Windows Server 2016 Security Vulnerabilities and Issues — Page 7 of Windows Server 2016 CVE List

An information disclosure vulnerability exists when DirectWrite improperly discloses the contents of its memory, aka 'DirectWrite Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1432.

6.5CVSS7.1AI score0.26055EPSS

CVE•added 2020/09/11 5:15 p.m.•83 views

CVE-2020-1097

An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise a user’s system.There are multiple ways an attacker could exploit th...

6.5CVSS6.9AI score0.18021EPSS

CVE•added 2023/07/11 6:15 p.m.•83 views

CVE-2023-35310

Windows DNS Server Remote Code Execution Vulnerability

6.6CVSS8.1AI score0.00224EPSS

CVE•added 2023/07/11 6:15 p.m.•83 views

CVE-2023-35336

Windows MSHTML Platform Security Feature Bypass Vulnerability

6.5CVSS7.2AI score0.00579EPSS

CVE•added 2024/07/09 5:15 p.m.•83 views

CVE-2024-38013

Microsoft Windows Server Backup Elevation of Privilege Vulnerability

6.7CVSS7.3AI score0.0012EPSS

CVE•added 2025/02/11 6:15 p.m.•83 views

CVE-2025-21212

Internet Connection Sharing (ICS) Denial of Service Vulnerability

6.5CVSS7.3AI score0.00144EPSS

CVE•added 2025/04/08 6:15 p.m.•83 views

CVE-2025-26664

Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.

6.5CVSS6.8AI score0.00057EPSS

CVE•added 2025/04/08 6:15 p.m.•83 views

CVE-2025-26676

Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.

6.5CVSS6.8AI score0.00057EPSS

CVE•added 2020/02/11 10:15 p.m.•82 views

CVE-2020-0661

A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate input from a privileged user on a guest operating system, aka 'Windows Hyper-V Denial of Service Vulnerability'. This CVE ID is unique from CVE-2020-0751.

6.8CVSS6.5AI score0.00601EPSS

CVE•added 2020/06/09 8:15 p.m.•82 views

CVE-2020-1284

A denial of service vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requests, aka 'Windows SMBv3 Client/Server Denial of Service Vulnerability'.

6.5CVSS6.7AI score0.14604EPSS

CVE•added 2023/05/31 7:15 p.m.•82 views

CVE-2022-35759

Windows Local Security Authority (LSA) Denial of Service Vulnerability

6.5CVSS7.8AI score0.03945EPSS

CVE•added 2025/04/08 6:15 p.m.•82 views

CVE-2025-21197

Improper access control in Windows NTFS allows an authorized attacker to disclose file path information under a folder where the attacker doesn't have permission to list content.

6.5CVSS6.7AI score0.00123EPSS

CVE•added 2025/01/14 6:15 p.m.•82 views

CVE-2025-21202

Windows Recovery Environment Agent Elevation of Privilege Vulnerability

6.1CVSS6.3AI score0.00137EPSS

CVE•added 2025/04/08 6:15 p.m.•82 views

CVE-2025-26637

Protection mechanism failure in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack.

6.8CVSS6.9AI score0.00088EPSS

CVE•added 2025/04/08 6:16 p.m.•82 views

CVE-2025-27738

Improper access control in Windows Resilient File System (ReFS) allows an authorized attacker to disclose information over a network.

6.5CVSS6.7AI score0.00123EPSS

CVE•added 2016/11/10 6:59 a.m.•81 views

CVE-2016-7210

atmfd.dll in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows remote attackers to obtain sensitive information from process memory via a craft...

6.5CVSS6.5AI score0.35475EPSS

CVE•added 2021/02/25 11:15 p.m.•81 views

CVE-2021-24075

Microsoft Windows VMSwitch Denial of Service Vulnerability

6.8CVSS6.7AI score0.007EPSS

CVE•added 2023/07/11 6:15 p.m.•81 views

CVE-2023-35331

Windows Local Security Authority (LSA) Denial of Service Vulnerability

6.5CVSS7.8AI score0.00157EPSS

CVE•added 2024/11/12 6:15 p.m.•81 views

CVE-2024-43643

Windows USB Video Class System Driver Elevation of Privilege Vulnerability

6.8CVSS6.7AI score0.0037EPSS

CVE•added 2025/04/08 6:15 p.m.•81 views

CVE-2025-27474

Use of uninitialized resource in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.

6.5CVSS6.9AI score0.00136EPSS

CVE•added 2025/04/08 6:16 p.m.•81 views

CVE-2025-27735

Insufficient verification of data authenticity in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to bypass a security feature locally.

6CVSS7.1AI score0.00033EPSS

CVE•added 2017/04/12 2:59 p.m.•80 views

CVE-2017-0179

A denial of service vulnerability exists when Microsoft Hyper-V running on a Windows 10, Windows 8.1, Windows Server 2012 R2, or Windows Server 2016 host server fails to properly validate input from a privileged user on a guest operating system, aka "Hyper-V Denial of Service Vulnerability." This C...

