Windows Server 2022 Security Vulnerabilities and Issues — Page 40 of Windows Server 2022 CVE List

Lucene search

MicrosoftWindows Server 2022

2183 matches found

CVE•added 2025/06/10 5:21 p.m.•68 views

CVE-2025-32715

Out-of-bounds read in Remote Desktop Client allows an unauthorized attacker to disclose information over a network.

6.5CVSS6.2AI score0.00074EPSS

CVE•added 2025/06/10 5:22 p.m.•68 views

CVE-2025-32722

Improper access control in Windows Storage Port Driver allows an authorized attacker to disclose information locally.

5.5CVSS5.3AI score0.00052EPSS

CVE•added 2025/06/10 5:22 p.m.•68 views

CVE-2025-33055

Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.

5.5CVSS5.2AI score0.00056EPSS

CVE•added 2025/08/12 6:15 p.m.•68 views

CVE-2025-50154

Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an unauthorized attacker to perform spoofing over a network.

6.5CVSS6.6AI score0.01079EPSS

CVE•added 2023/12/12 6:15 p.m.•67 views

CVE-2023-36005

Windows Telephony Server Elevation of Privilege Vulnerability

8.1CVSS8AI score0.08837EPSS

CVE•added 2023/12/12 6:15 p.m.•67 views

CVE-2023-36696

Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability

7.8CVSS8.1AI score0.00108EPSS

CVE•added 2024/09/10 5:15 p.m.•67 views

CVE-2024-38234

Windows Networking Denial of Service Vulnerability

6.5CVSS7.8AI score0.00768EPSS

CVE•added 2024/11/12 6:15 p.m.•67 views

CVE-2024-43640

Windows Kernel-Mode Driver Elevation of Privilege Vulnerability

7.8CVSS7.7AI score0.00514EPSS

CVE•added 2025/05/13 5:15 p.m.•67 views

CVE-2025-29969

Time-of-check time-of-use (toctou) race condition in Windows Fundamentals allows an authorized attacker to execute code over a network.

7.5CVSS7.6AI score0.00118EPSS

CVE•added 2025/01/14 6:15 p.m.•66 views

CVE-2025-21193

Active Directory Federation Server Spoofing Vulnerability

6.5CVSS6.5AI score0.00138EPSS

CVE•added 2025/01/14 6:15 p.m.•66 views

CVE-2025-21218

Windows Kerberos Denial of Service Vulnerability

7.5CVSS7.5AI score0.014EPSS

CVE•added 2025/05/13 5:15 p.m.•66 views

CVE-2025-29954

Uncontrolled resource consumption in Windows LDAP - Lightweight Directory Access Protocol allows an unauthorized attacker to deny service over a network.

5.9CVSS5.7AI score0.00946EPSS

CVE•added 2024/10/08 6:15 p.m.•65 views

CVE-2024-43581

Microsoft OpenSSH for Windows Remote Code Execution Vulnerability

7.1CVSS7.8AI score0.0336EPSS

CVE•added 2025/05/13 5:15 p.m.•65 views

CVE-2025-24063

Heap-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges locally.

7.8CVSS7.8AI score0.00106EPSS

CVE•added 2025/03/11 5:16 p.m.•65 views

CVE-2025-26634

Heap-based buffer overflow in Windows Core Messaging allows an authorized attacker to elevate privileges over a network.

7.5CVSS7.7AI score0.00216EPSS

CVE•added 2025/06/10 5:22 p.m.•65 views

CVE-2025-33050

Protection mechanism failure in Windows DHCP Server allows an unauthorized attacker to deny service over a network.

7.5CVSS7.3AI score0.00177EPSS

CVE•added 2025/07/08 5:15 p.m.•65 views

CVE-2025-47981

Heap-based buffer overflow in Windows SPNEGO Extended Negotiation allows an unauthorized attacker to execute code over a network.

9.8CVSS7.4AI score0.00228EPSS

CVE•added 2024/10/08 6:15 p.m.•64 views

CVE-2024-43593

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

8.8CVSS9.1AI score0.09988EPSS

CVE•added 2025/01/14 6:15 p.m.•64 views

CVE-2025-21257

Windows WLAN AutoConfig Service Information Disclosure Vulnerability

5.5CVSS5.3AI score0.00101EPSS

CVE•added 2025/01/14 6:15 p.m.•64 views

CVE-2025-21300

Windows upnphost.dll Denial of Service Vulnerability

7.5CVSS7.5AI score0.014EPSS

CVE•added 2025/05/13 5:15 p.m.•64 views

CVE-2025-29840

Stack-based buffer overflow in Windows Media allows an unauthorized attacker to execute code over a network.

8.8CVSS8AI score0.00147EPSS

CVE•added 2025/05/13 5:15 p.m.•64 views

CVE-2025-29962

Heap-based buffer overflow in Windows Media allows an unauthorized attacker to execute code over a network.

8.8CVSS9.1AI score0.00147EPSS

CVE•added 2025/06/10 5:22 p.m.•64 views

CVE-2025-32724

Uncontrolled resource consumption in Windows Local Security Authority Subsystem Service (LSASS) allows an unauthorized attacker to deny service over a network.

7.5CVSS7.4AI score0.12218EPSS

CVE•added 2025/06/10 5:22 p.m.•64 views

CVE-2025-33066

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.

8.8CVSS9.1AI score0.00083EPSS

CVE•added 2024/12/18 11:15 p.m.•63 views

CVE-2022-40733

An access violation vulnerability exists in the DirectComposition functionality win32kbase.sys driver version 10.0.22000.593 as part of Windows 11 version 22000.593 and version 10.0.20348.643 as part of Windows Server 2022 version 20348.643. A specially-crafted set of syscalls can lead to a reboot....

