Microsoft Windows Server 2016 vulnerabilities
4,181 known vulnerabilities affecting microsoft/windows_server_2016.
Total CVEs
4,181
CISA KEV
116
actively exploited
Public exploits
137
Exploited in wild
109
Severity breakdown
CRITICAL114HIGH2918MEDIUM1130LOW19
Vulnerabilities
Page 23 of 210
CVE-2025-49667HIGHCVSS 7.8fixed in 10.0.14393.8246≥ 10.0.14393.0, < 10.0.14393.82462025-07-08
CVE-2025-49667 [HIGH] CWE-415 CVE-2025-49667: Double free in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally.
Double free in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally.
cvelistv5nvd
CVE-2025-49674HIGHCVSS 8.8fixed in 10.0.14393.8246≥ 10.0.14393.0, < 10.0.14393.82462025-07-08
CVE-2025-49674 [HIGH] CWE-122 CVE-2025-49674: Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorize
Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.
cvelistv5nvd
CVE-2025-47971HIGHCVSS 7.8fixed in 10.0.14393.8246≥ 10.0.14393.0, < 10.0.14393.82462025-07-08
CVE-2025-47971 [HIGH] CWE-126 CVE-2025-47971: Buffer over-read in Virtual Hard Disk (VHDX) allows an unauthorized attacker to elevate privileges l
Buffer over-read in Virtual Hard Disk (VHDX) allows an unauthorized attacker to elevate privileges locally.
cvelistv5nvd
CVE-2025-48816HIGHCVSS 7.8fixed in 10.0.14393.8246≥ 10.0.14393.0, < 10.0.14393.82462025-07-08
CVE-2025-48816 [HIGH] CWE-125 CVE-2025-48816: Integer overflow or wraparound in HID class driver allows an authorized attacker to elevate privileg
Integer overflow or wraparound in HID class driver allows an authorized attacker to elevate privileges locally.
cvelistv5nvd
CVE-2025-49672HIGHCVSS 8.8fixed in 10.0.14393.8246≥ 10.0.14393.0, < 10.0.14393.82462025-07-08
CVE-2025-49672 [HIGH] CWE-122 CVE-2025-49672: Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorize
Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.
cvelistv5nvd
CVE-2025-47991HIGHCVSS 7.8fixed in 10.0.14393.8246≥ 10.0.14393.0, < 10.0.14393.82462025-07-08
CVE-2025-47991 [HIGH] CWE-416 CVE-2025-47991: Use after free in Microsoft Input Method Editor (IME) allows an authorized attacker to elevate privi
Use after free in Microsoft Input Method Editor (IME) allows an authorized attacker to elevate privileges locally.
cvelistv5nvd
CVE-2025-47987HIGHCVSS 7.8fixed in 10.0.14393.8246≥ 10.0.14393.0, < 10.0.14393.82462025-07-08
CVE-2025-47987 [HIGH] CWE-122 CVE-2025-47987: Heap-based buffer overflow in Windows Cred SSProvider Protocol allows an authorized attacker to elev
Heap-based buffer overflow in Windows Cred SSProvider Protocol allows an authorized attacker to elevate privileges locally.
cvelistv5nvd
CVE-2025-47998HIGHCVSS 8.8fixed in 10.0.14393.8246≥ 10.0.14393.0, < 10.0.14393.82462025-07-08
CVE-2025-47998 [HIGH] CWE-122 CVE-2025-47998: Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorize
Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.
cvelistv5nvd
CVE-2025-49735HIGHCVSS 8.1fixed in 10.0.14393.8148≥ 10.0.14393.0, < 10.0.14393.81482025-07-08
CVE-2025-49735 [HIGH] CWE-416 CVE-2025-49735: Use after free in Windows KDC Proxy Service (KPSSVC) allows an unauthorized attacker to execute code
Use after free in Windows KDC Proxy Service (KPSSVC) allows an unauthorized attacker to execute code over a network.
cvelistv5nvd
CVE-2025-49744HIGHCVSS 7.0PoCfixed in 10.0.14393.8246≥ 10.0.14393.0, < 10.0.14393.82462025-07-08
CVE-2025-49744 [HIGH] CWE-122 CVE-2025-49744: Heap-based buffer overflow in Microsoft Graphics Component allows an authorized attacker to elevate
Heap-based buffer overflow in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally.
