CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Microsoft » Windows Server 2019 : Security Vulnerabilities (CVSS score >= 9)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2021-31956 269 2021-06-08 2021-06-14
9.3
None Remote Medium Not required Complete Complete Complete
Windows NTFS Elevation of Privilege Vulnerability
2 CVE-2021-26897 Exec Code 2021-03-11 2021-03-18
10.0
None Remote Low Not required Complete Complete Complete
Windows DNS Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-26877, CVE-2021-26893, CVE-2021-26894, CVE-2021-26895.
3 CVE-2021-26895 Exec Code 2021-03-11 2021-03-18
10.0
None Remote Low Not required Complete Complete Complete
Windows DNS Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-26877, CVE-2021-26893, CVE-2021-26894, CVE-2021-26897.
4 CVE-2021-26894 Exec Code 2021-03-11 2021-03-12
10.0
None Remote Low Not required Complete Complete Complete
Windows DNS Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-26877, CVE-2021-26893, CVE-2021-26895, CVE-2021-26897.
5 CVE-2021-1706 269 2021-01-12 2021-01-19
9.0
None Remote Low ??? Complete Complete Complete
Windows LUAFV Elevation of Privilege Vulnerability
6 CVE-2021-1701 Exec Code 2021-01-12 2021-01-21
9.0
None Remote Low ??? Complete Complete Complete
Remote Procedure Call Runtime Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-1658, CVE-2021-1660, CVE-2021-1664, CVE-2021-1666, CVE-2021-1667, CVE-2021-1671, CVE-2021-1673, CVE-2021-1700.
7 CVE-2021-1700 Exec Code 2021-01-12 2021-01-20
9.0
None Remote Low ??? Complete Complete Complete
Remote Procedure Call Runtime Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-1658, CVE-2021-1660, CVE-2021-1664, CVE-2021-1666, CVE-2021-1667, CVE-2021-1671, CVE-2021-1673, CVE-2021-1701.
8 CVE-2021-1668 Exec Code 2021-01-12 2021-01-20
9.3
None Remote Medium Not required Complete Complete Complete
Microsoft DTV-DVD Video Decoder Remote Code Execution Vulnerability
9 CVE-2021-1667 Exec Code 2021-01-12 2021-01-20
9.0
None Remote Low ??? Complete Complete Complete
Remote Procedure Call Runtime Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-1658, CVE-2021-1660, CVE-2021-1664, CVE-2021-1666, CVE-2021-1671, CVE-2021-1673, CVE-2021-1700, CVE-2021-1701.
10 CVE-2020-17096 Exec Code 2020-12-10 2021-03-04
9.0
None Remote Low ??? Complete Complete Complete
Windows NTFS Remote Code Execution Vulnerability
11 CVE-2020-17095 Exec Code 2020-12-10 2021-03-03
9.0
None Remote Low ??? Complete Complete Complete
Hyper-V Remote Code Execution Vulnerability
12 CVE-2020-17051 Exec Code 2020-11-11 2020-11-23
10.0
None Remote Low Not required Complete Complete Complete
Windows Network File System Remote Code Execution Vulnerability
13 CVE-2020-17049 269 Bypass 2020-11-11 2020-11-23
9.0
None Remote Low ??? Complete Complete Complete
Kerberos Security Feature Bypass Vulnerability
14 CVE-2020-17042 Exec Code 2020-11-11 2020-11-19
9.3
None Remote Medium Not required Complete Complete Complete
Windows Print Spooler Remote Code Execution Vulnerability
15 CVE-2020-16924 119 Exec Code Overflow 2020-10-16 2020-10-22
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'.
16 CVE-2020-16911 Exec Code 2020-10-16 2020-10-20
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory, aka 'GDI+ Remote Code Execution Vulnerability'.
17 CVE-2020-1564 119 Exec Code Overflow 2020-08-17 2020-08-24
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1473, CVE-2020-1557, CVE-2020-1558.
18 CVE-2020-1562 119 Exec Code Overflow 2020-08-17 2020-08-24
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability exists in the way that Microsoft Graphics Components handle objects in memory, aka 'Microsoft Graphics Components Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1561.
19 CVE-2020-1561 119 Exec Code Overflow 2020-08-17 2020-08-24
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability exists in the way that Microsoft Graphics Components handle objects in memory, aka 'Microsoft Graphics Components Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1562.
20 CVE-2020-1558 119 Exec Code Overflow 2020-08-17 2020-08-24
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1473, CVE-2020-1557, CVE-2020-1564.
21 CVE-2020-1557 119 Exec Code Overflow 2020-08-17 2020-08-24
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1473, CVE-2020-1558, CVE-2020-1564.
22 CVE-2020-1508 94 Exec Code 2020-09-11 2020-09-17
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability exists when Windows Media Audio Decoder improperly handles objects, aka 'Windows Media Audio Decoder Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1593.
23 CVE-2020-1472 269 2020-08-17 2021-06-14
9.3
None Remote Medium Not required Complete Complete Complete
An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol (MS-NRPC), aka 'Netlogon Elevation of Privilege Vulnerability'.
24 CVE-2020-1435 119 Exec Code Overflow 2020-07-14 2020-07-20
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory, aka 'GDI+ Remote Code Execution Vulnerability'.
25 CVE-2020-1421 843 Exec Code 2020-07-14 2020-07-23
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability exists in Microsoft Windows that could allow remote code execution if a .LNK file is processed.An attacker who successfully exploited this vulnerability could gain the same user rights as the local user, aka 'LNK Remote Code Execution Vulnerability'.
