Microsoft Windows Server vulnerabilities

1,081 known vulnerabilities affecting microsoft/windows_server.

Total CVEs
1,081
CISA KEV
33
actively exploited
Public exploits
61
Exploited in wild
38
Severity breakdown
CRITICAL36HIGH746MEDIUM295LOW4

Vulnerabilities

Page 24 of 55
CVE-2020-0940HIGHCVSS 7.8vversion 1803 (Core Installation)v2019+3 more2020-04-15
CVE-2020-0940 [HIGH] CVE-2020-0940: An elevation of privilege vulnerability exists in the way the Windows Push Notification Service hand An elevation of privilege vulnerability exists in the way the Windows Push Notification Service handles objects in memory, aka 'Windows Push Notification Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1001, CVE-2020-1006, CVE-2020-1017.
cvelistv5nvd
CVE-2020-0995HIGHCVSS 7.8vversion 1803 (Core Installation)v2019+15 more2020-04-15
CVE-2020-0995 [HIGH] CVE-2020-0995: A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remot A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0889, CVE-2020-0953, CVE-2020-0959, CVE-2020-0960, CVE-2020-0988, CVE-2020-0992, CVE-2020-0994
cvelistv5
CVE-2020-1001HIGHCVSS 7.8vversion 1803 (Core Installation)v2019+1 more2020-04-15
CVE-2020-1001 [HIGH] CVE-2020-1001: An elevation of privilege vulnerability exists in the way the Windows Push Notification Service handles objects in memory, aka 'Windows Push Notificat An elevation of privilege vulnerability exists in the way the Windows Push Notification Service handles objects in memory, aka 'Windows Push Notification Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0940, CVE-2020-1006, CVE-2020-1017.
cvelistv5
CVE-2020-1015HIGHCVSS 7.8vversion 1803 (Core Installation)v2019+10 more2020-04-15
CVE-2020-1015 [HIGH] CVE-2020-1015: An elevation of privilege vulnerability exists in the way that the User-Mode Power Service (UMPS) handles objects in memory, aka 'Windows Elevation of An elevation of privilege vulnerability exists in the way that the User-Mode Power Service (UMPS) handles objects in memory, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0934, CVE-2020-0983, CVE-2020-1009, CVE-2020-1011.
cvelistv5
CVE-2020-0994HIGHCVSS 7.8vversion 1803 (Core Installation)v2019+15 more2020-04-15
CVE-2020-0994 [HIGH] CVE-2020-0994: A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remot A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0889, CVE-2020-0953, CVE-2020-0959, CVE-2020-0960, CVE-2020-0988, CVE-2020-0992, CVE-2020-0995
cvelistv5
CVE-2020-1004HIGHCVSS 7.8vversion 1803 (Core Installation)v2019+15 more2020-04-15
CVE-2020-1004 [HIGH] CVE-2020-1004: An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handle An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handles objects in memory, aka 'Windows Graphics Component Elevation of Privilege Vulnerability'.
cvelistv5nvd
CVE-2020-0936HIGHCVSS 7.1vversion 1803 (Core Installation)v2019+7 more2020-04-15
CVE-2020-0936 [HIGH] CVE-2020-0936: An elevation of privilege vulnerability exists when a Windows scheduled task improperly handles file An elevation of privilege vulnerability exists when a Windows scheduled task improperly handles file redirections, aka 'Windows Scheduled Task Elevation of Privilege Vulnerability'.
cvelistv5nvd
CVE-2020-0965HIGHCVSS 7.8vversion 1803 (Core Installation)v2019+15 more2020-04-15
CVE-2020-0965 [HIGH] CVE-2020-0965: A remoted code execution vulnerability exists in the way that Microsoft Windows Codecs Library handl A remoted code execution vulnerability exists in the way that Microsoft Windows Codecs Library handles objects in memory, aka 'Microsoft Windows Codecs Library Remote Code Execution Vulnerability'.
cvelistv5nvd
CVE-2020-0985HIGHCVSS 7.8vversion 1803 (Core Installation)v2019+1 more2020-04-15
CVE-2020-0985 [HIGH] CVE-2020-0985: An elevation of privilege vulnerability exists when the Windows Update Stack fails to properly handl An elevation of privilege vulnerability exists when the Windows Update Stack fails to properly handle objects in memory, aka 'Windows Update Stack Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0996.
cvelistv5nvd
CVE-2020-0934HIGHCVSS 7.8vversion 1803 (Core Installation)v2019+10 more2020-04-15
