Windows Server 2022 23h2@* Security Vulnerabilities and Issues — Page 15 of Windows Server 2022 23h2@* CVE List

Improper access control in Windows NTFS allows an authorized attacker to disclose file path information under a folder where the attacker doesn't have permission to list content.

6.5CVSS6.7AI score0.00103EPSS

CVE•added 2025/01/14 6:15 p.m.•82 views

CVE-2025-21244

Windows Telephony Service Remote Code Execution Vulnerability

8.8CVSS9AI score0.0076EPSS

CVE•added 2025/03/11 5:16 p.m.•82 views

CVE-2025-24051

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.

8.8CVSS7.8AI score0.00321EPSS

CVE•added 2025/04/08 6:15 p.m.•82 views

CVE-2025-26637

Protection mechanism failure in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack.

6.8CVSS6.9AI score0.00098EPSS

CVE•added 2025/04/08 6:15 p.m.•82 views

CVE-2025-26639

Integer overflow or wraparound in Windows USB Print Driver allows an authorized attacker to elevate privileges locally.

7.8CVSS7.3AI score0.00078EPSS

CVE•added 2025/04/08 6:15 p.m.•82 views

CVE-2025-26663

Use after free in Windows LDAP - Lightweight Directory Access Protocol allows an unauthorized attacker to execute code over a network.

8.1CVSS7.9AI score0.0007EPSS

CVE•added 2025/04/08 6:15 p.m.•82 views

CVE-2025-26665

Sensitive data storage in improperly locked memory in Windows upnphost.dll allows an authorized attacker to elevate privileges locally.

7CVSS7.1AI score0.00023EPSS

CVE•added 2025/04/08 6:15 p.m.•82 views

CVE-2025-26675

Out-of-bounds read in Windows Subsystem for Linux allows an authorized attacker to elevate privileges locally.

7.8CVSS7AI score0.00057EPSS

CVE•added 2025/04/08 6:16 p.m.•82 views

CVE-2025-27738

Improper access control in Windows Resilient File System (ReFS) allows an authorized attacker to disclose information over a network.

6.5CVSS6.7AI score0.00103EPSS

CVE•added 2025/05/13 5:15 p.m.•82 views

CVE-2025-29966

Heap-based buffer overflow in Windows Remote Desktop allows an unauthorized attacker to execute code over a network.

8.8CVSS8.1AI score0.0017EPSS

CVE•added 2023/12/12 6:15 p.m.•81 views

CVE-2023-35641

Internet Connection Sharing (ICS) Remote Code Execution Vulnerability

8.8CVSS8.8AI score0.05218EPSS

CVE•added 2024/07/09 5:15 p.m.•81 views

CVE-2024-37975

Secure Boot Security Feature Bypass Vulnerability

8CVSS8.4AI score0.01503EPSS

CVE•added 2024/07/09 5:15 p.m.•81 views

CVE-2024-38011

Secure Boot Security Feature Bypass Vulnerability

8CVSS8.4AI score0.00927EPSS

CVE•added 2024/07/09 5:15 p.m.•81 views

CVE-2024-38050

Windows Workstation Service Elevation of Privilege Vulnerability

7.8CVSS8.6AI score0.00619EPSS

CVE•added 2024/07/09 5:15 p.m.•81 views

CVE-2024-38067

Windows Online Certificate Status Protocol (OCSP) Server Denial of Service Vulnerability

7.5CVSS8.4AI score0.09955EPSS

CVE•added 2024/08/13 6:15 p.m.•81 views

CVE-2024-38145

Windows Layer-2 Bridge Network Driver Denial of Service Vulnerability

7.5CVSS7.5AI score0.30301EPSS

CVE•added 2024/09/10 5:15 p.m.•81 views

CVE-2024-38237

Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability

7.8CVSS8.6AI score0.00962EPSS

CVE•added 2024/10/08 6:15 p.m.•81 views

CVE-2024-43509

Windows Graphics Component Elevation of Privilege Vulnerability

7.8CVSS8.4AI score0.00588EPSS

CVE•added 2024/11/12 6:15 p.m.•81 views

CVE-2024-43620

Windows Telephony Service Remote Code Execution Vulnerability

8.8CVSS8.8AI score0.01686EPSS

CVE•added 2024/11/12 6:15 p.m.•81 views

CVE-2024-43643

Windows USB Video Class System Driver Elevation of Privilege Vulnerability

6.8CVSS6.7AI score0.00328EPSS

CVE•added 2024/12/12 2:4 a.m.•81 views

CVE-2024-49081

Wireless Wide Area Network Service (WwanSvc) Elevation of Privilege Vulnerability

6.6CVSS6.5AI score0.00383EPSS

CVE•added 2025/01/14 6:15 p.m.•81 views

CVE-2025-21202

Windows Recovery Environment Agent Elevation of Privilege Vulnerability

6.1CVSS6.3AI score0.00137EPSS

CVE•added 2025/01/14 6:15 p.m.•81 views

CVE-2025-21290

Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability

7.5CVSS7.4AI score0.01098EPSS

CVE•added 2025/01/14 6:15 p.m.•81 views

CVE-2025-21313

Windows Security Account Manager (SAM) Denial of Service Vulnerability

6.5CVSS6.4AI score0.00348EPSS

CVE•added 2025/02/11 6:15 p.m.•81 views

CVE-2025-21359

Windows Kernel Security Feature Bypass Vulnerability

7.8CVSS8AI score0.00097EPSS

CVE•added 2025/03/11 5:16 p.m.•81 views

CVE-2025-24046

Use after free in Microsoft Streaming Service allows an authorized attacker to elevate privileges locally.

7.8CVSS7.9AI score0.00106EPSS

CVE•added 2025/04/08 6:15 p.m.•81 views

CVE-2025-26686

Sensitive data storage in improperly locked memory in Windows TCP/IP allows an unauthorized attacker to execute code over a network.

7.5CVSS7.5AI score0.00107EPSS

CVE•added 2025/04/08 6:15 p.m.•81 views

CVE-2025-27474

Use of uninitialized resource in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.

6.5CVSS6.9AI score0.00133EPSS

CVE•added 2025/04/08 6:16 p.m.•81 views

CVE-2025-27735

Insufficient verification of data authenticity in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to bypass a security feature locally.

6CVSS7.1AI score0.00028EPSS

CVE•added 2025/04/08 6:16 p.m.•81 views

CVE-2025-27740

Weak authentication in Windows Active Directory Certificate Services allows an authorized attacker to elevate privileges over a network.

8.8CVSS7.3AI score0.00338EPSS

CVE•added 2025/06/10 5:22 p.m.•81 views

CVE-2025-33070

Use of uninitialized resource in Windows Netlogon allows an unauthorized attacker to elevate privileges over a network.

8.1CVSS8AI score0.00212EPSS

Total number of security vulnerabilities1174