CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  Take a third party risk management course for FREE
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Microsoft » Windows Server 2019 : Security Vulnerabilities (CVSS score between 7 and 7.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2022-32230 476 2022-06-14 2022-06-23
7.8
None Remote Low Not required None None Complete
Microsoft Windows SMBv3 suffers from a null pointer dereference in versions of Windows prior to the April, 2022 patch set. By sending a malformed FileNormalizedNameInformation SMBv3 request over a named pipe, an attacker can cause a Blue Screen of Death (BSOD) crash of the Windows kernel. For most systems, this attack requires authentication, except in the special case of Windows Domain Controllers, where unauthenticated users can always open named pipes as long as they can establish an SMB session. Typically, after the BSOD, the victim SMBv3 server will reboot.
2 CVE-2022-30138 2022-05-18 2022-05-31
7.2
None Local Low Not required Complete Complete Complete
Windows Print Spooler Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-29104, CVE-2022-29132.
3 CVE-2022-30132 2022-06-15 2022-06-24
7.2
None Local Low Not required Complete Complete Complete
Windows Container Manager Service Elevation of Privilege Vulnerability.
4 CVE-2022-30131 2022-06-15 2022-06-24
7.2
None Local Low Not required Complete Complete Complete
Windows Container Isolation FS Filter Driver Elevation of Privilege Vulnerability.
5 CVE-2022-29132 2022-05-10 2022-05-23
7.2
None Local Low Not required Complete Complete Complete
Windows Print Spooler Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-29104.
6 CVE-2022-26937 Exec Code 2022-05-10 2022-05-23
7.5
None Remote Low Not required Partial Partial Partial
Windows Network File System Remote Code Execution Vulnerability.
7 CVE-2022-26932 2022-05-10 2022-05-23
7.2
None Local Low Not required Complete Complete Complete
Storage Spaces Direct Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-26938, CVE-2022-26939.
8 CVE-2022-26803 269 2022-04-15 2022-04-18
7.2
None Local Low Not required Complete Complete Complete
Windows Print Spooler Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-26786, CVE-2022-26787, CVE-2022-26789, CVE-2022-26790, CVE-2022-26791, CVE-2022-26792, CVE-2022-26793, CVE-2022-26794, CVE-2022-26795, CVE-2022-26796, CVE-2022-26797, CVE-2022-26798, CVE-2022-26801, CVE-2022-26802.
9 CVE-2022-26798 269 2022-04-15 2022-04-19
7.2
None Local Low Not required Complete Complete Complete
Windows Print Spooler Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-26786, CVE-2022-26787, CVE-2022-26789, CVE-2022-26790, CVE-2022-26791, CVE-2022-26792, CVE-2022-26793, CVE-2022-26794, CVE-2022-26795, CVE-2022-26796, CVE-2022-26797, CVE-2022-26801, CVE-2022-26802, CVE-2022-26803.
10 CVE-2022-24550 269 2022-04-15 2022-04-25
7.2
None Local Low Not required Complete Complete Complete
Windows Telephony Server Elevation of Privilege Vulnerability.
11 CVE-2022-24497 Exec Code 2022-04-15 2022-04-22
7.5
None Remote Low Not required Partial Partial Partial
Windows Network File System Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-24491.
12 CVE-2022-24491 Exec Code 2022-04-15 2022-04-22
7.5
None Remote Low Not required Partial Partial Partial
Windows Network File System Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-24497.
13 CVE-2022-24487 Exec Code 2022-04-15 2022-04-22
7.5
None Remote Low Not required Partial Partial Partial
Windows Local Security Authority (LSA) Remote Code Execution Vulnerability.
14 CVE-2022-24460 362 2022-03-09 2022-05-23
7.6
None Remote High Not required Complete Complete Complete
Tablet Windows User Interface Application Elevation of Privilege Vulnerability.
15 CVE-2022-24459 269 2022-03-09 2022-05-23
7.2
None Local Low Not required Complete Complete Complete
Windows Fax and Scan Service Elevation of Privilege Vulnerability.
