Microsoft » Windows Server 2012 : Security Vulnerabilities (CVSS score between 3 and 3.99)

CVSS Scores Greater Than: 0 1 2 3 4 5 6 7 8 9

Sort Results By : CVE Number Descending CVE Number Ascending CVSS Score Descending Number Of Exploits Descending

#	CVE ID	CWE ID	Vulnerability Type(s)	Publish Date	Update Date	Score	Gained Access Level	Access	Complexity	Authentication	Conf.	Integ.	Avail.
1	CVE-2022-30226	269		2022-07-12	2023-05-17	3.6	None	Local	Low	Not required	None	Partial	Partial
Windows Print Spooler Elevation of Privilege Vulnerability
2	CVE-2022-30225	269		2022-07-12	2023-05-17	3.6	None	Local	Low	Not required	None	Partial	Partial
Windows Media Player Network Sharing Service Elevation of Privilege Vulnerability
3	CVE-2022-29121	400	DoS	2022-05-10	2022-05-25	3.3	None	Local Network	Low	Not required	None	None	Partial
Windows WLAN AutoConfig Service Denial of Service Vulnerability.
4	CVE-2022-26935	668		2022-05-10	2022-05-19	3.3	None	Local Network	Low	Not required	Partial	None	None
Windows WLAN AutoConfig Service Information Disclosure Vulnerability.
5	CVE-2022-22711	668		2022-07-12	2023-05-18	3.3	None	Local	Medium	Not required	Partial	Partial	None
Windows BitLocker Information Disclosure Vulnerability
6	CVE-2022-22022			2022-07-12	2023-05-17	3.6	None	Local	Low	Not required	None	Partial	Partial
Windows Print Spooler Elevation of Privilege Vulnerability
7	CVE-2022-21997	269		2022-02-09	2022-05-23	3.6	None	Local	Low	Not required	None	Partial	Partial
Windows Print Spooler Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-21999, CVE-2022-22717, CVE-2022-22718.
8	CVE-2022-21900		Bypass	2022-01-11	2022-05-23	3.8	None	Local Network	Medium	???	None	Partial	Partial
Windows Hyper-V Security Feature Bypass Vulnerability. This CVE ID is unique from CVE-2022-21905.
9	CVE-2021-36961		DoS	2021-09-15	2021-09-24	3.6	None	Local	Low	Not required	None	Partial	Partial
Windows Installer Denial of Service Vulnerability
10	CVE-2021-26886		DoS	2021-03-11	2021-03-23	3.6	None	Local	Low	Not required	None	Partial	Partial
User Profile Service Denial of Service Vulnerability
11	CVE-2021-1708			2021-01-12	2021-01-20	3.5	None	Remote	Medium	???	Partial	None	None
Windows GDI+ Information Disclosure Vulnerability
12	CVE-2020-1333	269		2020-07-14	2021-07-21	3.7	None	Local	High	Not required	Partial	Partial	Partial
An elevation of privilege vulnerability exists when Group Policy Services Policy Processing improperly handle reparse points, aka 'Group Policy Services Policy Processing Elevation of Privilege Vulnerability'.
13	CVE-2020-0936	269		2020-04-15	2021-07-21	3.6	None	Local	Low	Not required	None	Partial	Partial
An elevation of privilege vulnerability exists when a Windows scheduled task improperly handles file redirections, aka 'Windows Scheduled Task Elevation of Privilege Vulnerability'.
14	CVE-2020-0785	269		2020-03-12	2020-03-18	3.6	None	Local	Low	Not required	None	Partial	Partial
An elevation of privilege vulnerability exists when the Windows User Profile Service (ProfSvc) improperly handles symlinks, aka 'Windows User Profile Service Elevation of Privilege Vulnerability'.
15	CVE-2020-0730	59		2020-02-11	2020-02-14	3.6	None	Local	Low	Not required	None	Partial	Partial
An elevation of privilege vulnerability exists when the Windows User Profile Service (ProfSvc) improperly handles symlinks, aka 'Windows User Profile Service Elevation of Privilege Vulnerability'.
16	CVE-2019-1454	269		2020-01-24	2020-01-27	3.6	None	Local	Low	Not required	None	Partial	Partial
An elevation of privilege vulnerability exists when the Windows User Profile Service (ProfSvc) improperly handles symlinks, aka 'Windows User Profile Service Elevation of Privilege Vulnerability'.
17	CVE-2019-0986	59		2019-06-12	2020-08-24	3.6	None	Local	Low	Not required	None	Partial	Partial
An elevation of privilege vulnerability exists when the Windows User Profile Service (ProfSvc) improperly handles symlinks, aka 'Windows User Profile Service Elevation of Privilege Vulnerability'.
18	CVE-2018-8547	79	XSS	2018-11-14	2018-12-14	3.5	None	Remote	Medium	???	None	Partial	None
