Windows Server 2025 Security Vulnerabilities and Issues — Page 4 of Windows Server 2025 CVE List | Vulners.com

Lucene search

K

MicrosoftWindows Server 2025

616 matches found

CVE•added 2024/11/12 6:15 p.m.•96 views

CVE-2024-43635

Windows Telephony Service Remote Code Execution Vulnerability

8.8CVSS8.8AI score0.01814EPSS

CVE•added 2024/12/12 2:4 a.m.•96 views

CVE-2024-49120

Windows Remote Desktop Services Remote Code Execution Vulnerability

8.1CVSS8.3AI score0.0022EPSS

CVE•added 2025/01/14 6:15 p.m.•96 views

CVE-2025-21276

Windows MapUrlToZone Denial of Service Vulnerability

7.5CVSS7.5AI score0.02353EPSS

CVE•added 2025/01/14 6:15 p.m.•96 views

CVE-2025-21308

Windows Themes Spoofing Vulnerability

6.5CVSS6.5AI score0.00557EPSS

CVE•added 2025/04/08 6:15 p.m.•96 views

CVE-2025-26678

Improper access control in Windows Defender Application Control (WDAC) allows an unauthorized attacker to bypass a security feature locally.

8.4CVSS7.2AI score0.00055EPSS

CVE•added 2025/04/08 6:15 p.m.•96 views

CVE-2025-27481

Stack-based buffer overflow in Windows Telephony Service allows an unauthorized attacker to execute code over a network.

8.8CVSS8AI score0.00059EPSS

CVE•added 2025/04/08 6:15 p.m.•96 views

CVE-2025-27486

Uncontrolled resource consumption in Windows Standards-Based Storage Management Service allows an unauthorized attacker to deny service over a network.

7.5CVSS7AI score0.07258EPSS

CVE•added 2025/04/08 6:15 p.m.•96 views

CVE-2025-27487

Heap-based buffer overflow in Remote Desktop Client allows an authorized attacker to execute code over a network.

8CVSS8.1AI score0.00241EPSS

CVE•added 2024/12/12 2:4 a.m.•95 views

CVE-2024-49076

Windows Virtualization-Based Security (VBS) Enclave Elevation of Privilege Vulnerability

7.8CVSS7.6AI score0.00193EPSS

CVE•added 2024/12/12 2:4 a.m.•95 views

CVE-2024-49083

Windows Mobile Broadband Driver Elevation of Privilege Vulnerability

6.8CVSS6.7AI score0.00378EPSS

CVE•added 2024/12/12 2:4 a.m.•95 views

CVE-2024-49086

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

8.8CVSS8.9AI score0.03526EPSS

CVE•added 2024/12/12 2:4 a.m.•95 views

CVE-2024-49126

Windows Local Security Authority Subsystem Service (LSASS) Remote Code Execution Vulnerability

8.1CVSS8.3AI score0.005EPSS

CVE•added 2025/01/14 6:15 p.m.•95 views

CVE-2025-21215

Secure Boot Security Feature Bypass Vulnerability

4.6CVSS4.7AI score0.00118EPSS

CVE•added 2025/01/14 6:15 p.m.•95 views

CVE-2025-21255

Windows Digital Media Elevation of Privilege Vulnerability

6.6CVSS6.5AI score0.00151EPSS

CVE•added 2025/04/08 6:15 p.m.•95 views

CVE-2025-27478

Heap-based buffer overflow in Windows Local Security Authority (LSA) allows an authorized attacker to elevate privileges locally.

7CVSS7.6AI score0.0003EPSS

CVE•added 2025/04/08 6:16 p.m.•95 views

CVE-2025-27491

Use after free in Windows Hyper-V allows an authorized attacker to execute code over a network.

7.1CVSS7.9AI score0.00283EPSS

CVE•added 2025/06/10 5:21 p.m.•95 views

CVE-2025-32710

Use after free in Windows Remote Desktop Services allows an unauthorized attacker to execute code over a network.

8.1CVSS8.5AI score0.00116EPSS

CVE•added 2024/11/12 6:15 p.m.•94 views

CVE-2024-43452

Windows Registry Elevation of Privilege Vulnerability

7.5CVSS7.5AI score0.02884EPSS

CVE•added 2025/04/08 6:16 p.m.•94 views

CVE-2025-27727

Improper link resolution before file access ('link following') in Windows Installer allows an authorized attacker to elevate privileges locally.

7.8CVSS7.1AI score0.00162EPSS

CVE•added 2024/11/12 6:15 p.m.•93 views

CVE-2024-43644

Windows Client-Side Caching Elevation of Privilege Vulnerability

7.8CVSS7.7AI score0.00267EPSS

CVE•added 2025/01/14 6:15 p.m.•93 views

CVE-2025-21317

Windows Kernel Memory Information Disclosure Vulnerability

5.5CVSS5.3AI score0.00104EPSS

CVE•added 2025/02/11 6:15 p.m.•93 views

CVE-2025-21373

Windows Installer Elevation of Privilege Vulnerability

7.8CVSS8.1AI score0.00141EPSS

CVE•added 2025/04/08 6:15 p.m.•93 views

CVE-2025-26648

Sensitive data storage in improperly locked memory in Windows Kernel allows an authorized attacker to elevate privileges locally.