6.3CVSS5.4AI score0.00584EPSS

CVE•added 2019/11/12 7:15 p.m.•80 views

CVE-2019-0712

A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system, aka 'Windows Hyper-V Denial of Service Vulnerability'. This CVE ID is unique from CVE-2019-1309, CVE-2019-1310, CVE-20...

6.8CVSS7.1AI score0.00983EPSS

CVE•added 2019/11/12 7:15 p.m.•80 views

CVE-2019-1309

6.8CVSS7.1AI score0.00983EPSS

CVE•added 2019/11/12 7:15 p.m.•80 views

CVE-2019-1310

6.8CVSS7.1AI score0.00983EPSS

CVE•added 2019/11/12 7:15 p.m.•80 views

CVE-2019-1439

An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'.

6.5CVSS7.1AI score0.32964EPSS

CVE•added 2020/05/21 11:15 p.m.•80 views

CVE-2020-0963

An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-1141, CVE-2020-1145, CVE-2020-1179.

6.5CVSS6.5AI score0.2819EPSS

CVE•added 2017/06/15 1:29 a.m.•79 views

CVE-2017-8531

Graphics in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, Windows Server 2016, Microsoft Office 2007 Service Pack 3, and Microsoft Office 2010 Service Pack 2 allows improper disclosure of memory co...

6.5CVSS5.1AI score0.24455EPSS

CVE•added 2017/07/11 9:29 p.m.•79 views

CVE-2017-8592

Microsoft browsers on when Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1, Windows RT 8.1, and Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow a security feature bypass vulnerability when they improperly handle redirect requests, ak...

6.5CVSS6.5AI score0.29443EPSS

CVE•added 2024/10/08 6:15 p.m.•79 views

CVE-2024-37983

Windows Resume Extensible Firmware Interface Security Feature Bypass Vulnerability

6.7CVSS7.3AI score0.00322EPSS

CVE•added 2024/09/10 5:15 p.m.•79 views

CVE-2024-43487

Windows Mark of the Web Security Feature Bypass Vulnerability

6.5CVSS7.8AI score0.06227EPSS

CVE•added 2017/06/15 1:29 a.m.•78 views

CVE-2017-8532

Graphics in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows improper disclosure of memory contents, aka "Graphics Uniscribe Information Disclosure Vulnerability". This ...

6.5CVSS5.1AI score0.24455EPSS

CVE•added 2023/07/11 6:15 p.m.•78 views

CVE-2023-32083

Microsoft Failover Cluster Information Disclosure Vulnerability

6.5CVSS6.7AI score0.00391EPSS

CVE•added 2024/07/09 5:15 p.m.•78 views

CVE-2024-38027

Windows Line Printer Daemon Service Denial of Service Vulnerability

6.5CVSS7.8AI score0.00232EPSS

CVE•added 2025/01/14 6:15 p.m.•78 views

CVE-2025-21265

Windows Digital Media Elevation of Privilege Vulnerability

6.6CVSS6.5AI score0.00149EPSS

CVE•added 2017/04/12 2:59 p.m.•77 views

CVE-2017-0186

A denial of service vulnerability exists when Microsoft Hyper-V Network Switch running on a Windows 10, Windows 8.1, Windows Server 2012, Windows Server 2012 R2, or Windows Server 2016 host server fails to properly validate input from a privileged user on a guest operating system, aka "Hyper-V Deni...

6.3CVSS5.4AI score0.00584EPSS

CVE•added 2020/03/12 4:15 p.m.•77 views

CVE-2020-0774

6.5CVSS6.2AI score0.29411EPSS

CVE•added 2020/03/12 4:15 p.m.•77 views

CVE-2020-0880

6.5CVSS6.2AI score0.29411EPSS

CVE•added 2025/04/08 6:15 p.m.•77 views

CVE-2025-26667

Exposure of sensitive information to an unauthorized actor in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.

6.5CVSS6.7AI score0.00066EPSS

CVE•added 2017/04/12 2:59 p.m.•76 views

CVE-2017-0185

6.3CVSS5.4AI score0.00584EPSS

CVE•added 2020/02/11 10:15 p.m.•76 views

CVE-2020-0751

A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate specific malicious data from a user on a guest operating system.To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system, running as a virtua...

6CVSS6.6AI score0.00601EPSS

CVE•added 2020/05/21 11:15 p.m.•76 views

CVE-2020-1055

A cross-site-scripting (XSS) vulnerability exists when Active Directory Federation Services (ADFS) does not properly sanitize user inputs, aka 'Microsoft Active Directory Federation Services Cross-Site Scripting Vulnerability'.

6.1CVSS6.7AI score0.00713EPSS

CVE•added 2021/12/15 3:15 p.m.•76 views

CVE-2021-43244

Windows Kernel Information Disclosure Vulnerability

6.5CVSS7AI score0.00418EPSS

CVE•added 2021/03/11 4:15 p.m.•75 views

CVE-2021-26892

Windows Extensible Firmware Interface Security Feature Bypass Vulnerability

6.2CVSS7.4AI score0.00748EPSS

CVE•added 2025/01/14 6:15 p.m.•75 views

CVE-2025-21217

Windows NTLM Spoofing Vulnerability