Windows Server 2022 23h2@* Security Vulnerabilities and Issues — Page 18 of Windows Server 2022 23h2@* CVE List

Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an unauthorized attacker to perform spoofing over a network.

6.5CVSS6.6AI score0.01724EPSS

Web

CVE•added 2024/10/08 6:15 p.m.•69 views

CVE-2024-38261

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

7.8CVSS8.6AI score0.01492EPSS

CVE•added 2025/01/14 6:15 p.m.•69 views

CVE-2025-21272

Windows COM Server Information Disclosure Vulnerability

6.5CVSS6.3AI score0.0011EPSS

CVE•added 2025/04/08 6:15 p.m.•69 views

CVE-2025-27476

Use after free in Windows Digital Media allows an authorized attacker to elevate privileges locally.

7.8CVSS7.5AI score0.00065EPSS

CVE•added 2024/10/08 6:15 p.m.•68 views

CVE-2024-38029

Microsoft OpenSSH for Windows Remote Code Execution Vulnerability

7.5CVSS7.8AI score0.03785EPSS

CVE•added 2024/09/10 5:15 p.m.•68 views

CVE-2024-38252

Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability

7.8CVSS8.6AI score0.00606EPSS

CVE•added 2024/10/08 6:15 p.m.•68 views

CVE-2024-43574

Microsoft Speech Application Programming Interface (SAPI) Remote Code Execution Vulnerability

8.3CVSS8.6AI score0.0084EPSS

CVE•added 2024/12/12 2:4 a.m.•68 views

CVE-2024-49087

Windows Mobile Broadband Driver Information Disclosure Vulnerability

4.6CVSS4.5AI score0.00493EPSS

CVE•added 2024/12/12 2:4 a.m.•68 views

CVE-2024-49110

Windows Mobile Broadband Driver Elevation of Privilege Vulnerability

6.8CVSS6.6AI score0.00302EPSS

CVE•added 2025/01/14 6:15 p.m.•68 views

CVE-2025-21207

Windows Connected Devices Platform Service (Cdpsvc) Denial of Service Vulnerability

7.5CVSS7.5AI score0.014EPSS

CVE•added 2025/01/14 6:15 p.m.•68 views

CVE-2025-21220

Microsoft Message Queuing Information Disclosure Vulnerability

7.5CVSS7.3AI score0.00733EPSS

CVE•added 2025/01/14 6:15 p.m.•68 views

CVE-2025-21249

Windows Digital Media Elevation of Privilege Vulnerability

6.6CVSS6.5AI score0.00165EPSS

CVE•added 2025/01/14 6:15 p.m.•68 views

CVE-2025-21301

Windows Geolocation Service Information Disclosure Vulnerability

6.5CVSS6.3AI score0.00371EPSS

CVE•added 2025/01/14 6:16 p.m.•68 views

CVE-2025-21411

Windows Telephony Service Remote Code Execution Vulnerability

8.8CVSS9AI score0.03423EPSS

CVE•added 2025/06/10 5:21 p.m.•68 views

CVE-2025-32715

Out-of-bounds read in Remote Desktop Client allows an unauthorized attacker to disclose information over a network.

6.5CVSS6.2AI score0.00074EPSS

CVE•added 2025/06/10 5:22 p.m.•68 views

CVE-2025-32722

Improper access control in Windows Storage Port Driver allows an authorized attacker to disclose information locally.

5.5CVSS5.3AI score0.00052EPSS

CVE•added 2025/06/10 5:22 p.m.•68 views

CVE-2025-33055

Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.

5.5CVSS5.2AI score0.00056EPSS

CVE•added 2023/12/12 6:15 p.m.•67 views

CVE-2023-36696

Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability

7.8CVSS8.1AI score0.00108EPSS

CVE•added 2024/09/10 5:15 p.m.•67 views

CVE-2024-38234

Windows Networking Denial of Service Vulnerability

6.5CVSS7.8AI score0.00768EPSS

CVE•added 2024/10/08 6:15 p.m.•67 views

CVE-2024-43523

Windows Mobile Broadband Driver Remote Code Execution Vulnerability

6.8CVSS7.7AI score0.00445EPSS

CVE•added 2025/05/13 5:15 p.m.•67 views

CVE-2025-29969

Time-of-check time-of-use (toctou) race condition in Windows Fundamentals allows an authorized attacker to execute code over a network.

7.5CVSS7.6AI score0.00118EPSS

CVE•added 2025/07/08 5:15 p.m.•67 views

CVE-2025-47981

Heap-based buffer overflow in Windows SPNEGO Extended Negotiation allows an unauthorized attacker to execute code over a network.

