Windows Server 2022 Security Vulnerabilities and Issues — Page 5 of Windows Server 2022 CVE List

An out-of-bounds write vulnerability exists in TPM2.0's Module Library allowing writing of a 2-byte data past the end of TPM2.0 command in the CryptParameterDecryption routine. An attacker who can successfully exploit this vulnerability can lead to denial of service (crashing the TPM chip/process o...

7.8CVSS7.7AI score0.00187EPSS

CVE•added 2023/03/14 5:15 p.m.•321 views

CVE-2023-21708

Remote Procedure Call Runtime Remote Code Execution Vulnerability

9.8CVSS9.7AI score0.04719EPSS

CVE•added 2025/01/14 6:15 p.m.•321 views

CVE-2025-21189

MapUrlToZone Security Feature Bypass Vulnerability

4.3CVSS4.6AI score0.00189EPSS

CVE•added 2021/06/08 11:15 p.m.•320 views

CVE-2021-26414

Windows DCOM Server Security Feature Bypass

6.5CVSS6.9AI score0.14238EPSS

CVE•added 2023/05/09 6:15 p.m.•314 views

CVE-2023-29325

Windows OLE Remote Code Execution Vulnerability

8.1CVSS8.8AI score0.2384EPSS

CVE•added 2022/09/13 7:15 p.m.•313 views

CVE-2022-34721

Windows Internet Key Exchange (IKE) Protocol Extensions Remote Code Execution Vulnerability

9.8CVSS9.7AI score0.26867EPSS

In wild

CVE•added 2022/04/15 7:15 p.m.•310 views

CVE-2022-24490

Windows Hyper-V Shared Virtual Hard Disks Information Disclosure Vulnerability

8.1CVSS6.8AI score0.15202EPSS

CVE•added 2025/02/11 6:15 p.m.•310 views

CVE-2025-21418

Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

7.8CVSS8.2AI score0.04314EPSS

In wild

CVE•added 2022/08/09 8:15 p.m.•309 views

CVE-2022-30133

Windows Point-to-Point Protocol (PPP) Remote Code Execution Vulnerability

9.8CVSS9.6AI score0.17199EPSS

CVE•added 2023/11/14 6:15 p.m.•307 views

CVE-2023-36705

Windows Installer Elevation of Privilege Vulnerability

7.8CVSS8.6AI score0.00162EPSS

CVE•added 2024/05/14 5:17 p.m.•305 views

CVE-2024-30040

Windows MSHTML Platform Security Feature Bypass Vulnerability

8.8CVSS6.3AI score0.51138EPSS

In wild

CVE•added 2025/06/10 5:22 p.m.•304 views

CVE-2025-33065

Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.

5.5CVSS5.2AI score0.00056EPSS

CVE•added 2025/06/10 5:22 p.m.•300 views

CVE-2025-33052

Use of uninitialized resource in Windows DWM Core Library allows an authorized attacker to disclose information locally.

5.5CVSS5.3AI score0.00144EPSS

CVE•added 2022/07/12 11:15 p.m.•297 views

CVE-2022-22049

Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability

7.8CVSS8.2AI score0.00235EPSS

In wild

CVE•added 2023/11/28 7:15 a.m.•297 views

CVE-2023-24023

Bluetooth BR/EDR devices with Secure Simple Pairing and Secure Connections pairing in Bluetooth Core Specification 4.2 through 5.4 allow certain man-in-the-middle attacks that force a short key length, and might lead to discovery of the encryption key and live injection, aka BLUFFS.

6.8CVSS6.8AI score0.00176EPSS

CVE•added 2023/05/09 6:15 p.m.•297 views

CVE-2023-24943

Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability

9.8CVSS9.6AI score0.01302EPSS

CVE•added 2025/03/11 5:16 p.m.•296 views

CVE-2025-24054

External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing over a network.

