Windows Server 2022 Security Vulnerabilities and Issues — Windows Server 2022 CVE List | Vulners.com

Lucene search

K

MicrosoftWindows Server 2022

34 matches found

CVE•added 2025/03/11 5:16 p.m.•346 views

CVE-2025-24071

Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an unauthorized attacker to perform spoofing over a network.

6.5CVSS7.3AI score0.6231EPSS

CVE•added 2025/03/11 5:16 p.m.•285 views

CVE-2025-26633

Improper neutralization in Microsoft Management Console allows an unauthorized attacker to bypass a security feature locally.

7CVSS6.8AI score0.07394EPSS

CVE•added 2025/03/11 5:16 p.m.•246 views

CVE-2025-24054

External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing over a network.

6.5CVSS6.5AI score0.38746EPSS

CVE•added 2025/03/11 5:16 p.m.•235 views

CVE-2025-24985

Integer overflow or wraparound in Windows Fast FAT Driver allows an unauthorized attacker to execute code locally.

7.8CVSS7.8AI score0.00925EPSS

CVE•added 2025/03/11 5:16 p.m.•225 views

CVE-2025-24993

Heap-based buffer overflow in Windows NTFS allows an unauthorized attacker to execute code locally.

7.8CVSS8AI score0.03226EPSS

CVE•added 2025/03/11 5:16 p.m.•220 views

CVE-2025-24984

Insertion of sensitive information into log file in Windows NTFS allows an unauthorized attacker to disclose information with a physical attack.

4.6CVSS6.1AI score0.19409EPSS

CVE•added 2025/03/11 5:16 p.m.•220 views

CVE-2025-24991

Out-of-bounds read in Windows NTFS allows an authorized attacker to disclose information locally.

5.5CVSS6.5AI score0.03535EPSS

CVE•added 2025/03/11 5:16 p.m.•111 views

CVE-2025-24997

Null pointer dereference in Windows Kernel Memory allows an authorized attacker to deny service locally.

4.4CVSS6.8AI score0.0009EPSS

CVE•added 2025/03/11 5:16 p.m.•96 views

CVE-2025-26645

Relative path traversal in Remote Desktop Client allows an unauthorized attacker to execute code over a network.

8.8CVSS8.8AI score0.00608EPSS

CVE•added 2025/03/11 5:16 p.m.•95 views

CVE-2025-24035

Sensitive data storage in improperly locked memory in Windows Remote Desktop Services allows an unauthorized attacker to execute code over a network.

8.1CVSS8.2AI score0.00284EPSS

CVE•added 2025/03/11 5:16 p.m.•90 views

CVE-2025-24045

Sensitive data storage in improperly locked memory in Windows Remote Desktop Services allows an unauthorized attacker to execute code over a network.

8.1CVSS8.2AI score0.00284EPSS

CVE•added 2025/03/11 5:16 p.m.•90 views

CVE-2025-24061

Protection mechanism failure in Windows Mark of the Web (MOTW) allows an unauthorized attacker to bypass a security feature locally.

7.8CVSS7.5AI score0.00148EPSS

CVE•added 2025/03/11 5:16 p.m.•90 views

CVE-2025-25008

Improper link resolution before file access ('link following') in Microsoft Windows allows an authorized attacker to elevate privileges locally.

7.1CVSS6.8AI score0.00129EPSS

CVE•added 2025/03/11 5:16 p.m.•88 views

CVE-2025-21180

Heap-based buffer overflow in Windows exFAT File System allows an unauthorized attacker to execute code locally.

7.8CVSS8AI score0.00149EPSS

CVE•added 2025/03/11 5:16 p.m.•88 views

CVE-2025-24064

Use after free in DNS Server allows an unauthorized attacker to execute code over a network.

8.1CVSS8.5AI score0.00447EPSS

CVE•added 2025/03/11 5:16 p.m.•87 views

CVE-2025-24055

Out-of-bounds read in Windows USB Video Driver allows an authorized attacker to disclose information with a physical attack.

4.3CVSS4.1AI score0.00083EPSS

CVE•added 2025/03/11 5:16 p.m.•87 views

CVE-2025-24084

Untrusted pointer dereference in Windows Subsystem for Linux allows an unauthorized attacker to execute code locally.

