Windows Server 2022 Security Vulnerabilities and Issues — Page 6 of Windows Server 2022 CVE List

An out-of-bounds read vulnerability exists in TPM2.0's Module Library allowing a 2-byte read past the end of a TPM2.0 command in the CryptParameterDecryption routine. An attacker who can successfully exploit this vulnerability can read or access sensitive data stored in the TPM.

5.5CVSS6.5AI score0.00151EPSS

CVE•added 2023/04/11 9:15 p.m.•252 views

CVE-2023-28250

Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability

9.8CVSS9.7AI score0.05623EPSS

CVE•added 2022/09/13 7:15 p.m.•249 views

CVE-2022-30170

Windows Credential Roaming Service Elevation of Privilege Vulnerability

7.3CVSS8.3AI score0.00826EPSS

CVE•added 2024/08/13 6:15 p.m.•249 views

CVE-2024-38118

Microsoft Local Security Authority (LSA) Server Information Disclosure Vulnerability

5.5CVSS5.2AI score0.00458EPSS

CVE•added 2024/08/13 6:15 p.m.•247 views

CVE-2024-38193

Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

7.8CVSS7.7AI score0.68971EPSS

CVE•added 2024/03/12 5:15 p.m.•246 views

CVE-2024-21437

Windows Graphics Component Elevation of Privilege Vulnerability

7.8CVSS8.1AI score0.05247EPSS

CVE•added 2021/09/15 12:15 p.m.•245 views

CVE-2021-36963

Windows Common Log File System Driver Elevation of Privilege Vulnerability

7.8CVSS8AI score0.00307EPSS

CVE•added 2023/04/11 9:15 p.m.•245 views

CVE-2023-21729

Remote Procedure Call Runtime Information Disclosure Vulnerability

5.3CVSS4.9AI score0.01489EPSS

CVE•added 2024/08/13 6:15 p.m.•245 views

CVE-2024-38213

Windows Mark of the Web Security Feature Bypass Vulnerability

6.5CVSS6.5AI score0.73855EPSS

CVE•added 2022/03/09 5:15 p.m.•243 views

CVE-2022-23293

Windows Fast FAT File System Driver Elevation of Privilege Vulnerability

7.8CVSS8.1AI score0.00389EPSS

CVE•added 2022/05/10 9:15 p.m.•243 views

CVE-2022-29120

Windows Clustered Shared Volume Information Disclosure Vulnerability

6.5CVSS7.6AI score0.00607EPSS

CVE•added 2023/01/10 10:15 p.m.•243 views

CVE-2023-21549

Windows SMB Witness Service Elevation of Privilege Vulnerability

8.8CVSS8.6AI score0.02197EPSS

CVE•added 2022/05/18 11:15 p.m.•242 views

CVE-2022-30138

Windows Print Spooler Elevation of Privilege Vulnerability

7.8CVSS8.6AI score0.00447EPSS

CVE•added 2024/03/12 5:15 p.m.•242 views

CVE-2024-21433

Windows Print Spooler Elevation of Privilege Vulnerability

7CVSS8AI score0.01498EPSS

CVE•added 2024/03/12 5:15 p.m.•241 views

CVE-2024-26166

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability

8.8CVSS8.8AI score0.01432EPSS

CVE•added 2024/02/13 6:15 p.m.•240 views

CVE-2024-21358

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability

8.8CVSS9.2AI score0.0192EPSS

CVE•added 2024/02/13 6:15 p.m.•240 views

CVE-2024-21372

Windows OLE Remote Code Execution Vulnerability

8.8CVSS9AI score0.0153EPSS

CVE•added 2024/03/12 5:15 p.m.•240 views

CVE-2024-26162

Microsoft ODBC Driver Remote Code Execution Vulnerability

8.8CVSS8.9AI score0.02189EPSS

CVE•added 2024/08/13 6:15 p.m.•240 views

CVE-2024-38178

Scripting Engine Memory Corruption Vulnerability

7.5CVSS7.4AI score0.18494EPSS

CVE•added 2024/02/13 6:15 p.m.•239 views

CVE-2024-21350

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability

8.8CVSS9.2AI score0.0061EPSS

CVE•added 2024/02/13 6:15 p.m.•239 views

CVE-2024-21370

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability

8.8CVSS9.2AI score0.0192EPSS

CVE•added 2024/10/08 6:15 p.m.•239 views

CVE-2024-37976

Windows Resume Extensible Firmware Interface Security Feature Bypass Vulnerability

