Microsoft Windows Server 2019 vulnerabilities
3,499 known vulnerabilities affecting microsoft/windows_server_2019.
Total CVEs
3,499
CISA KEV
123
actively exploited
Public exploits
67
Exploited in wild
111
Severity breakdown
CRITICAL104HIGH2454MEDIUM928LOW13
Vulnerabilities
Page 78 of 175
CVE-2023-36036HIGHCVSS 7.8KEVfixed in 10.0.17763.5122≥ 10.0.17763.0, < 10.0.17763.51222023-11-14
CVE-2023-36036 [HIGH] CWE-122 CVE-2023-36036: Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
nvd
CVE-2023-36423HIGHCVSS 8.8≥ 10.0.17763.0, < 10.0.17763.51222023-11-14
CVE-2023-36423 [HIGH] CWE-122 CVE-2023-36423: Microsoft Remote Registry Service Remote Code Execution Vulnerability
Microsoft Remote Registry Service Remote Code Execution Vulnerability
nvd
CVE-2023-36400HIGHCVSS 8.8≥ 10.0.17763.0, < 10.0.17763.51222023-11-14
CVE-2023-36400 [HIGH] CWE-122 CVE-2023-36400: Windows HMAC Key Derivation Elevation of Privilege Vulnerability
Windows HMAC Key Derivation Elevation of Privilege Vulnerability
nvd
CVE-2023-36017HIGHCVSS 8.8≥ 10.0.17763.0, < 10.0.17763.51222023-11-14
CVE-2023-36017 [HIGH] CWE-843 CVE-2023-36017: Windows Scripting Engine Memory Corruption Vulnerability
Windows Scripting Engine Memory Corruption Vulnerability
nvd
CVE-2023-36402HIGHCVSS 8.8≥ 10.0.17763.0, < 10.0.17763.51222023-11-14
CVE-2023-36402 [HIGH] CWE-122 CVE-2023-36402: Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
nvd
CVE-2023-36047HIGHCVSS 7.8≥ 10.0.17763.0, < 10.0.17763.51222023-11-14
CVE-2023-36047 [HIGH] CWE-59 CVE-2023-36047: Windows Authentication Elevation of Privilege Vulnerability
Windows Authentication Elevation of Privilege Vulnerability
nvd
CVE-2023-36424HIGHCVSS 7.8KEV≥ 10.0.17763.0, < 10.0.17763.51222023-11-14
CVE-2023-36424 [HIGH] CWE-125 CVE-2023-36424: Windows Common Log File System Driver Elevation of Privilege Vulnerability
Windows Common Log File System Driver Elevation of Privilege Vulnerability
nvd
CVE-2023-36408HIGHCVSS 7.8≥ 10.0.17763.0, < 10.0.17763.51222023-11-14
CVE-2023-36408 [HIGH] CWE-122 CVE-2023-36408: Windows Hyper-V Elevation of Privilege Vulnerability
Windows Hyper-V Elevation of Privilege Vulnerability
nvd
CVE-2023-36404MEDIUMCVSS 5.5≥ 10.0.17763.0, < 10.0.17763.51222023-11-14
CVE-2023-36404 [MEDIUM] CWE-284 CVE-2023-36404: Windows Kernel Information Disclosure Vulnerability
Windows Kernel Information Disclosure Vulnerability
nvd
CVE-2023-36428MEDIUMCVSS 5.5≥ 10.0.17763.0, < 10.0.17763.51222023-11-14
CVE-2023-36428 [MEDIUM] CWE-125 CVE-2023-36428: Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability
Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability
nvd
CVE-2023-36398MEDIUMCVSS 6.5≥ 10.0.17763.0, < 10.0.17763.51222023-11-14
CVE-2023-36398 [MEDIUM] CWE-908 Windows NTFS Information Disclosure Vulnerability
Windows NTFS Information Disclosure Vulnerability
Windows NTFS Information Disclosure Vulnerability
cvelistv5
CVE-2023-38545CRITICALCVSS 9.8fixed in 10.0.17763.51222023-10-18
CVE-2023-38545 [CRITICAL] CWE-787 CVE-2023-38545: This flaw makes curl overflow a heap based buffer in the SOCKS5 proxy
handshake.
When curl is asked
This flaw makes curl overflow a heap based buffer in the SOCKS5 proxy
handshake.
When curl is asked to pass along the host name to the SOCKS5 proxy to allow
that to resolve the address instead of it getting done by curl itself, the
maximum length that host name can be is 255 bytes.
If the host name is detected to be longer, curl switches to loca
nvd
CVE-2023-35349CRITICALCVSS 9.8≥ 10.0.17763.0, < 10.0.17763.49742023-10-10
CVE-2023-35349 [CRITICAL] CWE-20 CVE-2023-35349: Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
nvd
CVE-2023-36434CRITICALCVSS 9.8≥ 10.0.17763.0, < 10.0.17763.49742023-10-10
CVE-2023-36434 [CRITICAL] CWE-307 CVE-2023-36434: Windows IIS Server Elevation of Privilege Vulnerability
Windows IIS Server Elevation of Privilege Vulnerability
nvd
CVE-2023-36743HIGHCVSS 7.8≥ 10.0.17763.0, < 10.0.17763.49742023-10-10
CVE-2023-36743 [HIGH] CWE-416 Win32k Elevation of Privilege Vulnerability
Win32k Elevation of Privilege Vulnerability
Win32k Elevation of Privilege Vulnerability
cvelistv5
CVE-2023-36592HIGHCVSS 7.3≥ 10.0.17763.0, < 10.0.17763.49742023-10-10
CVE-2023-36592 [HIGH] CWE-94 CVE-2023-36592: Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
nvd
CVE-2023-36431HIGHCVSS 7.5≥ 10.0.17763.0, < 10.0.17763.49742023-10-10
CVE-2023-36431 [HIGH] CWE-400 CVE-2023-36431: Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
nvd
CVE-2023-36593HIGHCVSS 7.3≥ 10.0.17763.0, < 10.0.17763.49742023-10-10
CVE-2023-36593 [HIGH] CWE-190 CVE-2023-36593: Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
nvd
CVE-2023-36579HIGHCVSS 7.5≥ 10.0.17763.0, < 10.0.17763.49742023-10-10
CVE-2023-36579 [HIGH] CWE-400 CVE-2023-36579: Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
nvd
CVE-2023-36606HIGHCVSS 7.5≥ 10.0.17763.0, < 10.0.17763.49742023-10-10
CVE-2023-36606 [HIGH] CWE-400 CVE-2023-36606: Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
nvd