cvelistv5nvd
CVE-2025-47985HIGHCVSS 7.8fixed in 10.0.14393.8246≥ 10.0.14393.0, < 10.0.14393.82462025-07-08
CVE-2025-47985 [HIGH] CWE-822 CVE-2025-47985: Untrusted pointer dereference in Windows Event Tracing allows an authorized attacker to elevate priv
Untrusted pointer dereference in Windows Event Tracing allows an authorized attacker to elevate privileges locally.
cvelistv5nvd
CVE-2025-48821HIGHCVSS 7.1fixed in 10.0.14393.8246≥ 10.0.14393.0, < 10.0.14393.82462025-07-08
CVE-2025-48821 [HIGH] CWE-416 CVE-2025-48821: Use after free in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker t
Use after free in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges over an adjacent network.
cvelistv5nvd
CVE-2025-47159HIGHCVSS 7.8fixed in 10.0.14393.8246≥ 10.0.14393.0, < 10.0.14393.82462025-07-08
CVE-2025-47159 [HIGH] CWE-693 CVE-2025-47159: Protection mechanism failure in Windows Virtualization-Based Security (VBS) Enclave allows an author
Protection mechanism failure in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to elevate privileges locally.
cvelistv5nvd
CVE-2025-49659HIGHCVSS 7.8fixed in 10.0.14393.8246≥ 10.0.14393.0, < 10.0.14393.82462025-07-08
CVE-2025-49659 [HIGH] CWE-126 CVE-2025-49659: Buffer over-read in Windows TDX.sys allows an authorized attacker to elevate privileges locally.
Buffer over-read in Windows TDX.sys allows an authorized attacker to elevate privileges locally.
cvelistv5nvd
CVE-2025-48806HIGHCVSS 7.8fixed in 10.0.14393.8246≥ 10.0.14393.0, < 10.0.14393.82462025-07-08
CVE-2025-48806 [HIGH] CWE-416 CVE-2025-48806: Use after free in Microsoft MPEG-2 Video Extension allows an authorized attacker to execute code loc
Use after free in Microsoft MPEG-2 Video Extension allows an authorized attacker to execute code locally.
cvelistv5nvd
CVE-2025-49726HIGHCVSS 7.8fixed in 10.0.14393.8246≥ 10.0.14393.0, < 10.0.14393.82462025-07-08
CVE-2025-49726 [HIGH] CWE-416 CVE-2025-49726: Use after free in Windows Notification allows an authorized attacker to elevate privileges locally.
Use after free in Windows Notification allows an authorized attacker to elevate privileges locally.
cvelistv5nvd
CVE-2025-48819HIGHCVSS 7.1fixed in 10.0.14393.8246≥ 10.0.14393.0, < 10.0.14393.82462025-07-08
CVE-2025-48819 [HIGH] CWE-591 CVE-2025-48819: Sensitive data storage in improperly locked memory in Windows Universal Plug and Play (UPnP) Device
Sensitive data storage in improperly locked memory in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges over an adjacent network.
cvelistv5nvd
CVE-2025-49740HIGHCVSS 8.8fixed in 10.0.14393.8246≥ 10.0.14393.0, < 10.0.14393.82462025-07-08
CVE-2025-49740 [HIGH] CWE-693 CVE-2025-49740: Protection mechanism failure in Windows SmartScreen allows an unauthorized attacker to bypass a secu
Protection mechanism failure in Windows SmartScreen allows an unauthorized attacker to bypass a security feature over a network.
cvelistv5nvd
CVE-2025-48817HIGHCVSS 8.8fixed in 10.0.14393.8246≥ 10.0.14393.0, < 10.0.14393.82462025-07-08
CVE-2025-48817 [HIGH] CWE-23 CVE-2025-48817: Relative path traversal in Remote Desktop Client allows an unauthorized attacker to execute code ove
Relative path traversal in Remote Desktop Client allows an unauthorized attacker to execute code over a network.
cvelistv5nvd
CVE-2025-48820HIGHCVSS 7.8fixed in 10.0.14393.8246≥ 10.0.14393.0, < 10.0.14393.82462025-07-08
CVE-2025-48820 [HIGH] CWE-59 CVE-2025-48820: Improper link resolution before file access ('link following') in Windows AppX Deployment Service al
Improper link resolution before file access ('link following') in Windows AppX Deployment Service allows an authorized attacker to elevate privileges locally.
cvelistv5nvd