8.4CVSS7.3AI score0.00267EPSS

CVE•added 2025/03/11 5:16 p.m.•86 views

CVE-2025-24066

Heap-based buffer overflow in Windows Kernel-Mode Drivers allows an authorized attacker to elevate privileges locally.

7.8CVSS7.9AI score0.0009EPSS

CVE•added 2025/03/11 5:16 p.m.•85 views

CVE-2025-21247

Improper resolution of path equivalence in Windows MapUrlToZone allows an unauthorized attacker to bypass a security feature over a network.

4.3CVSS4.7AI score0.00167EPSS

CVE•added 2025/03/11 5:16 p.m.•85 views

CVE-2025-24992

Buffer over-read in Windows NTFS allows an unauthorized attacker to disclose information locally.

5.5CVSS6.5AI score0.00104EPSS

CVE•added 2025/03/11 5:16 p.m.•83 views

CVE-2025-24988

Out-of-bounds read in Windows USB Video Driver allows an authorized attacker to elevate privileges with a physical attack.

6.8CVSS6.2AI score0.00118EPSS

CVE•added 2025/03/11 5:16 p.m.•82 views

CVE-2025-24067

Heap-based buffer overflow in Microsoft Streaming Service allows an authorized attacker to elevate privileges locally.

7.8CVSS7.4AI score0.0009EPSS

CVE•added 2025/03/11 5:16 p.m.•81 views

CVE-2025-24051

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.

8.8CVSS7.8AI score0.00352EPSS

CVE•added 2025/03/11 5:16 p.m.•80 views

CVE-2025-24046

Use after free in Microsoft Streaming Service allows an authorized attacker to elevate privileges locally.

7.8CVSS7.9AI score0.0009EPSS

CVE•added 2025/03/11 5:16 p.m.•80 views

CVE-2025-24996

External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing over a network.

6.5CVSS6.9AI score0.00238EPSS

CVE•added 2025/03/11 5:16 p.m.•79 views

CVE-2025-24050

Heap-based buffer overflow in Role: Windows Hyper-V allows an authorized attacker to elevate privileges locally.

7.8CVSS7.9AI score0.0009EPSS

CVE•added 2025/03/11 5:16 p.m.•78 views

CVE-2025-24044

Use after free in Windows Win32 Kernel Subsystem allows an authorized attacker to elevate privileges locally.

7.8CVSS8AI score0.0009EPSS

CVE•added 2025/03/11 5:16 p.m.•77 views

CVE-2025-24056

Heap-based buffer overflow in Windows Telephony Server allows an unauthorized attacker to execute code over a network.

8.8CVSS7.7AI score0.00335EPSS

CVE•added 2025/03/11 5:16 p.m.•75 views

CVE-2025-24072

Use after free in Microsoft Local Security Authority Server (lsasrv) allows an authorized attacker to elevate privileges locally.

7.8CVSS7.2AI score0.0009EPSS

CVE•added 2025/03/11 5:16 p.m.•74 views

CVE-2025-24987

Out-of-bounds read in Windows USB Video Driver allows an authorized attacker to elevate privileges with a physical attack.

6.8CVSS6.5AI score0.00118EPSS

CVE•added 2025/03/11 5:16 p.m.•73 views

CVE-2025-24048

Heap-based buffer overflow in Role: Windows Hyper-V allows an authorized attacker to elevate privileges locally.

7.8CVSS7.9AI score0.0009EPSS

CVE•added 2025/03/11 5:16 p.m.•73 views

CVE-2025-24059

Incorrect conversion between numeric types in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.

7.8CVSS7.6AI score0.00135EPSS

CVE•added 2025/03/11 5:16 p.m.•73 views

CVE-2025-24995

Heap-based buffer overflow in Kernel Streaming WOW Thunk Service Driver allows an authorized attacker to elevate privileges locally.

7.8CVSS7.8AI score0.0009EPSS

CVE•added 2025/03/11 5:16 p.m.•64 views

CVE-2025-26634

Heap-based buffer overflow in Windows Core Messaging allows an authorized attacker to elevate privileges over a network.

7.5CVSS7.7AI score0.00185EPSS