16 CVE-2022-24455 269 2022-03-09 2022-03-14
7.2
None Local Low Not required Complete Complete Complete
Windows CD-ROM Driver Elevation of Privilege Vulnerability.
17 CVE-2022-24454 269 2022-03-09 2022-05-23
7.2
None Local Low Not required Complete Complete Complete
Windows Security Support Provider Interface Elevation of Privilege Vulnerability.
18 CVE-2022-23299 269 2022-03-09 2022-05-23
7.2
None Local Low Not required Complete Complete Complete
Windows PDEV Elevation of Privilege Vulnerability.
19 CVE-2022-23296 269 2022-03-09 2022-05-23
7.2
None Local Low Not required Complete Complete Complete
Windows Installer Elevation of Privilege Vulnerability.
20 CVE-2022-23293 269 2022-03-09 2022-05-23
7.2
None Local Low Not required Complete Complete Complete
Windows Fast FAT File System Driver Elevation of Privilege Vulnerability.
21 CVE-2022-23291 269 2022-03-09 2022-05-23
7.2
None Local Low Not required Complete Complete Complete
Windows DWM Core Library Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-23288.
22 CVE-2022-23290 269 2022-03-09 2022-05-23
7.2
None Local Low Not required Complete Complete Complete
Windows Inking COM Elevation of Privilege Vulnerability.
23 CVE-2022-22718 269 2022-02-09 2022-05-23
7.2
None Local Low Not required Complete Complete Complete
Windows Print Spooler Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-21997, CVE-2022-21999, CVE-2022-22717.
24 CVE-2022-22715 269 2022-02-09 2022-05-23
7.2
None Local Low Not required Complete Complete Complete
Named Pipe File System Elevation of Privilege Vulnerability.
25 CVE-2022-22001 269 2022-02-09 2022-05-23
7.2
None Local Low Not required Complete Complete Complete
Windows Remote Access Connection Manager Elevation of Privilege Vulnerability.
26 CVE-2022-22000 269 2022-02-09 2022-05-23
7.2
None Local Low Not required Complete Complete Complete
Windows Common Log File System Driver Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-21981.
27 CVE-2022-21994 269 2022-02-09 2022-05-23
7.2
None Local Low Not required Complete Complete Complete
Windows DWM Core Library Elevation of Privilege Vulnerability.
28 CVE-2022-21993 668 2022-02-09 2022-05-23
7.8
None Remote Low Not required Complete None None
Windows Services for NFS ONCRPC XDR Driver Information Disclosure Vulnerability.
29 CVE-2022-21963 Exec Code 2022-01-11 2022-05-23
7.2
None Local Low Not required Complete Complete Complete
Windows Resilient File System (ReFS) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-21892, CVE-2022-21928, CVE-2022-21958, CVE-2022-21959, CVE-2022-21960, CVE-2022-21961, CVE-2022-21962.
30 CVE-2022-21962 Exec Code 2022-01-11 2022-05-23
7.2
None Local Low Not required Complete Complete Complete
Windows Resilient File System (ReFS) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-21892, CVE-2022-21928, CVE-2022-21958, CVE-2022-21959, CVE-2022-21960, CVE-2022-21961, CVE-2022-21963.
31 CVE-2022-21961 Exec Code 2022-01-11 2022-05-23
7.2
None Local Low Not required Complete Complete Complete
Windows Resilient File System (ReFS) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-21892, CVE-2022-21928, CVE-2022-21958, CVE-2022-21959, CVE-2022-21960, CVE-2022-21962, CVE-2022-21963.
32 CVE-2022-21960 Exec Code 2022-01-11 2022-05-23
7.2
None Local Low Not required Complete Complete Complete
Windows Resilient File System (ReFS) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-21892, CVE-2022-21928, CVE-2022-21958, CVE-2022-21959, CVE-2022-21961, CVE-2022-21962, CVE-2022-21963.
