Microsoft Windows Server 2016 vulnerabilities

4,167 known vulnerabilities affecting microsoft/windows_server_2016.

Total CVEs

4,167

CISA KEV

114

actively exploited

Public exploits

129

Exploited in wild

107

Severity breakdown

CRITICAL114HIGH2916MEDIUM1118LOW19

Vulnerabilities

Page 38 of 209

CVE-2025-21214MEDIUMCVSS 4.2fixed in 10.0.14393.7699≥ 10.0.14393.0, < 10.0.14393.76992025-01-14

CVE-2025-21214 [MEDIUM] CWE-200 CVE-2025-21214: Windows BitLocker Information Disclosure Vulnerability Windows BitLocker Information Disclosure Vulnerability

nvd

CVE-2025-21193MEDIUMCVSS 6.5fixed in 10.0.14393.7699≥ 10.0.14393.0, < 10.0.14393.76992025-01-14

CVE-2025-21193 [MEDIUM] CWE-352 CVE-2025-21193: Active Directory Federation Server Spoofing Vulnerability Active Directory Federation Server Spoofing Vulnerability

nvd

CVE-2025-21341MEDIUMCVSS 6.6fixed in 10.0.14393.7699≥ 10.0.14393.0, < 10.0.14393.76992025-01-14

CVE-2025-21341 [MEDIUM] CWE-125 CVE-2025-21341: Windows Digital Media Elevation of Privilege Vulnerability Windows Digital Media Elevation of Privilege Vulnerability

nvd

CVE-2025-21189MEDIUMCVSS 4.3fixed in 10.0.14393.7699≥ 10.0.14393.0, < 10.0.14393.76992025-01-14

CVE-2025-21189 [MEDIUM] CWE-41 CVE-2025-21189: MapUrlToZone Security Feature Bypass Vulnerability MapUrlToZone Security Feature Bypass Vulnerability

nvd

CVE-2025-21328MEDIUMCVSS 4.3fixed in 10.0.14393.7699≥ 10.0.14393.0, < 10.0.14393.76992025-01-14

CVE-2025-21328 [MEDIUM] CWE-41 CVE-2025-21328: MapUrlToZone Security Feature Bypass Vulnerability MapUrlToZone Security Feature Bypass Vulnerability

nvd

CVE-2025-21260MEDIUMCVSS 6.6fixed in 10.0.14393.7699≥ 10.0.14393.0, < 10.0.14393.76992025-01-14

CVE-2025-21260 [MEDIUM] CWE-125 CVE-2025-21260: Windows Digital Media Elevation of Privilege Vulnerability Windows Digital Media Elevation of Privilege Vulnerability

nvd

CVE-2025-21256MEDIUMCVSS 6.6fixed in 10.0.14393.7699≥ 10.0.14393.0, < 10.0.14393.76992025-01-14

CVE-2025-21256 [MEDIUM] CWE-122 CVE-2025-21256: Windows Digital Media Elevation of Privilege Vulnerability Windows Digital Media Elevation of Privilege Vulnerability

nvd

CVE-2025-21202MEDIUMCVSS 6.1fixed in 10.0.14393.7699≥ 10.0.14393.0, < 10.0.14393.76992025-01-14

CVE-2025-21202 [MEDIUM] CWE-284 CVE-2025-21202: Windows Recovery Environment Agent Elevation of Privilege Vulnerability Windows Recovery Environment Agent Elevation of Privilege Vulnerability

nvd

CVE-2025-21321MEDIUMCVSS 5.5fixed in 10.0.14393.7699≥ 10.0.14393.0, < 10.0.14393.76992025-01-14

CVE-2025-21321 [MEDIUM] CWE-532 CVE-2025-21321: Windows Kernel Memory Information Disclosure Vulnerability Windows Kernel Memory Information Disclosure Vulnerability

nvd

CVE-2025-21249MEDIUMCVSS 6.6fixed in 10.0.14393.7699≥ 10.0.14393.0, < 10.0.14393.76992025-01-14