6.5CVSS5.2AI score0.00205EPSS

CVE•added 2025/05/13 5:15 p.m.•63 views

CVE-2025-29841

Concurrent execution using shared resource with improper synchronization ('race condition') in Universal Print Management Service allows an authorized attacker to elevate privileges locally.

7CVSS6.9AI score0.00075EPSS

CVE•added 2025/05/13 5:15 p.m.•63 views

CVE-2025-29964

Heap-based buffer overflow in Windows Media allows an unauthorized attacker to execute code over a network.

8.8CVSS9.1AI score0.00147EPSS

CVE•added 2025/06/10 5:23 p.m.•63 views

CVE-2025-33075

Improper link resolution before file access ('link following') in Windows Installer allows an authorized attacker to elevate privileges locally.

7.8CVSS7.6AI score0.001EPSS

CVE•added 2024/09/10 5:15 p.m.•62 views

CVE-2024-38235

Windows Hyper-V Denial of Service Vulnerability

6.5CVSS7.8AI score0.00174EPSS

CVE•added 2025/06/10 5:22 p.m.•62 views

CVE-2025-33061

Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.

5.5CVSS5.2AI score0.00056EPSS

CVE•added 2024/11/12 6:15 p.m.•61 views

CVE-2024-43646

Windows Secure Kernel Mode Elevation of Privilege Vulnerability

7.8CVSS6.7AI score0.00215EPSS

CVE•added 2025/05/13 5:15 p.m.•61 views

CVE-2025-29967

Heap-based buffer overflow in Remote Desktop Gateway Service allows an unauthorized attacker to execute code over a network.

8.8CVSS8.1AI score0.003EPSS

CVE•added 2025/05/13 5:16 p.m.•61 views

CVE-2025-30388

Heap-based buffer overflow in Windows Win32K - GRFX allows an unauthorized attacker to execute code locally.

7.8CVSS8AI score0.00138EPSS

CVE•added 2025/06/10 5:22 p.m.•61 views

CVE-2025-32725

Protection mechanism failure in Windows DHCP Server allows an unauthorized attacker to deny service over a network.

7.5CVSS7.3AI score0.00177EPSS

CVE•added 2025/06/10 5:22 p.m.•61 views

CVE-2025-33056

Improper access control in Microsoft Local Security Authority Server (lsasrv) allows an unauthorized attacker to deny service over a network.

7.5CVSS7.3AI score0.00139EPSS

CVE•added 2025/06/10 5:22 p.m.•61 views

CVE-2025-33060

Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.

5.5CVSS5.2AI score0.00056EPSS

CVE•added 2024/10/08 6:15 p.m.•59 views

CVE-2024-43534

Windows Graphics Component Information Disclosure Vulnerability

6.5CVSS7.4AI score0.00411EPSS

CVE•added 2025/02/11 6:15 p.m.•59 views

CVE-2025-21352

Internet Connection Sharing (ICS) Denial of Service Vulnerability

6.5CVSS7.3AI score0.00309EPSS

CVE•added 2025/05/13 5:15 p.m.•59 views

CVE-2025-29833

Time-of-check time-of-use (toctou) race condition in Windows Virtual Machine Bus allows an unauthorized attacker to execute code locally.

7.7CVSS7.7AI score0.00081EPSS

CVE•added 2025/05/13 5:15 p.m.•59 views

CVE-2025-29842

Acceptance of extraneous untrusted data with trusted data in UrlMon allows an unauthorized attacker to bypass a security feature over a network.

7.5CVSS7.7AI score0.00062EPSS

CVE•added 2025/06/10 5:21 p.m.•59 views

CVE-2025-32712

Use after free in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally.

7.8CVSS8AI score0.00066EPSS

CVE•added 2025/06/10 5:22 p.m.•59 views

CVE-2025-33064

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to execute code over a network.

8.8CVSS9.1AI score0.00103EPSS

CVE•added 2025/07/08 5:15 p.m.•59 views

CVE-2025-47973

Buffer over-read in Virtual Hard Disk (VHDX) allows an unauthorized attacker to elevate privileges locally.

7.8CVSS6.5AI score0.00079EPSS

CVE•added 2024/12/18 11:15 p.m.•58 views

CVE-2022-40732

7.5CVSS5.2AI score0.0018EPSS

CVE•added 2024/12/12 2:4 a.m.•58 views

CVE-2024-49107

WmsRepair Service Elevation of Privilege Vulnerability

7.3CVSS7.2AI score0.00391EPSS

CVE•added 2025/01/14 6:15 p.m.•58 views

CVE-2025-21248

Windows Telephony Service Remote Code Execution Vulnerability

8.8CVSS9AI score0.00502EPSS

CVE•added 2025/06/10 5:22 p.m.•58 views

CVE-2025-33062

Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.

5.5CVSS5.2AI score0.00056EPSS

CVE•added 2025/01/14 6:16 p.m.•57 views

CVE-2025-21389

Windows upnphost.dll Denial of Service Vulnerability

7.5CVSS7.5AI score0.014EPSS

CVE•added 2025/05/13 5:15 p.m.•57 views

CVE-2025-27468

Improper privilege management in Windows Secure Kernel Mode allows an authorized attacker to elevate privileges locally.

7CVSS7AI score0.00075EPSS

CVE•added 2025/05/13 5:15 p.m.•57 views

CVE-2025-29829

Use of uninitialized resource in Windows Trusted Runtime Interface Driver allows an authorized attacker to disclose information locally.

5.5CVSS6.8AI score0.00213EPSS

Total number of security vulnerabilities2183