ReportizFlow
Filtered by vendor Microsoft
Subscriptions
Filtered by product Windows Server 2016
Subscriptions
Total
5014 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-20804 | 1 Microsoft | 18 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 15 more | 2026-01-14 | 7.7 High |
| Incorrect privilege assignment in Windows Hello allows an unauthorized attacker to perform tampering locally. | ||||
| CVE-2026-0386 | 1 Microsoft | 11 Windows Server 2008, Windows Server 2008 R2, Windows Server 2008 Sp2 and 8 more | 2026-01-14 | 7.5 High |
| Improper access control in Windows Deployment Services allows an unauthorized attacker to execute code over an adjacent network. | ||||
| CVE-2026-20925 | 1 Microsoft | 16 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 13 more | 2026-01-14 | 6.5 Medium |
| External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing over a network. | ||||
| CVE-2026-20926 | 1 Microsoft | 14 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 11 more | 2026-01-14 | 7.5 High |
| Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SMB Server allows an authorized attacker to elevate privileges over a network. | ||||
| CVE-2026-20927 | 1 Microsoft | 16 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 13 more | 2026-01-14 | 5.3 Medium |
| Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SMB Server allows an authorized attacker to deny service over a network. | ||||
| CVE-2026-20932 | 1 Microsoft | 12 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 9 more | 2026-01-14 | 5.5 Medium |
| Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an authorized attacker to disclose information locally. | ||||
| CVE-2026-20934 | 1 Microsoft | 14 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 11 more | 2026-01-14 | 7.5 High |
| Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SMB Server allows an authorized attacker to elevate privileges over a network. | ||||
| CVE-2026-20940 | 1 Microsoft | 12 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 9 more | 2026-01-14 | 7.8 High |
| Heap-based buffer overflow in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2019-0543 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1703 and 12 more | 2026-01-14 | 7.8 High |
| An elevation of privilege vulnerability exists when Windows improperly handles authentication requests, aka "Microsoft Windows Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. | ||||
| CVE-2019-1429 | 1 Microsoft | 14 Internet Explorer, Windows 10 1507, Windows 10 1607 and 11 more | 2026-01-14 | 7.5 High |
| A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1426, CVE-2019-1427, CVE-2019-1428. | ||||
| CVE-2022-41128 | 1 Microsoft | 24 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 21 more | 2026-01-14 | 8.8 High |
| Windows Scripting Languages Remote Code Execution Vulnerability | ||||
| CVE-2026-20929 | 1 Microsoft | 13 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 10 more | 2026-01-14 | 7.5 High |
| Improper access control in Windows HTTP.sys allows an authorized attacker to elevate privileges over a network. | ||||
| CVE-2026-20937 | 1 Microsoft | 12 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 9 more | 2026-01-14 | 5.5 Medium |
| Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an authorized attacker to disclose information locally. | ||||
| CVE-2026-20936 | 1 Microsoft | 16 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 13 more | 2026-01-14 | 4.3 Medium |
| Out-of-bounds read in Windows NDIS allows an authorized attacker to disclose information with a physical attack. | ||||
| CVE-2026-20931 | 1 Microsoft | 16 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 13 more | 2026-01-14 | 8 High |
| External control of file name or path in Windows Telephony Service allows an authorized attacker to elevate privileges over an adjacent network. | ||||
| CVE-2026-20939 | 1 Microsoft | 12 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 9 more | 2026-01-14 | 5.5 Medium |
| Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an authorized attacker to disclose information locally. | ||||
| CVE-2026-20805 | 1 Microsoft | 20 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 17 more | 2026-01-14 | 5.5 Medium |
| Exposure of sensitive information to an unauthorized actor in Desktop Windows Manager allows an authorized attacker to disclose information locally. | ||||
| CVE-2021-31956 | 1 Microsoft | 22 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 19 more | 2026-01-14 | 7.8 High |
| Windows NTFS Elevation of Privilege Vulnerability | ||||
| CVE-2022-37969 | 1 Microsoft | 22 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 19 more | 2026-01-14 | 7.8 High |
| Windows Common Log File System Driver Elevation of Privilege Vulnerability | ||||
| CVE-2022-41033 | 1 Microsoft | 24 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 21 more | 2026-01-14 | 7.8 High |
| Windows COM+ Event System Service Elevation of Privilege Vulnerability | ||||