Microsoft Windows Server 2019 vulnerabilities
3,499 known vulnerabilities affecting microsoft/windows_server_2019.
Total CVEs
3,499
CISA KEV
124
actively exploited
Public exploits
70
Exploited in wild
111
Severity breakdown
CRITICAL104HIGH2454MEDIUM928LOW13
Vulnerabilities
Page 154 of 175
CVE-2021-1669HIGHCVSS 8.8≥ 10.0.0, < publication2021-01-12
CVE-2021-1669 [HIGH] CVE-2021-1669: Windows Remote Desktop Security Feature Bypass Vulnerability
Windows Remote Desktop Security Feature Bypass Vulnerability
nvd
CVE-2021-1655HIGHCVSS 7.8≥ 10.0.0, < publication2021-01-12
CVE-2021-1655 [HIGH] CWE-269 CVE-2021-1655: Windows CSC Service Elevation of Privilege Vulnerability
Windows CSC Service Elevation of Privilege Vulnerability
nvd
CVE-2021-1637MEDIUMCVSS 5.5≥ 10.0.0, < publication2021-01-12
CVE-2021-1637 [MEDIUM] CVE-2021-1637: Windows DNS Query Information Disclosure Vulnerability
Windows DNS Query Information Disclosure Vulnerability
nvd
CVE-2021-1684MEDIUMCVSS 5.5≥ 10.0.0, < publication2021-01-12
CVE-2021-1684 [MEDIUM] CVE-2021-1684: Microsoft is aware of the "Impersonation in the Passkey Entry Protocol" vulnerability. For
Microsoft is aware of the "Impersonation in the Passkey Entry Protocol" vulnerability. For more information regarding the vulnerability, please see this statement from the Bluetooth SIG.
To address the vulnerability, Microsoft has released a software update that will fail attempts to pair if the remote device exchanges a public key with the same X coordinate
nvd
CVE-2021-1679MEDIUMCVSS 6.5≥ 10.0.0, < publication2021-01-12
CVE-2021-1679 [MEDIUM] Windows CryptoAPI Denial of Service Vulnerability
Windows CryptoAPI Denial of Service Vulnerability
Windows CryptoAPI Denial of Service Vulnerability
cvelistv5
CVE-2021-1683MEDIUMCVSS 5.5≥ 10.0.0, < publication2021-01-12
CVE-2021-1683 [MEDIUM] CVE-2021-1683: Microsoft is aware of the "Impersonation in the Passkey Entry Protocol" vulnerability. For
Microsoft is aware of the "Impersonation in the Passkey Entry Protocol" vulnerability. For more information regarding the vulnerability, please see this statement from the Bluetooth SIG.
To address the vulnerability, Microsoft has released a software update that will fail attempts to pair if the remote device exchanges a public key with the same X coordinate
nvd
CVE-2021-1656MEDIUMCVSS 5.5≥ 10.0.0, < publication2021-01-12
CVE-2021-1656 [MEDIUM] CVE-2021-1656: TPM Device Driver Information Disclosure Vulnerability
TPM Device Driver Information Disclosure Vulnerability
nvd
CVE-2021-1699MEDIUMCVSS 5.5≥ 10.0.0, < publication2021-01-12
CVE-2021-1699 [MEDIUM] CVE-2021-1699: Windows (modem.sys) Information Disclosure Vulnerability
Windows (modem.sys) Information Disclosure Vulnerability
nvd
CVE-2021-1645MEDIUMCVSS 5.5≥ 10.0.0, < publication2021-01-12
CVE-2021-1645 [MEDIUM] CVE-2021-1645: Windows Docker Information Disclosure Vulnerability
Windows Docker Information Disclosure Vulnerability
nvd
CVE-2021-1638MEDIUMCVSS 5.5≥ 10.0.0, < publication2021-01-12
CVE-2021-1638 [MEDIUM] CVE-2021-1638: Microsoft is aware of the "Impersonation in the Passkey Entry Protocol" vulnerability. For
Microsoft is aware of the "Impersonation in the Passkey Entry Protocol" vulnerability. For more information regarding the vulnerability, please see this statement from the Bluetooth SIG.
To address the vulnerability, Microsoft has released a software update that will fail attempts to pair if the remote device exchanges a public key with the same X coordinate
nvd
CVE-2021-1672MEDIUMCVSS 5.5≥ 10.0.0, < publication2021-01-12
CVE-2021-1672 [MEDIUM] CVE-2021-1672: Windows Projected File System FS Filter Driver Information Disclosure Vulnerability
Windows Projected File System FS Filter Driver Information Disclosure Vulnerability
nvd
CVE-2021-1708MEDIUMCVSS 5.7≥ 10.0.0, < publication2021-01-12
CVE-2021-1708 [MEDIUM] Windows GDI+ Information Disclosure Vulnerability
Windows GDI+ Information Disclosure Vulnerability
Windows GDI+ Information Disclosure Vulnerability
cvelistv5
CVE-2021-1696MEDIUMCVSS 5.5≥ 10.0.0, < publication2021-01-12
CVE-2021-1696 [MEDIUM] CVE-2021-1696: Windows Graphics Component Information Disclosure Vulnerability
Windows Graphics Component Information Disclosure Vulnerability
nvd
CVE-2021-1676MEDIUMCVSS 5.5≥ 10.0.0, < publication2021-01-12
CVE-2021-1676 [MEDIUM] CVE-2021-1676: Windows NT Lan Manager Datagram Receiver Driver Information Disclosure Vulnerability
Windows NT Lan Manager Datagram Receiver Driver Information Disclosure Vulnerability
nvd
CVE-2020-17095CRITICALCVSS 9.9≥ 10.0.17763.0, < publication2020-12-10
CVE-2020-17095 [CRITICAL] CVE-2020-17095: Windows Hyper-V Remote Code Execution Vulnerability
Windows Hyper-V Remote Code Execution Vulnerability
nvd
CVE-2020-17103HIGHCVSS 7.8≥ 10.0.17763.0, < publication2020-12-10
CVE-2020-17103 [HIGH] CVE-2020-17103: Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
nvd
CVE-2020-17092HIGHCVSS 7.8≥ 10.0.17763.0, < publication2020-12-10
CVE-2020-17092 [HIGH] CVE-2020-17092: Windows Network Connections Service Elevation of Privilege Vulnerability
Windows Network Connections Service Elevation of Privilege Vulnerability
nvd
CVE-2020-17139HIGHCVSS 7.8≥ 10.0.17763.0, < publication2020-12-10
CVE-2020-17139 [HIGH] CVE-2020-17139: Windows Overlay Filter Security Feature Bypass Vulnerability
Windows Overlay Filter Security Feature Bypass Vulnerability
nvd
CVE-2020-16963HIGHCVSS 7.8≥ 10.0.17763.0, < publication2020-12-10
CVE-2020-16963 [HIGH] CVE-2020-16963: Windows Backup Engine Elevation of Privilege Vulnerability
Windows Backup Engine Elevation of Privilege Vulnerability
nvd
CVE-2020-16962HIGHCVSS 7.8≥ 10.0.17763.0, < publication2020-12-10
CVE-2020-16962 [HIGH] CVE-2020-16962: Windows Backup Engine Elevation of Privilege Vulnerability
Windows Backup Engine Elevation of Privilege Vulnerability
nvd