Microsoft Windows Server 2019 vulnerabilities

3,499 known vulnerabilities affecting microsoft/windows_server_2019.

Total CVEs

3,499

CISA KEV

124

actively exploited

Public exploits

Exploited in wild

111

Severity breakdown

CRITICAL104HIGH2454MEDIUM928LOW13

Vulnerabilities

Page 138 of 175

CVE-2021-34535HIGHCVSS 8.8≥ 10.0.0, < 10.0.17763.21142021-08-12

CVE-2021-34535 [HIGH] CVE-2021-34535: Remote Desktop Client Remote Code Execution Vulnerability Remote Desktop Client Remote Code Execution Vulnerability

nvd

CVE-2021-26426HIGHCVSS 7.8≥ 10.0.0, < 10.0.17763.21142021-08-12

CVE-2021-26426 [HIGH] CWE-59 CVE-2021-26426: Windows User Account Profile Picture Elevation of Privilege Vulnerability Windows User Account Profile Picture Elevation of Privilege Vulnerability

nvd

CVE-2021-34484HIGHCVSS 7.8KEVPoCfixed in 10.0.17763.2114≥ 10.0.0, < 10.0.17763.21142021-08-12

CVE-2021-34484 [HIGH] CVE-2021-34484: Windows User Profile Service Elevation of Privilege Vulnerability Windows User Profile Service Elevation of Privilege Vulnerability

nvd

CVE-2021-34534HIGHCVSS 7.5≥ 10.0.0, < 10.0.17763.21142021-08-12

CVE-2021-34534 [HIGH] CVE-2021-34534: Windows MSHTML Platform Remote Code Execution Vulnerability Windows MSHTML Platform Remote Code Execution Vulnerability

nvd

CVE-2021-36937HIGHCVSS 7.8≥ 10.0.0, < 10.0.17763.21142021-08-12

CVE-2021-36937 [HIGH] CVE-2021-36937: Windows Media MPEG-4 Video Decoder Remote Code Execution Vulnerability Windows Media MPEG-4 Video Decoder Remote Code Execution Vulnerability

nvd

CVE-2021-34537HIGHCVSS 8.0≥ 10.0.0, < 10.0.17763.21142021-08-12

CVE-2021-34537 [HIGH] CWE-269 CVE-2021-34537: Windows Bluetooth Driver Elevation of Privilege Vulnerability Windows Bluetooth Driver Elevation of Privilege Vulnerability

nvd

CVE-2021-36942HIGHCVSS 7.5KEVPoC≥ 10.0.0, < 10.0.17763.21142021-08-12

CVE-2021-36942 [HIGH] Windows LSA Spoofing Vulnerability Windows LSA Spoofing Vulnerability Windows LSA Spoofing Vulnerability

cvelistv5

CVE-2021-34536HIGHCVSS 7.8≥ 10.0.0, < 10.0.17763.21142021-08-12

CVE-2021-34536 [HIGH] CWE-190 CVE-2021-34536: Storage Spaces Controller Elevation of Privilege Vulnerability Storage Spaces Controller Elevation of Privilege Vulnerability

nvd

CVE-2021-34486HIGHCVSS 7.8KEVfixed in 10.0.17763.2114≥ 10.0.0, < 10.0.17763.21142021-08-12

CVE-2021-34486 [HIGH] CWE-416 CVE-2021-34486: Windows Event Tracing Elevation of Privilege Vulnerability Windows Event Tracing Elevation of Privilege Vulnerability

nvd

CVE-2021-36948HIGHCVSS 7.8KEVfixed in 10.0.17763.2114≥ 10.0.0, < 10.0.17763.21142021-08-12

CVE-2021-36948 [HIGH] CVE-2021-36948: Windows Update Medic Service Elevation of Privilege Vulnerability Windows Update Medic Service Elevation of Privilege Vulnerability

nvd

CVE-2021-34483HIGHCVSS 7.8≥ 10.0.0, < 10.0.17763.21142021-08-12

CVE-2021-34483 [HIGH] CWE-269 CVE-2021-34483: Windows Print Spooler Elevation of Privilege Vulnerability Windows Print Spooler Elevation of Privilege Vulnerability

nvd

CVE-2021-36932HIGHCVSS 7.5≥ 10.0.0, < 10.0.17763.21142021-08-12

CVE-2021-36932 [HIGH] CVE-2021-36932: Windows Services for NFS ONCRPC XDR Driver Information Disclosure Vulnerability Windows Services for NFS ONCRPC XDR Driver Information Disclosure Vulnerability

nvd

CVE-2021-36958HIGHCVSS 7.8≥ 10.0.0, < 10.0.17763.21832021-08-12

CVE-2021-36958 [HIGH] CVE-2021-36958: <p>A remote code execution vulnerability exists when the Windows Print Spooler service improperly pe A remote code execution vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations. An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

nvd

CVE-2021-34487HIGHCVSS 7.8≥ 10.0.0, < 10.0.17763.21142021-08-12

CVE-2021-34487 [HIGH] CWE-269 CVE-2021-34487: Windows Event Tracing Elevation of Privilege Vulnerability Windows Event Tracing Elevation of Privilege Vulnerability

nvd

CVE-2021-26433HIGHCVSS 7.5≥ 10.0.0, < 10.0.17763.21142021-08-12

CVE-2021-26433 [HIGH] CVE-2021-26433: Windows Services for NFS ONCRPC XDR Driver Information Disclosure Vulnerability Windows Services for NFS ONCRPC XDR Driver Information Disclosure Vulnerability

nvd

CVE-2021-36938MEDIUMCVSS 5.5≥ 10.0.0, < 10.0.17763.21142021-08-12

CVE-2021-36938 [MEDIUM] CVE-2021-36938: Windows Cryptographic Primitives Library Information Disclosure Vulnerability Windows Cryptographic Primitives Library Information Disclosure Vulnerability

nvd

CVE-2021-34480MEDIUMCVSS 6.8≥ 10.0.0, < 10.0.17763.21142021-08-12

CVE-2021-34480 [MEDIUM] Scripting Engine Memory Corruption Vulnerability Scripting Engine Memory Corruption Vulnerability Scripting Engine Memory Corruption Vulnerability

cvelistv5

CVE-2021-34450CRITICALCVSS 9.9≥ 10.0.0, < 10.0.17763.20612021-07-16

CVE-2021-34450 [CRITICAL] CVE-2021-34450: Windows Hyper-V Remote Code Execution Vulnerability Windows Hyper-V Remote Code Execution Vulnerability

nvd

CVE-2021-34458CRITICALCVSS 9.9≥ 10.0.0, < 10.0.17763.20612021-07-16

CVE-2021-34458 [CRITICAL] CVE-2021-34458: Windows Kernel Remote Code Execution Vulnerability Windows Kernel Remote Code Execution Vulnerability

nvd

CVE-2021-34481CRITICALCVSS 9.8≥ 10.0.0, < 10.0.17763.21142021-07-16

CVE-2021-34481 [CRITICAL] CWE-269 CVE-2021-34481: <p>A remote code execution vulnerability exists when the Windows Print Spooler service improperly pe A remote code execution vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations. An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user r

nvd

← Previous138 / 175Next →