CVE-2025-21249 [MEDIUM] CWE-125 CVE-2025-21249: Windows Digital Media Elevation of Privilege Vulnerability Windows Digital Media Elevation of Privilege Vulnerability

nvd

CVE-2025-21263MEDIUMCVSS 6.6fixed in 10.0.14393.7699≥ 10.0.14393.0, < 10.0.14393.76992025-01-14

CVE-2025-21263 [MEDIUM] CWE-125 CVE-2025-21263: Windows Digital Media Elevation of Privilege Vulnerability Windows Digital Media Elevation of Privilege Vulnerability

nvd

CVE-2025-21301MEDIUMCVSS 6.5fixed in 10.0.14393.7699≥ 10.0.14393.0, < 10.0.14393.76992025-01-14

CVE-2025-21301 [MEDIUM] CWE-284 CVE-2025-21301: Windows Geolocation Service Information Disclosure Vulnerability Windows Geolocation Service Information Disclosure Vulnerability

nvd

CVE-2025-21274MEDIUMCVSS 5.5fixed in 10.0.14393.7699≥ 10.0.14393.0, < 10.0.14393.76992025-01-14

CVE-2025-21274 [MEDIUM] CWE-59 CVE-2025-21274: Windows Event Tracing Denial of Service Vulnerability Windows Event Tracing Denial of Service Vulnerability

nvd

CVE-2025-21284MEDIUMCVSS 5.5fixed in 10.0.14393.7699≥ 10.0.14393.0, < 10.0.14393.76992025-01-14

CVE-2025-21284 [MEDIUM] CWE-20 CVE-2025-21284: Windows Virtual Trusted Platform Module Denial of Service Vulnerability Windows Virtual Trusted Platform Module Denial of Service Vulnerability

nvd

CVE-2025-21374MEDIUMCVSS 5.5fixed in 10.0.14393.7699≥ 10.0.14393.0, < 10.0.14393.76992025-01-14

CVE-2025-21374 [MEDIUM] CWE-125 CVE-2025-21374: Windows CSC Service Information Disclosure Vulnerability Windows CSC Service Information Disclosure Vulnerability

nvd

CVE-2025-21320MEDIUMCVSS 5.5fixed in 10.0.14393.7699≥ 10.0.14393.0, < 10.0.14393.76992025-01-14

CVE-2025-21320 [MEDIUM] CWE-532 CVE-2025-21320: Windows Kernel Memory Information Disclosure Vulnerability Windows Kernel Memory Information Disclosure Vulnerability

nvd

CVE-2025-21228MEDIUMCVSS 6.6fixed in 10.0.14393.7699≥ 10.0.14393.0, < 10.0.14393.76992025-01-14

CVE-2025-21228 [MEDIUM] CWE-125 CVE-2025-21228: Windows Digital Media Elevation of Privilege Vulnerability Windows Digital Media Elevation of Privilege Vulnerability

nvd

CVE-2025-21280MEDIUMCVSS 5.5fixed in 10.0.14393.7699≥ 10.0.14393.0, < 10.0.14393.76992025-01-14

CVE-2025-21280 [MEDIUM] CWE-20 CVE-2025-21280: Windows Virtual Trusted Platform Module Denial of Service Vulnerability Windows Virtual Trusted Platform Module Denial of Service Vulnerability

nvd

CVE-2025-21314MEDIUMCVSS 6.5≥ 10.0.14393.0, < 10.0.14393.76992025-01-14

CVE-2025-21314 [MEDIUM] CWE-451 Windows SmartScreen Spoofing Vulnerability Windows SmartScreen Spoofing Vulnerability Windows SmartScreen Spoofing Vulnerability

cvelistv5

CVE-2025-21213MEDIUMCVSS 4.6≥ 10.0.14393.0, < 10.0.14393.76992025-01-14

CVE-2025-21213 [MEDIUM] CWE-284 Secure Boot Security Feature Bypass Vulnerability Secure Boot Security Feature Bypass Vulnerability Secure Boot Security Feature Bypass Vulnerability

cvelistv5

← Previous38 / 209Next →