Microsoft Windows Server 2016 vulnerabilities

4,167 known vulnerabilities affecting microsoft/windows_server_2016.

Total CVEs

4,167

CISA KEV

114

actively exploited

Public exploits

129

Exploited in wild

107

Severity breakdown

CRITICAL114HIGH2916MEDIUM1118LOW19

Vulnerabilities

Page 36 of 209

CVE-2025-21295HIGHCVSS 8.1fixed in 10.0.14393.7699≥ 10.0.14393.0, < 10.0.14393.76992025-01-14

CVE-2025-21295 [HIGH] CWE-416 CVE-2025-21295: SPNEGO Extended Negotiation (NEGOEX) Security Mechanism Remote Code Execution Vulnerability SPNEGO Extended Negotiation (NEGOEX) Security Mechanism Remote Code Execution Vulnerability

nvd

CVE-2025-21338HIGHCVSS 7.8≥ 10.0.14393.0, < 10.0.14393.76992025-01-14

CVE-2025-21338 [HIGH] CWE-190 GDI+ Remote Code Execution Vulnerability GDI+ Remote Code Execution Vulnerability GDI+ Remote Code Execution Vulnerability

cvelistv5

CVE-2025-21302HIGHCVSS 8.8fixed in 10.0.14393.7699≥ 10.0.14393.0, < 10.0.14393.76992025-01-14

CVE-2025-21302 [HIGH] CWE-122 CVE-2025-21302: Windows Telephony Service Remote Code Execution Vulnerability Windows Telephony Service Remote Code Execution Vulnerability

nvd

CVE-2025-21294HIGHCVSS 8.1fixed in 10.0.14393.7699≥ 10.0.14393.0, < 10.0.14393.76992025-01-14

CVE-2025-21294 [HIGH] CWE-591 CVE-2025-21294: Microsoft Digest Authentication Remote Code Execution Vulnerability Microsoft Digest Authentication Remote Code Execution Vulnerability

nvd

CVE-2025-21332HIGHCVSS 8.8fixed in 10.0.14393.7699≥ 10.0.14393.0, < 10.0.14393.76992025-01-14

CVE-2025-21332 [HIGH] CWE-41 CVE-2025-21332: MapUrlToZone Security Feature Bypass Vulnerability MapUrlToZone Security Feature Bypass Vulnerability

nvd

CVE-2025-21305HIGHCVSS 8.8fixed in 10.0.14393.7699≥ 10.0.14393.0, < 10.0.14393.76992025-01-14

CVE-2025-21305 [HIGH] CWE-122 CVE-2025-21305: Windows Telephony Service Remote Code Execution Vulnerability Windows Telephony Service Remote Code Execution Vulnerability

nvd

CVE-2025-21252HIGHCVSS 8.8fixed in 10.0.14393.7699≥ 10.0.14393.0, < 10.0.14393.76992025-01-14

CVE-2025-21252 [HIGH] CWE-122 CVE-2025-21252: Windows Telephony Service Remote Code Execution Vulnerability Windows Telephony Service Remote Code Execution Vulnerability

nvd

CVE-2025-21266HIGHCVSS 8.8fixed in 10.0.14393.7699≥ 10.0.14393.0, < 10.0.14393.76992025-01-14

CVE-2025-21266 [HIGH] CWE-122 CVE-2025-21266: Windows Telephony Service Remote Code Execution Vulnerability Windows Telephony Service Remote Code Execution Vulnerability

nvd

CVE-2025-21230HIGHCVSS 7.5fixed in 10.0.14393.7699≥ 10.0.14393.0, < 10.0.14393.76992025-01-14

CVE-2025-21230 [HIGH] CWE-20 CVE-2025-21230: Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability

nvd

CVE-2025-21296HIGHCVSS 7.5≥ 10.0.14393.0, < 10.0.14393.76992025-01-14

CVE-2025-21296 [HIGH] CWE-416 BranchCache Remote Code Execution Vulnerability BranchCache Remote Code Execution Vulnerability BranchCache Remote Code Execution Vulnerability

cvelistv5

CVE-2025-21276HIGHCVSS 7.5fixed in 10.0.14393.7699≥ 10.0.14393.0, < 10.0.14393.76992025-01-14

CVE-2025-21276 [HIGH] CWE-191 CVE-2025-21276: Windows MapUrlToZone Denial of Service Vulnerability Windows MapUrlToZone Denial of Service Vulnerability

nvd

CVE-2025-21297HIGHCVSS 8.1fixed in 10.0.14393.7699≥ 10.0.14393.0, < 10.0.14393.76992025-01-14

CVE-2025-21297 [HIGH] CWE-416 CVE-2025-21297: Windows Remote Desktop Services Remote Code Execution Vulnerability Windows Remote Desktop Services Remote Code Execution Vulnerability

nvd

CVE-2025-21277HIGHCVSS 7.5fixed in 10.0.14393.7699≥ 10.0.14393.0, < 10.0.14393.76992025-01-14

CVE-2025-21277 [HIGH] CWE-126 CVE-2025-21277: Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability

nvd

CVE-2025-21240HIGHCVSS 8.8fixed in 10.0.14393.7699≥ 10.0.14393.0, < 10.0.14393.76992025-01-14

CVE-2025-21240 [HIGH] CWE-122 CVE-2025-21240: Windows Telephony Service Remote Code Execution Vulnerability Windows Telephony Service Remote Code Execution Vulnerability

nvd

CVE-2025-21411HIGHCVSS 8.8fixed in 10.0.14393.7699≥ 10.0.14393.0, < 10.0.14393.76992025-01-14

CVE-2025-21411 [HIGH] CWE-122 CVE-2025-21411: Windows Telephony Service Remote Code Execution Vulnerability Windows Telephony Service Remote Code Execution Vulnerability

nvd

CVE-2025-21237HIGHCVSS 8.8fixed in 10.0.14393.7699≥ 10.0.14393.0, < 10.0.14393.76992025-01-14

CVE-2025-21237 [HIGH] CWE-122 CVE-2025-21237: Windows Telephony Service Remote Code Execution Vulnerability Windows Telephony Service Remote Code Execution Vulnerability

nvd

CVE-2025-21273HIGHCVSS 8.8fixed in 10.0.14393.7699≥ 10.0.14393.0, < 10.0.14393.76992025-01-14

CVE-2025-21273 [HIGH] CWE-122 CVE-2025-21273: Windows Telephony Service Remote Code Execution Vulnerability Windows Telephony Service Remote Code Execution Vulnerability

nvd

CVE-2025-21241HIGHCVSS 8.8fixed in 10.0.14393.7699≥ 10.0.14393.0, < 10.0.14393.76992025-01-14

CVE-2025-21241 [HIGH] CWE-122 CVE-2025-21241: Windows Telephony Service Remote Code Execution Vulnerability Windows Telephony Service Remote Code Execution Vulnerability

nvd

CVE-2025-21251HIGHCVSS 7.5fixed in 10.0.14393.7699≥ 10.0.14393.0, < 10.0.14393.76992025-01-14

CVE-2025-21251 [HIGH] CWE-400 CVE-2025-21251: Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability

nvd

CVE-2025-21299HIGHCVSS 7.8fixed in 10.0.14393.7699≥ 10.0.14393.0, < 10.0.14393.76992025-01-14

CVE-2025-21299 [HIGH] CWE-922 CVE-2025-21299: Windows Kerberos Security Feature Bypass Vulnerability Windows Kerberos Security Feature Bypass Vulnerability

nvd

← Previous36 / 209Next →