6.5CVSS6.5AI score0.28518EPSS

In wild

CVE•added 2024/03/12 5:15 p.m.•294 views

CVE-2024-21408

Windows Hyper-V Denial of Service Vulnerability

5.5CVSS6.8AI score0.00478EPSS

CVE•added 2023/11/14 6:15 p.m.•292 views

CVE-2023-36394

Windows Search Service Elevation of Privilege Vulnerability

7CVSS8.1AI score0.01054EPSS

CVE•added 2024/08/14 12:15 a.m.•289 views

CVE-2024-38163

Windows Update Stack Elevation of Privilege Vulnerability

7.8CVSS8.3AI score0.00614EPSS

CVE•added 2022/03/09 5:15 p.m.•287 views

CVE-2022-24505

Windows ALPC Elevation of Privilege Vulnerability

7CVSS7.6AI score0.00118EPSS

CVE•added 2021/09/15 12:15 p.m.•284 views

CVE-2021-38633

Windows Common Log File System Driver Elevation of Privilege Vulnerability

7.8CVSS8AI score0.00426EPSS

In wild

CVE•added 2022/09/13 7:15 p.m.•282 views

CVE-2022-30170

Windows Credential Roaming Service Elevation of Privilege Vulnerability

7.3CVSS8.3AI score0.00913EPSS

In wild

CVE•added 2024/04/09 5:15 p.m.•281 views

CVE-2024-26229

Windows CSC Service Elevation of Privilege Vulnerability

7.8CVSS8.1AI score0.83008EPSS

CVE•added 2023/05/09 6:15 p.m.•279 views

CVE-2023-29324

Windows MSHTML Platform Security Feature Bypass Vulnerability

6.5CVSS8AI score0.02256EPSS

CVE•added 2024/01/09 6:15 p.m.•279 views

CVE-2024-20674

Windows Kerberos Security Feature Bypass Vulnerability

8.8CVSS8.4AI score0.15936EPSS

CVE•added 2024/08/13 6:15 p.m.•279 views

CVE-2024-38193

Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

7.8CVSS7.7AI score0.66421EPSS

In wild

CVE•added 2024/08/13 6:15 p.m.•279 views

CVE-2024-38213

Windows Mark of the Web Security Feature Bypass Vulnerability

6.5CVSS6.5AI score0.75065EPSS

In wild

CVE•added 2021/09/15 12:15 p.m.•277 views

CVE-2021-36963

Windows Common Log File System Driver Elevation of Privilege Vulnerability

7.8CVSS8AI score0.00394EPSS

In wild

CVE•added 2024/03/12 5:15 p.m.•277 views

CVE-2024-21407

Windows Hyper-V Remote Code Execution Vulnerability

8.1CVSS8.5AI score0.05403EPSS

CVE•added 2024/10/08 6:15 p.m.•277 views

CVE-2024-43584

Windows Scripting Engine Security Feature Bypass Vulnerability

8.4CVSS7.8AI score0.00371EPSS

CVE•added 2022/04/15 7:15 p.m.•275 views

CVE-2022-24491

Windows Network File System Remote Code Execution Vulnerability

9.8CVSS9.6AI score0.42379EPSS

CVE•added 2022/04/15 7:15 p.m.•274 views

CVE-2022-24500

Windows SMB Remote Code Execution Vulnerability

8.8CVSS9.4AI score0.38093EPSS

CVE•added 2023/11/14 6:15 p.m.•274 views

CVE-2023-36719

Microsoft Speech Application Programming Interface (SAPI) Elevation of Privilege Vulnerability

7.8CVSS8.5AI score0.00134EPSS

CVE•added 2024/08/13 6:15 p.m.•272 views

CVE-2024-38178

Scripting Engine Memory Corruption Vulnerability

7.5CVSS7.4AI score0.25932EPSS

In wild

CVE•added 2022/04/15 7:15 p.m.•271 views

CVE-2022-24528

Remote Procedure Call Runtime Remote Code Execution Vulnerability

8.8CVSS9.4AI score0.02203EPSS

CVE•added 2024/03/12 5:15 p.m.•270 views

CVE-2024-21438

Microsoft AllJoyn API Denial of Service Vulnerability

7.5CVSS7.6AI score0.03412EPSS

CVE•added 2024/07/09 5:15 p.m.•269 views

CVE-2024-38080

Windows Hyper-V Elevation of Privilege Vulnerability

7.8CVSS8.4AI score0.21315EPSS

In wild

CVE•added 2022/03/09 5:15 p.m.•268 views

CVE-2022-21977

Media Foundation Information Disclosure Vulnerability

4.3CVSS5.7AI score0.01033EPSS

CVE•added 2024/09/10 5:15 p.m.•268 views

CVE-2024-21416

Windows TCP/IP Remote Code Execution Vulnerability

9.8CVSS9AI score0.05887EPSS

CVE•added 2024/03/12 5:15 p.m.•268 views

CVE-2024-26190

Microsoft QUIC Denial of Service Vulnerability

7.5CVSS7.4AI score0.00623EPSS

CVE•added 2025/06/10 5:23 p.m.•268 views

CVE-2025-33073

Improper access control in Windows SMB allows an authorized attacker to elevate privileges over a network.

8.8CVSS8.7AI score0.03645EPSS

CVE•added 2022/05/10 9:15 p.m.•267 views

CVE-2022-21972

Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability

9.3CVSS9AI score0.5757EPSS

CVE•added 2022/05/10 9:15 p.m.•267 views

CVE-2022-22017

Remote Desktop Client Remote Code Execution Vulnerability

9.3CVSS9.1AI score0.35335EPSS

Total number of security vulnerabilities2183