Windows Server 2022 Security Vulnerabilities and Issues — Page 4 of Windows Server 2022 CVE List

Lucene search

MicrosoftWindows Server 2022

494 matches found

CVE•added 2025/04/08 6:15 p.m.•86 views

CVE-2025-27471

Sensitive data storage in improperly locked memory in Microsoft Streaming Service allows an unauthorized attacker to deny service over a network.

5.9CVSS6.9AI score0.00091EPSS

CVE•added 2025/04/08 6:16 p.m.•86 views

CVE-2025-27732

Sensitive data storage in improperly locked memory in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally.

7CVSS7.1AI score0.00057EPSS

CVE•added 2025/04/08 6:16 p.m.•86 views

CVE-2025-27739

Untrusted pointer dereference in Windows Kernel allows an authorized attacker to elevate privileges locally.

7.8CVSS7.1AI score0.00106EPSS

CVE•added 2025/04/08 6:16 p.m.•86 views

CVE-2025-29812

Untrusted pointer dereference in Windows Kernel Memory allows an authorized attacker to elevate privileges locally.

7.8CVSS7.1AI score0.00189EPSS

CVE•added 2025/01/14 6:15 p.m.•85 views

CVE-2025-21233

Windows Telephony Service Remote Code Execution Vulnerability

8.8CVSS9AI score0.0052EPSS

CVE•added 2025/01/14 6:15 p.m.•85 views

CVE-2025-21309

Windows Remote Desktop Services Remote Code Execution Vulnerability

8.1CVSS8.3AI score0.00459EPSS

CVE•added 2025/01/14 6:15 p.m.•85 views

CVE-2025-21316

Windows Kernel Memory Information Disclosure Vulnerability

5.5CVSS5.3AI score0.00178EPSS

CVE•added 2025/03/11 5:16 p.m.•85 views

CVE-2025-24996

External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing over a network.

6.5CVSS6.9AI score0.00209EPSS

CVE•added 2025/04/08 6:15 p.m.•84 views

CVE-2025-24062

Improper input validation in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.

7.8CVSS7.1AI score0.00161EPSS

CVE•added 2025/03/11 5:16 p.m.•84 views

CVE-2025-24067

Heap-based buffer overflow in Microsoft Streaming Service allows an authorized attacker to elevate privileges locally.

7.8CVSS7.4AI score0.00121EPSS

CVE•added 2025/03/11 5:16 p.m.•84 views

CVE-2025-24988

Out-of-bounds read in Windows USB Video Driver allows an authorized attacker to elevate privileges with a physical attack.

6.8CVSS6.2AI score0.00139EPSS

CVE•added 2025/04/08 6:15 p.m.•84 views

CVE-2025-26680

Uncontrolled resource consumption in Windows Standards-Based Storage Management Service allows an unauthorized attacker to deny service over a network.

7.5CVSS7AI score0.17972EPSS

CVE•added 2025/04/08 6:15 p.m.•84 views

CVE-2025-27484

Sensitive data storage in improperly locked memory in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges over a network.

7.5CVSS7.1AI score0.0009EPSS

CVE•added 2025/04/08 6:15 p.m.•83 views

CVE-2025-21203

Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.

6.5CVSS6.8AI score0.00124EPSS

CVE•added 2025/01/14 6:15 p.m.•83 views

CVE-2025-21210

Windows BitLocker Information Disclosure Vulnerability

4.2CVSS4.3AI score0.00077EPSS

CVE•added 2025/02/11 6:15 p.m.•83 views

CVE-2025-21212

Internet Connection Sharing (ICS) Denial of Service Vulnerability

6.5CVSS7.3AI score0.00134EPSS

CVE•added 2025/01/14 6:15 p.m.•83 views

CVE-2025-21228

Windows Digital Media Elevation of Privilege Vulnerability

6.6CVSS6.5AI score0.00151EPSS

CVE•added 2025/01/14 6:15 p.m.•83 views

CVE-2025-21231

IP Helper Denial of Service Vulnerability

7.5CVSS7.5AI score0.01098EPSS

CVE•added 2025/01/14 6:15 p.m.•82 views

CVE-2025-21244

Windows Telephony Service Remote Code Execution Vulnerability

8.8CVSS9AI score0.0076EPSS

CVE•added 2025/03/11 5:16 p.m.•82 views

CVE-2025-24051

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.

8.8CVSS7.8AI score0.00321EPSS

CVE•added 2025/04/08 6:15 p.m.•82 views

CVE-2025-26664

Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.

6.5CVSS6.8AI score0.00124EPSS

CVE•added 2025/04/08 6:15 p.m.•82 views

CVE-2025-26670

Use after free in Windows LDAP - Lightweight Directory Access Protocol allows an unauthorized attacker to execute code over a network.

8.1CVSS7.9AI score0.0017EPSS

CVE•added 2025/04/08 6:15 p.m.•82 views

CVE-2025-26676

Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.

6.5CVSS6.8AI score0.00124EPSS

CVE•added 2025/05/13 5:15 p.m.•82 views

CVE-2025-29966

Heap-based buffer overflow in Windows Remote Desktop allows an unauthorized attacker to execute code over a network.