A cross-site-scripting (XSS) vulnerability exists when an open source customization for Microsoft Active Directory Federation Services (AD FS) does not properly sanitize a specially crafted web request to an affected AD FS server, aka "Active Directory Federation Services XSS Vulnerability." This affects Windows Server 2012 R2, Windows RT 8.1, Windows Server 2019, Windows Server 2016, Windows 8.1, Windows 10, Windows 10 Servers.
19	CVE-2018-0976		DoS	2018-04-12	2019-10-03	3.5	None	Remote	Medium	???	None	None	Partial
A denial of service vulnerability exists in Remote Desktop Protocol (RDP) when an attacker connects to the target system using RDP and sends specially crafted requests, aka "Windows Remote Desktop Protocol (RDP) Denial of Service Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.
20	CVE-2018-0751	269		2018-01-04	2019-10-03	3.6	None	Local	Low	Not required	Partial	Partial	None
The Windows Kernel API in Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege vulnerability due to the way the Kernel API enforces permissions, aka "Windows Elevation of Privilege Vulnerability". This CVE ID is unique from CVE-2018-0752.
21	CVE-2017-11815	200	+Info	2017-10-13	2019-05-16	3.5	None	Remote	Medium	???	Partial	None	None
The Microsoft Server Block Message (SMB) on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, allows an information disclosure vulnerability in the way that it handles certain requests, aka "Windows SMB Information Disclosure Vulnerability".
22	CVE-2017-8581	281		2017-07-11	2019-10-03	3.7	None	Local	High	Not required	Partial	Partial	Partial
Win32k in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an elevation of privilege vulnerability when it fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability". This CVE ID is unique from CVE-2017-8578, CVE-2017-8580, CVE-2017-8577, and CVE-2017-8467.
23	CVE-2017-0191		DoS	2017-04-12	2019-10-03	3.5	None	Remote	Medium	???	None	None	Partial
A denial of service vulnerability exists in the way that Windows 7, Windows 8.1, Windows 10, Windows Server 2008 R2, Windows Server 2012, Windows Server 2012 R2, and Windows Server 2016 handles objects in memory. An attacker who successfully exploited the vulnerability could cause a target system to stop responding, aka "Windows Denial of Service Vulnerability."
24	CVE-2016-7224	284	+Priv	2016-11-10	2018-10-12	3.6	None	Local	Low	Not required	Partial	Partial	None
Virtual Hard Disk Driver in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 does not properly restrict access to files, which allows local users to gain privileges via a crafted application, aka "VHD Driver Elevation of Privilege Vulnerability."
25	CVE-2016-7223	284	+Priv	2016-11-10	2018-10-12	3.6	None	Local	Low	Not required	Partial	Partial	None
Virtual Hard Disk Driver in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 does not properly restrict access to files, which allows local users to gain privileges via a crafted application, aka "VHD Driver Elevation of Privilege Vulnerability."
26	CVE-2015-2374	200	+Info	2015-07-14	2019-05-08	3.3	None	Local Network	Low	Not required	Partial	None	None
The Netlogon service in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Server 2008 SP2 and R2 SP1, and Windows Server 2012 Gold and R2 does not properly implement domain-controller communication, which allows remote attackers to discover credentials by leveraging certain PDC access and spoofing the BDC role in a PDC communication channel, aka "Elevation of Privilege Vulnerability in Netlogon."
27	CVE-2015-0009	254	Bypass	2015-02-11	2019-10-29	3.3	None	Local Network	Low	Not required	None	Partial	None
The Group Policy Security Configuration policy implementation in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows man-in-the-middle attackers to disable a signing requirement and trigger a revert-to-default action by spoofing domain-controller responses, aka "Group Policy Security Feature Bypass Vulnerability."
28	CVE-2013-3880	264	Bypass +Info	2013-10-09	2018-10-12	3.5	None	Remote	Medium	???	Partial	None	None
The App Container feature in the kernel-mode drivers in Microsoft Windows 8, Windows Server 2012, and Windows RT allows remote attackers to bypass intended access restrictions and obtain sensitive information from a different container via a Trojan horse application, aka "App Container Elevation of Privilege Vulnerability."

Total number of vulnerabilities : 28 Page : 1 (This Page)