26 CVE-2020-1416 269 2020-07-14 2021-02-19
9.3
None Remote Medium Not required Complete Complete Complete
An elevation of privilege vulnerability exists in Visual Studio and Visual Studio Code when they load software dependencies, aka 'Visual Studio and Visual Studio Code Elevation of Privilege Vulnerability'.
27 CVE-2020-1412 119 Exec Code Overflow 2020-07-14 2021-02-19
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability exists in the way that Microsoft Graphics Components handle objects in memory, aka 'Microsoft Graphics Components Remote Code Execution Vulnerability'.
28 CVE-2020-1410 Exec Code 2020-07-14 2020-07-24
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability exists when Windows Address Book (WAB) improperly processes vcard files.To exploit the vulnerability, an attacker could send a malicious vcard that a victim opens using Windows Address Book (WAB), aka 'Windows Address Book Remote Code Execution Vulnerability'.
29 CVE-2020-1409 119 Exec Code Overflow 2020-07-14 2020-07-23
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability exists in the way that DirectWrite handles objects in memory, aka 'DirectWrite Remote Code Execution Vulnerability'.
30 CVE-2020-1408 346 Exec Code 2020-07-14 2020-07-23
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts, aka 'Microsoft Graphics Remote Code Execution Vulnerability'.
31 CVE-2020-1407 119 Exec Code Overflow 2020-07-14 2020-07-21
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1400, CVE-2020-1401.
32 CVE-2020-1401 119 Exec Code Overflow 2020-07-14 2020-07-20
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1400, CVE-2020-1407.
33 CVE-2020-1400 119 Exec Code Overflow 2020-07-14 2020-07-23
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1401, CVE-2020-1407.
34 CVE-2020-1350 119 Exec Code Overflow 2020-07-14 2020-07-23
10.0
None Remote Low Not required Complete Complete Complete
A remote code execution vulnerability exists in Windows Domain Name System servers when they fail to properly handle requests, aka 'Windows DNS Server Remote Code Execution Vulnerability'.
35 CVE-2020-1339 119 Exec Code Overflow 2020-08-17 2020-08-21
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability exists when Windows Media Audio Codec improperly handles objects, aka 'Windows Media Remote Code Execution Vulnerability'.
36 CVE-2020-1319 Exec Code 2020-09-11 2020-11-26
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability exists in the way that Microsoft Windows Codecs Library handles objects in memory, aka 'Microsoft Windows Codecs Library Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1129.
37 CVE-2020-1317 269 2020-06-09 2020-06-16
9.0
None Remote Low ??? Complete Complete Complete
An elevation of privilege vulnerability exists when Group Policy improperly checks access, aka 'Group Policy Elevation of Privilege Vulnerability'.
38 CVE-2020-1299 Exec Code 2020-06-09 2020-06-15
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability exists in Microsoft Windows that could allow remote code execution if a .LNK file is processed.An attacker who successfully exploited this vulnerability could gain the same user rights as the local user, aka 'LNK Remote Code Execution Vulnerability'.
39 CVE-2020-1286 20 Exec Code 2020-06-09 2020-06-15
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability exists when the Windows Shell does not properly validate file paths.An attacker who successfully exploited this vulnerability could run arbitrary code in the context of the current user, aka 'Windows Shell Remote Code Execution Vulnerability'.
40 CVE-2020-1285 Exec Code 2020-09-11 2020-09-17
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory, aka 'GDI+ Remote Code Execution Vulnerability'.
41 CVE-2020-1236 119 Exec Code Overflow 2020-06-09 2020-06-14
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1208.
42 CVE-2020-1208 119 Exec Code Overflow 2020-06-09 2020-06-15
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1236.
43 CVE-2020-1176 119 Exec Code Overflow 2020-05-21 2020-05-22
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1051, CVE-2020-1174, CVE-2020-1175.
44 CVE-2020-1175 119 Exec Code Overflow 2020-05-21 2020-05-22
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1051, CVE-2020-1174, CVE-2020-1176.
45 CVE-2020-1174 119 Exec Code Overflow 2020-05-21 2020-05-22
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1051, CVE-2020-1175, CVE-2020-1176.
46 CVE-2020-1167 119 Exec Code Overflow 2020-10-16 2020-10-21
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability exists in the way that Microsoft Graphics Components handle objects in memory, aka 'Microsoft Graphics Components Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-16923.
47 CVE-2020-1153 119 Exec Code Overflow 2020-05-21 2020-05-27
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability exists in the way that Microsoft Graphics Components handle objects in memory, aka 'Microsoft Graphics Components Remote Code Execution Vulnerability'.
48 CVE-2020-1136 119 Overflow Mem. Corr. 2020-05-21 2020-05-26
9.3
None Remote Medium Not required Complete Complete Complete
A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory, aka 'Media Foundation Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-1028, CVE-2020-1126, CVE-2020-1150.
49 CVE-2020-1126 119 Overflow Mem. Corr. 2020-05-21 2020-05-27
9.3
None Remote Medium Not required Complete Complete Complete
A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory, aka 'Media Foundation Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-1028, CVE-2020-1136, CVE-2020-1150.
50 CVE-2020-1117 119 Exec Code Overflow 2020-05-21 2020-05-27
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability exists in the way that the Color Management Module (ICM32.dll) handles objects in memory, aka 'Microsoft Color Management Remote Code Execution Vulnerability'.
Total number of vulnerabilities : 211   Page : 1 (This Page)2 3 4 5
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.