9.8CVSS7.4AI score0.00309EPSS

CVE•added 2024/10/08 6:15 p.m.•66 views

CVE-2024-43536

Windows Mobile Broadband Driver Remote Code Execution Vulnerability

6.8CVSS7.7AI score0.00358EPSS

CVE•added 2024/10/08 6:15 p.m.•66 views

CVE-2024-43542

Windows Mobile Broadband Driver Denial of Service Vulnerability

6.5CVSS7.3AI score0.00309EPSS

CVE•added 2024/12/12 2:4 a.m.•66 views

CVE-2024-49103

Windows Wireless Wide Area Network Service (WwanSvc) Information Disclosure Vulnerability

4.3CVSS4.4AI score0.00246EPSS

CVE•added 2025/01/14 6:15 p.m.•66 views

CVE-2025-21193

Active Directory Federation Server Spoofing Vulnerability

6.5CVSS6.5AI score0.00138EPSS

CVE•added 2025/01/14 6:15 p.m.•66 views

CVE-2025-21218

Windows Kerberos Denial of Service Vulnerability

7.5CVSS7.5AI score0.014EPSS

CVE•added 2025/05/13 5:15 p.m.•66 views

CVE-2025-29954

Uncontrolled resource consumption in Windows LDAP - Lightweight Directory Access Protocol allows an unauthorized attacker to deny service over a network.

5.9CVSS5.7AI score0.00946EPSS

CVE•added 2024/10/08 6:15 p.m.•65 views

CVE-2024-43525

Windows Mobile Broadband Driver Remote Code Execution Vulnerability

6.8CVSS7.7AI score0.00388EPSS

CVE•added 2024/10/08 6:15 p.m.•65 views

CVE-2024-43581

Microsoft OpenSSH for Windows Remote Code Execution Vulnerability

7.1CVSS7.8AI score0.0336EPSS

CVE•added 2025/05/13 5:15 p.m.•65 views

CVE-2025-24063

Heap-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges locally.

7.8CVSS7.8AI score0.00106EPSS

CVE•added 2025/03/11 5:16 p.m.•65 views

CVE-2025-26634

Heap-based buffer overflow in Windows Core Messaging allows an authorized attacker to elevate privileges over a network.

7.5CVSS7.7AI score0.00216EPSS

CVE•added 2025/06/10 5:22 p.m.•65 views

CVE-2025-33050

Protection mechanism failure in Windows DHCP Server allows an unauthorized attacker to deny service over a network.

7.5CVSS7.3AI score0.00177EPSS

CVE•added 2023/12/12 6:15 p.m.•64 views

CVE-2023-35631

Win32k Elevation of Privilege Vulnerability

7.8CVSS8.1AI score0.0157EPSS

CVE•added 2024/09/10 5:15 p.m.•64 views

CVE-2024-43495

Windows libarchive Remote Code Execution Vulnerability

7.3CVSS7.5AI score0.00821EPSS

CVE•added 2024/10/08 6:15 p.m.•64 views

CVE-2024-43526

Windows Mobile Broadband Driver Remote Code Execution Vulnerability

6.8CVSS7.7AI score0.00388EPSS

CVE•added 2024/10/08 6:15 p.m.•64 views

CVE-2024-43593

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

8.8CVSS9.1AI score0.09988EPSS

CVE•added 2025/01/14 6:15 p.m.•64 views

CVE-2025-21257

Windows WLAN AutoConfig Service Information Disclosure Vulnerability

5.5CVSS5.3AI score0.00101EPSS

CVE•added 2025/01/14 6:15 p.m.•64 views

CVE-2025-21300

Windows upnphost.dll Denial of Service Vulnerability

7.5CVSS7.5AI score0.014EPSS

CVE•added 2025/05/13 5:15 p.m.•64 views

CVE-2025-29840

Stack-based buffer overflow in Windows Media allows an unauthorized attacker to execute code over a network.

8.8CVSS8AI score0.00147EPSS

CVE•added 2025/05/13 5:15 p.m.•64 views

CVE-2025-29962

Heap-based buffer overflow in Windows Media allows an unauthorized attacker to execute code over a network.

8.8CVSS9.1AI score0.00147EPSS

CVE•added 2025/06/10 5:22 p.m.•64 views

CVE-2025-32724

Uncontrolled resource consumption in Windows Local Security Authority Subsystem Service (LSASS) allows an unauthorized attacker to deny service over a network.

7.5CVSS7.4AI score0.12218EPSS

CVE•added 2025/06/10 5:22 p.m.•64 views

CVE-2025-33066

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.

8.8CVSS9.1AI score0.00083EPSS

CVE•added 2024/10/08 6:15 p.m.•63 views

CVE-2024-38129

Windows Kerberos Elevation of Privilege Vulnerability

7.5CVSS7AI score0.0351EPSS

Total number of security vulnerabilities1117