Microsoft Windows Server 2016 vulnerabilities

4,167 known vulnerabilities affecting microsoft/windows_server_2016.

Total CVEs

4,167

CISA KEV

115

actively exploited

Public exploits

129

Exploited in wild

107

Severity breakdown

CRITICAL114HIGH2916MEDIUM1118LOW19

Vulnerabilities

Page 129 of 209

CVE-2021-31167HIGHCVSS 7.8v20h2v1909+1 more2021-05-11

CVE-2021-31167 [HIGH] CWE-732 CVE-2021-31167: Windows Container Manager Service Elevation of Privilege Vulnerability Windows Container Manager Service Elevation of Privilege Vulnerability

nvd

CVE-2021-31168HIGHCVSS 7.8v20h2v20042021-05-11

CVE-2021-31168 [HIGH] CWE-269 CVE-2021-31168: Windows Container Manager Service Elevation of Privilege Vulnerability Windows Container Manager Service Elevation of Privilege Vulnerability

nvd

CVE-2021-31194HIGHCVSS 8.8v20h2v1909+2 more2021-05-11

CVE-2021-31194 [HIGH] CVE-2021-31194: OLE Automation Remote Code Execution Vulnerability OLE Automation Remote Code Execution Vulnerability

nvd

CVE-2021-31165HIGHCVSS 7.8v20h2v20042021-05-11

CVE-2021-31165 [HIGH] CWE-863 CVE-2021-31165: Windows Container Manager Service Elevation of Privilege Vulnerability Windows Container Manager Service Elevation of Privilege Vulnerability

nvd

CVE-2021-31193HIGHCVSS 7.8v20h2v1909+2 more2021-05-11

CVE-2021-31193 [HIGH] CVE-2021-31193: Windows SSDP Service Elevation of Privilege Vulnerability Windows SSDP Service Elevation of Privilege Vulnerability

nvd

CVE-2021-31182HIGHCVSS 7.1≥ 10.0.0, < 10.0.14393.44012021-05-11

CVE-2021-31182 [HIGH] Microsoft Bluetooth Driver Spoofing Vulnerability Microsoft Bluetooth Driver Spoofing Vulnerability Microsoft Bluetooth Driver Spoofing Vulnerability

cvelistv5

CVE-2021-31185MEDIUMCVSS 5.5v20h2v20042021-05-11

CVE-2021-31185 [MEDIUM] CVE-2021-31185: Windows Desktop Bridge Denial of Service Vulnerability Windows Desktop Bridge Denial of Service Vulnerability

nvd

CVE-2021-31191MEDIUMCVSS 5.5v20h2v1909+1 more2021-05-11

CVE-2021-31191 [MEDIUM] CVE-2021-31191: Windows Projected File System FS Filter Driver Information Disclosure Vulnerability Windows Projected File System FS Filter Driver Information Disclosure Vulnerability

nvd

CVE-2021-31188MEDIUMCVSS 5.5v20h2v1909+2 more2021-05-11

CVE-2021-31188 [MEDIUM] CWE-416 CVE-2021-31188: Windows Graphics Component Elevation of Privilege Vulnerability Windows Graphics Component Elevation of Privilege Vulnerability

nvd

CVE-2021-31184MEDIUMCVSS 5.5v20h2v1909+2 more2021-05-11

CVE-2021-31184 [MEDIUM] CVE-2021-31184: Microsoft Windows Infrared Data Association (IrDA) Information Disclosure Vulnerability Microsoft Windows Infrared Data Association (IrDA) Information Disclosure Vulnerability

nvd

CVE-2021-28479MEDIUMCVSS 5.5v20h2v1909+2 more2021-05-11

CVE-2021-28479 [MEDIUM] CVE-2021-28479: Windows CSC Service Information Disclosure Vulnerability Windows CSC Service Information Disclosure Vulnerability

nvd

CVE-2021-31186MEDIUMCVSS 6.5v20h2v1909+2 more2021-05-11

CVE-2021-31186 [MEDIUM] CVE-2021-31186: Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability

nvd

CVE-2021-31205MEDIUMCVSS 6.5v20h2v20042021-05-11

CVE-2021-31205 [MEDIUM] CVE-2021-31205: Windows SMB Client Security Feature Bypass Vulnerability Windows SMB Client Security Feature Bypass Vulnerability

nvd

CVE-2020-24588LOWCVSS 3.5v20042021-05-11

CVE-2020-24588 [LOW] CWE-327 CVE-2020-24588: The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that the A-MSDU flag in the plaintext QoS header field is authenticated. Against devices that support receiving non-SSP A-MSDU frames (which is mandatory as part of 802.11n), an adversary can abuse this to inject arbitrary

nvd

CVE-2021-27092CRITICALCVSS 9.8v20h2v1909+1 more2021-04-13

CVE-2021-27092 [CRITICAL] CVE-2021-27092: Azure AD Web Sign-in Security Feature Bypass Vulnerability Azure AD Web Sign-in Security Feature Bypass Vulnerability

nvd

CVE-2021-28355HIGHCVSS 8.8v20h2v1909+2 more2021-04-13

CVE-2021-28355 [HIGH] CVE-2021-28355: Remote Procedure Call Runtime Remote Code Execution Vulnerability Remote Procedure Call Runtime Remote Code Execution Vulnerability

nvd

CVE-2021-28327HIGHCVSS 8.8v20h2v1909+2 more2021-04-13

CVE-2021-28327 [HIGH] CVE-2021-28327: Remote Procedure Call Runtime Remote Code Execution Vulnerability Remote Procedure Call Runtime Remote Code Execution Vulnerability

nvd

CVE-2021-28434HIGHCVSS 8.8v20h2v1909+2 more2021-04-13

CVE-2021-28434 [HIGH] CVE-2021-28434: Remote Procedure Call Runtime Remote Code Execution Vulnerability Remote Procedure Call Runtime Remote Code Execution Vulnerability

nvd

CVE-2021-28340HIGHCVSS 8.8v20h2v1909+2 more2021-04-13

CVE-2021-28340 [HIGH] CVE-2021-28340: Remote Procedure Call Runtime Remote Code Execution Vulnerability Remote Procedure Call Runtime Remote Code Execution Vulnerability

nvd

CVE-2021-28335HIGHCVSS 8.8v20h2v1909+2 more2021-04-13

CVE-2021-28335 [HIGH] CVE-2021-28335: Remote Procedure Call Runtime Remote Code Execution Vulnerability Remote Procedure Call Runtime Remote Code Execution Vulnerability

nvd

← Previous129 / 209Next →