CVE-2020-0934 [HIGH] CVE-2020-0934: An elevation of privilege vulnerability exists when the Windows WpcDesktopMonSvc improperly manages An elevation of privilege vulnerability exists when the Windows WpcDesktopMonSvc improperly manages memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0983, CVE-2020-1009, CVE-2020-1011, CVE-2020-1015.
cvelistv5nvd
CVE-2020-0957HIGHCVSS 7.8v2008 for 32-bit Systems Service Pack 2v2008 for 32-bit Systems Service Pack 2 (Core installation)+6 more2020-04-15
CVE-2020-0957 [HIGH] CVE-2020-0957: An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka 'Win32k An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0956, CVE-2020-0958.
cvelistv5
CVE-2020-1029HIGHCVSS 7.1vversion 1803 (Core Installation)v2019+1 more2020-04-15
CVE-2020-1029 [HIGH] CVE-2020-1029: An elevation of privilege vulnerability exists when Connected User Experiences and Telemetry Service improperly handles file operations, aka 'Connecte An elevation of privilege vulnerability exists when Connected User Experiences and Telemetry Service improperly handles file operations, aka 'Connected User Experiences and Telemetry Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0942, CVE-2020-0944.
cvelistv5
CVE-2020-0907HIGHCVSS 7.8vversion 1803 (Core Installation)v2019+15 more2020-04-15
CVE-2020-0907 [HIGH] CVE-2020-0907: A remote code execution vulnerability exists in the way that Microsoft Graphics Components handle ob A remote code execution vulnerability exists in the way that Microsoft Graphics Components handle objects in memory, aka 'Microsoft Graphics Components Remote Code Execution Vulnerability'.
cvelistv5nvd
CVE-2020-0992HIGHCVSS 7.8vversion 1803 (Core Installation)v2019+15 more2020-04-15
CVE-2020-0992 [HIGH] CVE-2020-0992: A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remot A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0889, CVE-2020-0953, CVE-2020-0959, CVE-2020-0960, CVE-2020-0988, CVE-2020-0994, CVE-2020-0995
cvelistv5
CVE-2020-0950HIGHCVSS 8.8vversion 1803 (Core Installation)v2019+3 more2020-04-15
CVE-2020-0950 [HIGH] CVE-2020-0950: A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory, aka 'Media Foundation Memory Corruption V A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory, aka 'Media Foundation Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0948, CVE-2020-0949.
cvelistv5
CVE-2020-0944HIGHCVSS 7.1vversion 1803 (Core Installation)v2019+1 more2020-04-15
CVE-2020-0944 [HIGH] CVE-2020-0944: An elevation of privilege vulnerability exists when Connected User Experiences and Telemetry Service improperly handles file operations, aka 'Connecte An elevation of privilege vulnerability exists when Connected User Experiences and Telemetry Service improperly handles file operations, aka 'Connected User Experiences and Telemetry Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0942, CVE-2020-1029.
cvelistv5
CVE-2020-1094HIGHCVSS 7.8vversion 1803 (Core Installation)v2019+8 more2020-04-15
CVE-2020-1094 [HIGH] CVE-2020-1094: An elevation of privilege vulnerability exists when the Windows Work Folder Service improperly handl An elevation of privilege vulnerability exists when the Windows Work Folder Service improperly handles file operations, aka 'Windows Work Folder Service Elevation of Privilege Vulnerability'.
cvelistv5nvd
CVE-2020-0949HIGHCVSS 8.8vversion 1803 (Core Installation)v2019+3 more2020-04-15
CVE-2020-0949 [HIGH] CVE-2020-0949: A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory, aka 'Media Foundation Memory Corruption V A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory, aka 'Media Foundation Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0948, CVE-2020-0950.
cvelistv5
CVE-2020-0988HIGHCVSS 7.8vversion 1803 (Core Installation)v2019+15 more2020-04-15
CVE-2020-0988 [HIGH] CVE-2020-0988: A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remot A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0889, CVE-2020-0953, CVE-2020-0959, CVE-2020-0960, CVE-2020-0992, CVE-2020-0994, CVE-2020-0995
cvelistv5
CVE-2020-1008HIGHCVSS 7.8vversion 1803 (Core Installation)v2019+15 more2020-04-15
CVE-2020-1008 [HIGH] CVE-2020-1008: A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remot A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0889, CVE-2020-0953, CVE-2020-0959, CVE-2020-0960, CVE-2020-0988, CVE-2020-0992, CVE-2020-0994
cvelistv5
← Previous24 / 55Next →