Microsoft Windows Server 2016 vulnerabilities

4,167 known vulnerabilities affecting microsoft/windows_server_2016.

Total CVEs

4,167

CISA KEV

114

actively exploited

Public exploits

129

Exploited in wild

107

Severity breakdown

CRITICAL114HIGH2916MEDIUM1118LOW19

Vulnerabilities

Page 65 of 209

CVE-2024-20694MEDIUMCVSS 5.5fixed in 10.0.14393.6614≥ 10.0.14393.0, < 10.0.14393.66142024-01-09

CVE-2024-20694 [MEDIUM] CWE-908 CVE-2024-20694: Windows CoreMessaging Information Disclosure Vulnerability Windows CoreMessaging Information Disclosure Vulnerability

nvd

CVE-2024-20660MEDIUMCVSS 6.5≥ 10.0.14393.0, < 10.0.14393.66142024-01-09

CVE-2024-20660 [MEDIUM] CWE-125 CVE-2024-20660: Microsoft Message Queuing Information Disclosure Vulnerability Microsoft Message Queuing Information Disclosure Vulnerability

nvd

CVE-2024-20663MEDIUMCVSS 6.5≥ 10.0.14393.0, < 10.0.14393.66142024-01-09

CVE-2024-20663 [MEDIUM] CWE-822 CVE-2024-20663: Windows Message Queuing Client (MSMQC) Information Disclosure Windows Message Queuing Client (MSMQC) Information Disclosure

nvd

CVE-2024-21313MEDIUMCVSS 5.3fixed in 10.0.14393.6614≥ 10.0.14393.0, < 10.0.14393.66142024-01-09

CVE-2024-21313 [MEDIUM] CWE-209 CVE-2024-21313: Windows TCP/IP Information Disclosure Vulnerability Windows TCP/IP Information Disclosure Vulnerability

nvd

CVE-2024-20680MEDIUMCVSS 6.5≥ 10.0.14393.0, < 10.0.14393.66142024-01-09

CVE-2024-20680 [MEDIUM] CWE-822 CVE-2024-20680: Windows Message Queuing Client (MSMQC) Information Disclosure Windows Message Queuing Client (MSMQC) Information Disclosure

nvd

CVE-2024-21311MEDIUMCVSS 5.5fixed in 10.0.14393.6614≥ 10.0.14393.0, < 10.0.14393.66142024-01-09

CVE-2024-21311 [MEDIUM] CWE-125 CVE-2024-21311: Windows Cryptographic Services Information Disclosure Vulnerability Windows Cryptographic Services Information Disclosure Vulnerability

nvd

CVE-2024-20662MEDIUMCVSS 4.9≥ 10.0.14393.0, < 10.0.14393.66142024-01-09

CVE-2024-20662 [MEDIUM] CWE-843 CVE-2024-20662: Windows Online Certificate Status Protocol (OCSP) Information Disclosure Vulnerability Windows Online Certificate Status Protocol (OCSP) Information Disclosure Vulnerability

nvd

CVE-2023-35641HIGHCVSS 8.8≥ 10.0.14393.0, < 10.0.14393.65292023-12-12

CVE-2023-35641 [HIGH] CWE-682 CVE-2023-35641: Internet Connection Sharing (ICS) Remote Code Execution Vulnerability Internet Connection Sharing (ICS) Remote Code Execution Vulnerability

nvd

CVE-2023-35632HIGHCVSS 7.8≥ 10.0.14393.0, < 10.0.14393.65292023-12-12

CVE-2023-35632 [HIGH] CWE-190 CVE-2023-35632: Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

nvd

CVE-2023-35628HIGHCVSS 8.1≥ 10.0.14393.0, < 10.0.14393.65292023-12-12

CVE-2023-35628 [HIGH] CWE-416 CVE-2023-35628: Windows MSHTML Platform Remote Code Execution Vulnerability Windows MSHTML Platform Remote Code Execution Vulnerability

nvd

CVE-2023-35643HIGHCVSS 7.5≥ 10.0.14393.0, < 10.0.14393.65292023-12-12

CVE-2023-35643 [HIGH] CWE-126 CVE-2023-35643: DHCP Server Service Information Disclosure Vulnerability DHCP Server Service Information Disclosure Vulnerability

nvd

CVE-2023-36011HIGHCVSS 7.8≥ 10.0.14393.0, < 10.0.14393.65292023-12-12

CVE-2023-36011 [HIGH] CWE-822 Win32k Elevation of Privilege Vulnerability Win32k Elevation of Privilege Vulnerability Win32k Elevation of Privilege Vulnerability

cvelistv5

CVE-2023-35630HIGHCVSS 8.8≥ 10.0.14393.0, < 10.0.14393.65292023-12-12

CVE-2023-35630 [HIGH] CWE-122 CVE-2023-35630: Internet Connection Sharing (ICS) Remote Code Execution Vulnerability Internet Connection Sharing (ICS) Remote Code Execution Vulnerability

nvd

CVE-2023-36006HIGHCVSS 8.8≥ 10.0.14393.0, < 10.0.14393.65292023-12-12

CVE-2023-36006 [HIGH] CWE-121 CVE-2023-36006: Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability

nvd

CVE-2023-35639HIGHCVSS 8.8≥ 10.0.14393.0, < 10.0.14393.65292023-12-12

CVE-2023-35639 [HIGH] CWE-122 CVE-2023-35639: Microsoft ODBC Driver Remote Code Execution Vulnerability Microsoft ODBC Driver Remote Code Execution Vulnerability

nvd

CVE-2023-35638HIGHCVSS 7.5≥ 10.0.14393.0, < 10.0.14393.65292023-12-12

CVE-2023-35638 [HIGH] CWE-126 CVE-2023-35638: DHCP Server Service Denial of Service Vulnerability DHCP Server Service Denial of Service Vulnerability

nvd

CVE-2023-21740HIGHCVSS 7.8≥ 10.0.14393.0, < 10.0.14393.65292023-12-12

CVE-2023-21740 [HIGH] CWE-122 Windows Media Remote Code Execution Vulnerability Windows Media Remote Code Execution Vulnerability Windows Media Remote Code Execution Vulnerability

cvelistv5

CVE-2023-36003HIGHCVSS 7.3≥ 10.0.14393.0, < 10.0.14393.65292023-12-12

CVE-2023-36003 [HIGH] CWE-426 CVE-2023-36003: XAML Diagnostics Elevation of Privilege Vulnerability XAML Diagnostics Elevation of Privilege Vulnerability

nvd

CVE-2023-36005HIGHCVSS 8.1≥ 10.0.14393.0, < 10.0.14393.65292023-12-12

CVE-2023-36005 [HIGH] CWE-591 CVE-2023-36005: Windows Telephony Server Elevation of Privilege Vulnerability Windows Telephony Server Elevation of Privilege Vulnerability

nvd

CVE-2023-36004HIGHCVSS 7.5≥ 10.0.14393.0, < 10.0.14393.65292023-12-12

CVE-2023-36004 [HIGH] CWE-287 CVE-2023-36004: Windows DPAPI (Data Protection Application Programming Interface) Spoofing Vulnerability Windows DPAPI (Data Protection Application Programming Interface) Spoofing Vulnerability

nvd

← Previous65 / 209Next →