6.7CVSS7.3AI score0.0029EPSS

CVE•added 2023/11/14 6:15 p.m.•238 views

CVE-2023-36424

Windows Common Log File System Driver Elevation of Privilege Vulnerability

7.8CVSS8.6AI score0.17769EPSS

CVE•added 2024/02/13 6:15 p.m.•238 views

CVE-2024-21359

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability

8.8CVSS9.2AI score0.01901EPSS

CVE•added 2024/02/13 6:16 p.m.•238 views

CVE-2024-21420

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability

8.8CVSS9.2AI score0.01343EPSS

CVE•added 2022/06/15 10:15 p.m.•237 views

CVE-2022-30131

Windows Container Isolation FS Filter Driver Elevation of Privilege Vulnerability

7.8CVSS8.1AI score0.00569EPSS

CVE•added 2022/06/15 10:15 p.m.•236 views

CVE-2022-30160

Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability

7.8CVSS8.1AI score0.03305EPSS

CVE•added 2023/11/14 6:15 p.m.•236 views

CVE-2023-36397

Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability

9.8CVSS9.7AI score0.03225EPSS

CVE•added 2024/02/13 6:15 p.m.•236 views

CVE-2024-21369

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability

8.8CVSS9.2AI score0.00852EPSS

CVE•added 2024/07/09 5:15 p.m.•235 views

CVE-2024-38080

Windows Hyper-V Elevation of Privilege Vulnerability

7.8CVSS8.4AI score0.1477EPSS

CVE•added 2022/08/09 8:15 p.m.•234 views

CVE-2022-34691

Active Directory Domain Services Elevation of Privilege Vulnerability

8.8CVSS9.1AI score0.01104EPSS

CVE•added 2024/02/13 6:15 p.m.•234 views

CVE-2024-21361

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability

8.8CVSS9.2AI score0.01901EPSS

CVE•added 2024/03/12 5:15 p.m.•234 views

CVE-2024-21445

Windows USB Print Driver Elevation of Privilege Vulnerability

7CVSS7.6AI score0.00109EPSS

CVE•added 2024/03/12 5:15 p.m.•234 views

CVE-2024-26174

Windows Kernel Information Disclosure Vulnerability

5.5CVSS6.6AI score0.00332EPSS

CVE•added 2025/03/11 5:16 p.m.•234 views

CVE-2025-24054

External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing over a network.

6.5CVSS6.5AI score0.38746EPSS

CVE•added 2022/01/11 9:15 p.m.•233 views

CVE-2022-21849

Windows Internet Key Exchange (IKE) Protocol Extensions Remote Code Execution Vulnerability

9.8CVSS9.7AI score0.11661EPSS

CVE•added 2024/02/13 6:15 p.m.•233 views

CVE-2024-21365

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability

8.8CVSS9.2AI score0.0192EPSS

CVE•added 2024/03/12 5:15 p.m.•233 views

CVE-2024-21430

Windows USB Attached SCSI (UAS) Protocol Remote Code Execution Vulnerability

6.4CVSS6.5AI score0.00203EPSS

CVE•added 2024/03/12 5:15 p.m.•233 views

CVE-2024-26190

Microsoft QUIC Denial of Service Vulnerability

7.5CVSS7.4AI score0.00612EPSS

CVE•added 2025/02/11 6:15 p.m.•233 views

CVE-2025-21181

Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability

7.5CVSS7.8AI score0.05747EPSS

CVE•added 2024/02/13 6:15 p.m.•232 views

CVE-2024-21352

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability

8.8CVSS9.2AI score0.02032EPSS

CVE•added 2024/03/12 5:15 p.m.•232 views

CVE-2024-26173

Windows Kernel Elevation of Privilege Vulnerability

7.8CVSS8.1AI score0.00368EPSS

CVE•added 2024/02/13 6:15 p.m.•231 views

CVE-2024-21344

Windows Network Address Translation (NAT) Denial of Service Vulnerability

5.9CVSS6.2AI score0.00758EPSS

Total number of security vulnerabilities2287