7.8CVSS7.1AI score0.00044EPSS

CVE•added 2024/11/12 6:15 p.m.•92 views

CVE-2024-43626

Windows Telephony Service Elevation of Privilege Vulnerability

7.8CVSS7.7AI score0.00456EPSS

CVE•added 2024/12/12 2:4 a.m.•92 views

CVE-2024-49099

Windows Wireless Wide Area Network Service (WwanSvc) Information Disclosure Vulnerability

4.3CVSS4.4AI score0.00211EPSS

CVE•added 2024/12/12 2:4 a.m.•92 views

CVE-2024-49104

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

8.8CVSS8.9AI score0.03526EPSS

CVE•added 2025/01/14 6:15 p.m.•92 views

CVE-2025-21261

Windows Digital Media Elevation of Privilege Vulnerability

6.6CVSS6.5AI score0.00149EPSS

CVE•added 2025/01/14 6:15 p.m.•92 views

CVE-2025-21285

Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability

7.5CVSS7.4AI score0.03248EPSS

CVE•added 2025/01/14 6:16 p.m.•92 views

CVE-2025-21372

Microsoft Brokering File System Elevation of Privilege Vulnerability

7.8CVSS7.6AI score0.00068EPSS

CVE•added 2025/02/11 6:15 p.m.•92 views

CVE-2025-21375

Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability

7.8CVSS8.1AI score0.00149EPSS

CVE•added 2025/01/14 6:16 p.m.•92 views

CVE-2025-21409

Windows Telephony Service Remote Code Execution Vulnerability

8.8CVSS9AI score0.027EPSS

CVE•added 2025/04/08 6:16 p.m.•92 views

CVE-2025-29809

Insecure storage of sensitive information in Windows Kerberos allows an authorized attacker to bypass a security feature locally.

7.1CVSS6.8AI score0.00269EPSS

CVE•added 2025/02/11 6:15 p.m.•91 views

CVE-2025-21200

Windows Telephony Service Remote Code Execution Vulnerability

8.8CVSS8.8AI score0.00381EPSS

CVE•added 2025/03/11 5:16 p.m.•91 views

CVE-2025-24045

Sensitive data storage in improperly locked memory in Windows Remote Desktop Services allows an unauthorized attacker to execute code over a network.

8.1CVSS8.2AI score0.00285EPSS

CVE•added 2025/03/11 5:16 p.m.•91 views

CVE-2025-24061

Protection mechanism failure in Windows Mark of the Web (MOTW) allows an unauthorized attacker to bypass a security feature locally.

7.8CVSS7.5AI score0.00198EPSS

CVE•added 2025/03/11 5:16 p.m.•91 views

CVE-2025-25008

Improper link resolution before file access ('link following') in Microsoft Windows allows an authorized attacker to elevate privileges locally.

7.1CVSS6.8AI score0.00129EPSS

CVE•added 2025/07/08 5:15 p.m.•91 views

CVE-2025-48799

Improper link resolution before file access ('link following') in Windows Update Service allows an authorized attacker to elevate privileges locally.

7.8CVSS6.5AI score0.00027EPSS

CVE•added 2024/11/12 6:15 p.m.•90 views

CVE-2024-43638

Windows USB Video Class System Driver Elevation of Privilege Vulnerability

6.8CVSS6.7AI score0.00328EPSS

CVE•added 2024/12/12 2:4 a.m.•90 views

CVE-2024-49127

Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability

8.1CVSS8.2AI score0.005EPSS

CVE•added 2025/01/14 6:15 p.m.•90 views

CVE-2025-21232

Windows Digital Media Elevation of Privilege Vulnerability

6.6CVSS6.5AI score0.00151EPSS

CVE•added 2025/01/14 6:15 p.m.•90 views

CVE-2025-21280

Windows Virtual Trusted Platform Module Denial of Service Vulnerability

5.5CVSS5.5AI score0.00196EPSS

CVE•added 2025/03/11 5:16 p.m.•89 views

CVE-2025-21180

Heap-based buffer overflow in Windows exFAT File System allows an unauthorized attacker to execute code locally.

7.8CVSS8AI score0.0015EPSS

CVE•added 2025/01/14 6:15 p.m.•89 views

CVE-2025-21219

MapUrlToZone Security Feature Bypass Vulnerability

4.3CVSS4.6AI score0.00153EPSS

CVE•added 2025/01/14 6:15 p.m.•89 views

CVE-2025-21229

Windows Digital Media Elevation of Privilege Vulnerability

6.6CVSS6.5AI score0.00151EPSS

CVE•added 2025/02/11 6:15 p.m.•89 views

CVE-2025-21406

Windows Telephony Service Remote Code Execution Vulnerability

8.8CVSS8.8AI score0.00381EPSS

CVE•added 2025/04/08 6:15 p.m.•89 views

CVE-2025-24060

Improper input validation in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.

7.8CVSS7.1AI score0.00086EPSS

CVE•added 2025/03/11 5:16 p.m.•89 views

CVE-2025-24064

Use after free in DNS Server allows an unauthorized attacker to execute code over a network.

8.1CVSS8.5AI score0.00472EPSS

CVE•added 2025/04/08 6:15 p.m.•89 views

CVE-2025-27490

Heap-based buffer overflow in Windows Bluetooth Service allows an authorized attacker to elevate privileges locally.

7.8CVSS7.6AI score0.00049EPSS

CVE•added 2025/06/10 5:22 p.m.•89 views

CVE-2025-32720

Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.

5.5CVSS5.2AI score0.00109EPSS

CVE•added 2024/11/12 6:15 p.m.•88 views

CVE-2024-43624

Windows Hyper-V Shared Virtual Disk Elevation of Privilege Vulnerability

8.8CVSS8.6AI score0.08664EPSS

Total number of security vulnerabilities616