33 CVE-2022-21959 Exec Code 2022-01-11 2022-05-23
7.2
None Local Low Not required Complete Complete Complete
Windows Resilient File System (ReFS) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-21892, CVE-2022-21928, CVE-2022-21958, CVE-2022-21960, CVE-2022-21961, CVE-2022-21962, CVE-2022-21963.
34 CVE-2022-21958 Exec Code 2022-01-11 2022-05-23
7.2
None Local Low Not required Complete Complete Complete
Windows Resilient File System (ReFS) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-21892, CVE-2022-21928, CVE-2022-21959, CVE-2022-21960, CVE-2022-21961, CVE-2022-21962, CVE-2022-21963.
35 CVE-2022-21916 269 2022-01-11 2022-05-23
7.2
None Local Low Not required Complete Complete Complete
Windows Common Log File System Driver Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-21897.
36 CVE-2022-21914 269 2022-01-11 2022-05-23
7.2
None Local Low Not required Complete Complete Complete
Windows Remote Access Connection Manager Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-21885.
37 CVE-2022-21912 Exec Code 2022-01-11 2022-05-23
7.2
None Local Low Not required Complete Complete Complete
DirectX Graphics Kernel Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-21898.
38 CVE-2022-21908 269 2022-01-11 2022-05-23
7.2
None Local Low Not required Complete Complete Complete
Windows Installer Elevation of Privilege Vulnerability.
39 CVE-2022-21903 269 2022-01-11 2022-05-23
7.2
None Local Low Not required Complete Complete Complete
Windows GDI Elevation of Privilege Vulnerability.
40 CVE-2022-21902 269 2022-01-11 2022-05-23
7.2
None Local Low Not required Complete Complete Complete
Windows DWM Core Library Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-21852, CVE-2022-21896.
41 CVE-2022-21901 269 2022-01-11 2022-05-23
7.7
None Local Network Low ??? Complete Complete Complete
Windows Hyper-V Elevation of Privilege Vulnerability.
42 CVE-2022-21897 269 2022-01-11 2022-05-23
7.2
None Local Low Not required Complete Complete Complete
Windows Common Log File System Driver Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-21916.
43 CVE-2022-21895 269 2022-01-11 2022-05-23
7.2
None Local Low Not required Complete Complete Complete
Windows User Profile Service Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-21919.
44 CVE-2022-21892 Exec Code 2022-01-11 2022-05-23
7.2
None Local Low Not required Complete Complete Complete
Windows Resilient File System (ReFS) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-21928, CVE-2022-21958, CVE-2022-21959, CVE-2022-21960, CVE-2022-21961, CVE-2022-21962, CVE-2022-21963.
45 CVE-2022-21885 269 2022-01-11 2022-05-23
7.2
None Local Low Not required Complete Complete Complete
Windows Remote Access Connection Manager Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-21914.
46 CVE-2022-21884 269 2022-01-11 2022-05-23
7.2
None Local Low Not required Complete Complete Complete
Local Security Authority Subsystem Service Elevation of Privilege Vulnerability.
47 CVE-2022-21883 DoS 2022-01-11 2022-05-23
7.1
None Remote Medium Not required None None Complete
Windows IKE Extension Denial of Service Vulnerability. This CVE ID is unique from CVE-2022-21843, CVE-2022-21848, CVE-2022-21889, CVE-2022-21890.
48 CVE-2022-21882 269 2022-01-11 2022-05-23
7.2
None Local Low Not required Complete Complete Complete
Win32k Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-21887.
49 CVE-2022-21881 269 2022-01-11 2022-05-23
7.2
None Local Low Not required Complete Complete Complete
Windows Kernel Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-21879.
50 CVE-2022-21880 668 2022-01-11 2022-05-23
7.8
None Remote Low Not required Complete None None
Windows GDI+ Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-21915.
Total number of vulnerabilities : 436   Page : 1 (This Page)2 3 4 5 6 7 8 9
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.