7.1AI score0.00086EPSS
cve
cveadded 2025/02/11 6:15 p.m.97 views

CVE-2025-21190

Windows Telephony Service Remote Code Execution Vulnerability

8.8CVSS8.8AI score0.00322EPSS
cve
cveadded 2025/04/08 6:15 p.m.97 views

CVE-2025-21222

Heap-based buffer overflow in Windows Telephony Service allows an unauthorized attacker to execute code over a network.

8.8CVSS8AI score0.00059EPSS
cve
cveadded 2025/02/11 6:15 p.m.97 views

CVE-2025-21254

Internet Connection Sharing (ICS) Denial of Service Vulnerability

6.5CVSS7.3AI score0.00144EPSS
cve
cveadded 2025/01/14 6:15 p.m.97 views

CVE-2025-21276

Windows MapUrlToZone Denial of Service Vulnerability

7.5CVSS7.5AI score0.02353EPSS
cve
cveadded 2025/04/08 6:15 p.m.97 views

CVE-2025-24074

Improper input validation in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.

7.8CVSS7.1AI score0.00086EPSS
cve
cveadded 2025/04/08 6:15 p.m.97 views

CVE-2025-27479

Insufficient resource pool in Windows Kerberos allows an unauthorized attacker to deny service over a network.

7.5CVSS7AI score0.09541EPSS
cve
cveadded 2025/04/08 6:16 p.m.97 views

CVE-2025-27742

Out-of-bounds read in Windows NTFS allows an unauthorized attacker to disclose information locally.

5.5CVSS6.6AI score0.00039EPSS
cve
cveadded 2025/01/14 6:15 p.m.96 views

CVE-2025-21215

Secure Boot Security Feature Bypass Vulnerability

4.6CVSS4.7AI score0.00118EPSS
cve
cveadded 2025/01/14 6:15 p.m.96 views

CVE-2025-21255

Windows Digital Media Elevation of Privilege Vulnerability

6.6CVSS6.5AI score0.00151EPSS
cve
cveadded 2025/04/08 6:15 p.m.96 views

CVE-2025-26678

Improper access control in Windows Defender Application Control (WDAC) allows an unauthorized attacker to bypass a security feature locally.

8.4CVSS7.2AI score0.00055EPSS
Total number of security vulnerabilities509