Microsoft Windows Server 2019 vulnerabilities

3,499 known vulnerabilities affecting microsoft/windows_server_2019.

Total CVEs

3,499

CISA KEV

123

actively exploited

Public exploits

Exploited in wild

111

Severity breakdown

CRITICAL104HIGH2454MEDIUM928LOW13

Vulnerabilities

Page 77 of 175

CVE-2023-36004HIGHCVSS 7.5≥ 10.0.17763.0, < 10.0.17763.52062023-12-12

CVE-2023-36004 [HIGH] CWE-287 CVE-2023-36004: Windows DPAPI (Data Protection Application Programming Interface) Spoofing Vulnerability Windows DPAPI (Data Protection Application Programming Interface) Spoofing Vulnerability

nvd

CVE-2023-35622HIGHCVSS 7.5≥ 10.0.17763.0, < 10.0.17763.52062023-12-12

CVE-2023-35622 [HIGH] Windows DNS Spoofing Vulnerability Windows DNS Spoofing Vulnerability Windows DNS Spoofing Vulnerability

cvelistv5

CVE-2023-36012MEDIUMCVSS 5.3≥ 10.0.17763.0, < 10.0.17763.52062023-12-12

CVE-2023-36012 [MEDIUM] CWE-908 CVE-2023-36012: DHCP Server Service Information Disclosure Vulnerability DHCP Server Service Information Disclosure Vulnerability

nvd

CVE-2023-35642MEDIUMCVSS 6.5≥ 10.0.17763.0, < 10.0.17763.52062023-12-12

CVE-2023-35642 [MEDIUM] CWE-682 CVE-2023-35642: Internet Connection Sharing (ICS) Denial of Service Vulnerability Internet Connection Sharing (ICS) Denial of Service Vulnerability

nvd

CVE-2023-24023MEDIUMCVSS 6.8fixed in 10.0.17763.51222023-11-28

CVE-2023-24023 [MEDIUM] CVE-2023-24023: Bluetooth BR/EDR devices with Secure Simple Pairing and Secure Connections pairing in Bluetooth Core Bluetooth BR/EDR devices with Secure Simple Pairing and Secure Connections pairing in Bluetooth Core Specification 4.2 through 5.4 allow certain man-in-the-middle attacks that force a short key length, and might lead to discovery of the encryption key and live injection, aka BLUFFS.

nvd

CVE-2023-36028CRITICALCVSS 9.8≥ 10.0.17763.0, < 10.0.17763.51222023-11-14

CVE-2023-36028 [CRITICAL] CWE-122 CVE-2023-36028: Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability

nvd

CVE-2023-36397CRITICALCVSS 9.8≥ 10.0.17763.0, < 10.0.17763.51222023-11-14

CVE-2023-36397 [CRITICAL] CWE-126 CVE-2023-36397: Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability

nvd

CVE-2023-36401HIGHCVSS 7.2≥ 10.0.17763.0, < 10.0.17763.51222023-11-14

CVE-2023-36401 [HIGH] CWE-190 CVE-2023-36401: Microsoft Remote Registry Service Remote Code Execution Vulnerability Microsoft Remote Registry Service Remote Code Execution Vulnerability

nvd

CVE-2023-36405HIGHCVSS 7.0≥ 10.0.17763.0, < 10.0.17763.51222023-11-14

CVE-2023-36405 [HIGH] CWE-362 CVE-2023-36405: Windows Kernel Elevation of Privilege Vulnerability Windows Kernel Elevation of Privilege Vulnerability

nvd

CVE-2023-36394HIGHCVSS 7.0≥ 10.0.17763.0, < 10.0.17763.51222023-11-14

CVE-2023-36394 [HIGH] CWE-59 CVE-2023-36394: Windows Search Service Elevation of Privilege Vulnerability Windows Search Service Elevation of Privilege Vulnerability

nvd

CVE-2023-36705HIGHCVSS 7.8≥ 10.0.17763.0, < 10.0.17763.51222023-11-14

CVE-2023-36705 [HIGH] CWE-59 CVE-2023-36705: Windows Installer Elevation of Privilege Vulnerability Windows Installer Elevation of Privilege Vulnerability

nvd

CVE-2023-36427HIGHCVSS 7.0≥ 10.0.17763.0, < 10.0.17763.51222023-11-14

CVE-2023-36427 [HIGH] CVE-2023-36427: Windows Hyper-V Elevation of Privilege Vulnerability Windows Hyper-V Elevation of Privilege Vulnerability

nvd

CVE-2023-36025HIGHCVSS 8.8KEVfixed in 10.0.17763.5122≥ 10.0.17763.0, < 10.0.17763.51222023-11-14

CVE-2023-36025 [HIGH] CVE-2023-36025: Windows SmartScreen Security Feature Bypass Vulnerability Windows SmartScreen Security Feature Bypass Vulnerability

nvd

CVE-2023-36395HIGHCVSS 7.5≥ 10.0.17763.0, < 10.0.17763.51222023-11-14

CVE-2023-36395 [HIGH] CWE-190 CVE-2023-36395: Windows Deployment Services Denial of Service Vulnerability Windows Deployment Services Denial of Service Vulnerability

nvd

CVE-2023-36393HIGHCVSS 7.8≥ 10.0.17763.0, < 10.0.17763.51222023-11-14

CVE-2023-36393 [HIGH] CWE-426 CVE-2023-36393: Windows User Interface Application Core Remote Code Execution Vulnerability Windows User Interface Application Core Remote Code Execution Vulnerability

nvd

CVE-2023-36392HIGHCVSS 7.5≥ 10.0.17763.0, < 10.0.17763.51222023-11-14

CVE-2023-36392 [HIGH] CWE-126 CVE-2023-36392: DHCP Server Service Denial of Service Vulnerability DHCP Server Service Denial of Service Vulnerability

nvd

CVE-2023-36719HIGHCVSS 7.8≥ 10.0.17763.0, < 10.0.17763.51222023-11-14

CVE-2023-36719 [HIGH] CWE-20 CVE-2023-36719: Microsoft Speech Application Programming Interface (SAPI) Elevation of Privilege Vulnerability Microsoft Speech Application Programming Interface (SAPI) Elevation of Privilege Vulnerability

nvd

CVE-2023-36403HIGHCVSS 7.0≥ 10.0.17763.0, < 10.0.17763.51222023-11-14

CVE-2023-36403 [HIGH] CWE-591 CVE-2023-36403: Windows Kernel Elevation of Privilege Vulnerability Windows Kernel Elevation of Privilege Vulnerability

nvd

CVE-2023-36033HIGHCVSS 7.8KEVfixed in 10.0.17763.5122≥ 10.0.17763.0, < 10.0.17763.51222023-11-14

CVE-2023-36033 [HIGH] CWE-822 CVE-2023-36033: Windows DWM Core Library Elevation of Privilege Vulnerability Windows DWM Core Library Elevation of Privilege Vulnerability

nvd

CVE-2023-36425HIGHCVSS 8.0≥ 10.0.17763.0, < 10.0.17763.51222023-11-14

CVE-2023-36425 [HIGH] CWE-122 CVE-2023-36425: Windows Distributed File System (DFS) Remote Code Execution Vulnerability Windows Distributed File System (DFS) Remote Code Execution Vulnerability

nvd

← Previous77 / 175Next →