Windows Server 2022 23h2@* Security Vulnerabilities and Issues — Page 9 of Windows Server 2022 23h2@* CVE List

Time-of-check time-of-use (toctou) race condition in Windows Local Security Authority (LSA) allows an authorized attacker to elevate privileges locally.

7CVSS7.1AI score0.00028EPSS

CVE•added 2025/01/14 6:15 p.m.•102 views

CVE-2025-21242

Windows Kerberos Information Disclosure Vulnerability

5.9CVSS5.5AI score0.00136EPSS

CVE•added 2025/04/08 6:16 p.m.•102 views

CVE-2025-27492

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Secure Channel allows an authorized attacker to elevate privileges locally.

7CVSS7.2AI score0.00023EPSS

CVE•added 2025/06/10 5:22 p.m.•102 views

CVE-2025-33059

Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.

5.5CVSS5.2AI score0.00056EPSS

CVE•added 2024/05/14 5:16 p.m.•101 views

CVE-2024-29998

Windows Mobile Broadband Driver Remote Code Execution Vulnerability

6.8CVSS7AI score0.00271EPSS

CVE•added 2024/05/14 5:16 p.m.•101 views

CVE-2024-30008

Windows DWM Core Library Information Disclosure Vulnerability

5.5CVSS6.1AI score0.00206EPSS

CVE•added 2024/05/14 5:16 p.m.•101 views

CVE-2024-30021

Windows Mobile Broadband Driver Remote Code Execution Vulnerability

6.8CVSS7AI score0.00528EPSS

CVE•added 2024/08/13 6:15 p.m.•101 views

CVE-2024-38128

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

8.8CVSS9AI score0.04029EPSS

CVE•added 2024/12/12 2:4 a.m.•101 views

CVE-2024-49072

Windows Task Scheduler Elevation of Privilege Vulnerability

7.8CVSS7.6AI score0.00225EPSS

CVE•added 2024/12/12 2:4 a.m.•101 views

CVE-2024-49079

Input Method Editor (IME) Remote Code Execution Vulnerability

7.8CVSS7.8AI score0.00502EPSS

CVE•added 2024/12/12 2:4 a.m.•101 views

CVE-2024-49118

Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability

8.1CVSS8.2AI score0.00317EPSS

CVE•added 2025/01/14 6:15 p.m.•101 views

CVE-2025-21241

Windows Telephony Service Remote Code Execution Vulnerability

8.8CVSS9AI score0.00681EPSS

CVE•added 2025/01/14 6:15 p.m.•101 views

CVE-2025-21295

SPNEGO Extended Negotiation (NEGOEX) Security Mechanism Remote Code Execution Vulnerability

8.1CVSS8.3AI score0.01382EPSS

CVE•added 2025/02/11 6:15 p.m.•101 views

CVE-2025-21349

Windows Remote Desktop Configuration Service Tampering Vulnerability

6.8CVSS7.5AI score0.00103EPSS

CVE•added 2025/03/11 5:16 p.m.•101 views

CVE-2025-26645

Relative path traversal in Remote Desktop Client allows an unauthorized attacker to execute code over a network.

8.8CVSS8.8AI score0.00459EPSS

CVE•added 2025/04/08 6:16 p.m.•101 views

CVE-2025-27731

Improper input validation in OpenSSH for Windows allows an authorized attacker to elevate privileges locally.

7.8CVSS7.1AI score0.00089EPSS

CVE•added 2024/08/13 6:15 p.m.•100 views

CVE-2024-38185

Windows Kernel-Mode Driver Elevation of Privilege Vulnerability

7.8CVSS7.7AI score0.00181EPSS

CVE•added 2024/12/12 2:4 a.m.•100 views

CVE-2024-49124

Lightweight Directory Access Protocol (LDAP) Client Remote Code Execution Vulnerability

8.1CVSS8.2AI score0.00249EPSS

CVE•added 2024/05/14 5:17 p.m.•99 views

CVE-2024-30035

Windows DWM Core Library Elevation of Privilege Vulnerability

7.8CVSS6.4AI score0.03433EPSS

CVE•added 2024/06/11 5:15 p.m.•99 views

CVE-2024-30066

Winlogon Elevation of Privilege Vulnerability

5.5CVSS7.2AI score0.00311EPSS

CVE•added 2024/07/09 5:15 p.m.•99 views

CVE-2024-38054

Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability

7.8CVSS8.6AI score0.25406EPSS

CVE•added 2024/08/13 6:15 p.m.•99 views

CVE-2024-38154

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

8.8CVSS9AI score0.06103EPSS

CVE•added 2025/01/14 6:15 p.m.•99 views

CVE-2025-21270

Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability

7.5CVSS7.4AI score0.014EPSS

CVE•added 2025/01/14 6:15 p.m.•99 views

CVE-2025-21312

Windows Smart Card Reader Information Disclosure Vulnerability

2.4CVSS3.6AI score0.00149EPSS

CVE•added 2025/01/14 6:15 p.m.•99 views

CVE-2025-21324

Windows Digital Media Elevation of Privilege Vulnerability

6.6CVSS6.5AI score0.00165EPSS

CVE•added 2025/02/11 6:15 p.m.•99 views

CVE-2025-21368

Microsoft Digest Authentication Remote Code Execution Vulnerability

8.8CVSS8.8AI score0.00517EPSS

CVE•added 2025/02/11 6:15 p.m.•99 views

CVE-2025-21419

Windows Setup Files Cleanup Elevation of Privilege Vulnerability

7.1CVSS7.6AI score0.00179EPSS

CVE•added 2025/03/11 5:16 p.m.•99 views

CVE-2025-24035

Sensitive data storage in improperly locked memory in Windows Remote Desktop Services allows an unauthorized attacker to execute code over a network.

8.1CVSS8.2AI score0.00325EPSS

CVE•added 2025/04/08 6:15 p.m.•99 views

CVE-2025-24058

Improper input validation in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.

7.8CVSS7.1AI score0.00102EPSS

Total number of security vulnerabilities1117