8.8CVSS8.1AI score0.0017EPSS

CVE•added 2025/04/08 6:15 p.m.•81 views

CVE-2025-21197

Improper access control in Windows NTFS allows an authorized attacker to disclose file path information under a folder where the attacker doesn't have permission to list content.

6.5CVSS6.7AI score0.00192EPSS

CVE•added 2025/01/14 6:15 p.m.•81 views

CVE-2025-21202

Windows Recovery Environment Agent Elevation of Privilege Vulnerability

6.1CVSS6.3AI score0.00137EPSS

CVE•added 2025/01/14 6:15 p.m.•81 views

CVE-2025-21290

Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability

7.5CVSS7.4AI score0.01098EPSS

CVE•added 2025/02/11 6:15 p.m.•81 views

CVE-2025-21359

Windows Kernel Security Feature Bypass Vulnerability

7.8CVSS8AI score0.00097EPSS

CVE•added 2025/03/11 5:16 p.m.•81 views

CVE-2025-24046

Use after free in Microsoft Streaming Service allows an authorized attacker to elevate privileges locally.

7.8CVSS7.9AI score0.00106EPSS

CVE•added 2025/04/08 6:15 p.m.•81 views

CVE-2025-26637

Protection mechanism failure in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack.

6.8CVSS6.9AI score0.00182EPSS

CVE•added 2025/04/08 6:15 p.m.•81 views

CVE-2025-26639

Integer overflow or wraparound in Windows USB Print Driver allows an authorized attacker to elevate privileges locally.

7.8CVSS7.3AI score0.00145EPSS

CVE•added 2025/04/08 6:15 p.m.•81 views

CVE-2025-26663

Use after free in Windows LDAP - Lightweight Directory Access Protocol allows an unauthorized attacker to execute code over a network.

8.1CVSS7.9AI score0.00172EPSS

CVE•added 2025/04/08 6:15 p.m.•81 views

CVE-2025-26665

Sensitive data storage in improperly locked memory in Windows upnphost.dll allows an authorized attacker to elevate privileges locally.

7CVSS7.1AI score0.00057EPSS

CVE•added 2025/04/08 6:15 p.m.•81 views

CVE-2025-26675

Out-of-bounds read in Windows Subsystem for Linux allows an authorized attacker to elevate privileges locally.

7.8CVSS7AI score0.00106EPSS

CVE•added 2025/04/08 6:16 p.m.•81 views

CVE-2025-27738

Improper access control in Windows Resilient File System (ReFS) allows an authorized attacker to disclose information over a network.

6.5CVSS6.7AI score0.00192EPSS

CVE•added 2025/06/10 5:22 p.m.•81 views

CVE-2025-33070

Use of uninitialized resource in Windows Netlogon allows an unauthorized attacker to elevate privileges over a network.

8.1CVSS8AI score0.00212EPSS

CVE•added 2025/01/14 6:15 p.m.•80 views

CVE-2025-21235

Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability

7.8CVSS7.7AI score0.00325EPSS

CVE•added 2025/01/14 6:15 p.m.•80 views

CVE-2025-21237

Windows Telephony Service Remote Code Execution Vulnerability

8.8CVSS9AI score0.0052EPSS

CVE•added 2025/01/14 6:15 p.m.•80 views

CVE-2025-21330

Windows Remote Desktop Services Denial of Service Vulnerability

7.5CVSS7.6AI score0.01098EPSS

CVE•added 2025/03/11 5:16 p.m.•80 views

CVE-2025-24044

Use after free in Windows Win32 Kernel Subsystem allows an authorized attacker to elevate privileges locally.

7.8CVSS8AI score0.00121EPSS

CVE•added 2025/03/11 5:16 p.m.•80 views

CVE-2025-24050

Heap-based buffer overflow in Role: Windows Hyper-V allows an authorized attacker to elevate privileges locally.

7.8CVSS7.9AI score0.00106EPSS

CVE•added 2025/04/08 6:15 p.m.•80 views

CVE-2025-26686

Sensitive data storage in improperly locked memory in Windows TCP/IP allows an unauthorized attacker to execute code over a network.

7.5CVSS7.5AI score0.00267EPSS

CVE•added 2025/04/08 6:15 p.m.•80 views

CVE-2025-27474

Use of uninitialized resource in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.

6.5CVSS6.9AI score0.00382EPSS

CVE•added 2025/04/08 6:16 p.m.•80 views

CVE-2025-27735

Insufficient verification of data authenticity in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to bypass a security feature locally.

6CVSS7.1AI score0.00051EPSS

CVE•added 2025/04/08 6:16 p.m.•80 views

CVE-2025-27740

Weak authentication in Windows Active Directory Certificate Services allows an authorized attacker to elevate privileges over a network.

8.8CVSS7.3AI score0.00823EPSS

CVE•added 2025/06/10 5:21 p.m.•80 views

CVE-2025-29828

Missing release of memory after effective lifetime in Windows Cryptographic Services allows an unauthorized attacker to execute code over a network.

8.1CVSS8.2AI score0.0015EPSS

CVE•added 2025/01/14 6:15 p.m.•79 views

CVE-2025-21234

Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability