Microsoft Windows Server 2019 vulnerabilities

3,499 known vulnerabilities affecting microsoft/windows_server_2019.

Total CVEs

3,499

CISA KEV

123

actively exploited

Public exploits

Exploited in wild

111

Severity breakdown

CRITICAL104HIGH2454MEDIUM928LOW13

Vulnerabilities

Page 82 of 175

CVE-2023-36698MEDIUMCVSS 4.4≥ 10.0.17763.0, < 10.0.17763.49742023-10-10

CVE-2023-36698 [MEDIUM] CWE-362 CVE-2023-36698: Windows Kernel Security Feature Bypass Vulnerability Windows Kernel Security Feature Bypass Vulnerability

nvd

CVE-2023-36724MEDIUMCVSS 5.5≥ 10.0.17763.0, < 10.0.17763.49742023-10-10

CVE-2023-36724 [MEDIUM] CWE-287 CVE-2023-36724: Windows Power Management Service Information Disclosure Vulnerability Windows Power Management Service Information Disclosure Vulnerability

nvd

CVE-2023-36717MEDIUMCVSS 6.5≥ 10.0.17763.0, < 10.0.17763.49742023-10-10

CVE-2023-36717 [MEDIUM] CVE-2023-36717: Windows Virtual Trusted Platform Module Denial of Service Vulnerability Windows Virtual Trusted Platform Module Denial of Service Vulnerability

nvd

CVE-2023-36564MEDIUMCVSS 6.5≥ 10.0.17763.0, < 10.0.17763.49742023-10-10

CVE-2023-36564 [MEDIUM] CVE-2023-36564: Windows Search Security Feature Bypass Vulnerability Windows Search Security Feature Bypass Vulnerability

nvd

CVE-2023-36713MEDIUMCVSS 5.5≥ 10.0.17763.0, < 10.0.17763.49742023-10-10

CVE-2023-36713 [MEDIUM] CWE-908 CVE-2023-36713: Windows Common Log File System Driver Information Disclosure Vulnerability Windows Common Log File System Driver Information Disclosure Vulnerability

nvd

CVE-2023-36722MEDIUMCVSS 4.4≥ 10.0.17763.0, < 10.0.17763.49742023-10-10

CVE-2023-36722 [MEDIUM] CWE-284 CVE-2023-36722: Active Directory Domain Services Information Disclosure Vulnerability Active Directory Domain Services Information Disclosure Vulnerability

nvd

CVE-2023-36563MEDIUMCVSS 5.5KEVfixed in 10.0.17763.4974≥ 10.0.17763.0, < 10.0.17763.49742023-10-10

CVE-2023-36563 [MEDIUM] CWE-20 CVE-2023-36563: Microsoft WordPad Information Disclosure Vulnerability Microsoft WordPad Information Disclosure Vulnerability

nvd

CVE-2023-36576MEDIUMCVSS 5.5≥ 10.0.17763.0, < 10.0.17763.49742023-10-10

CVE-2023-36576 [MEDIUM] CWE-190 CVE-2023-36576: Windows Kernel Information Disclosure Vulnerability Windows Kernel Information Disclosure Vulnerability

nvd

CVE-2023-36706MEDIUMCVSS 6.5≥ 10.0.17763.0, < 10.0.17763.49742023-10-10

CVE-2023-36706 [MEDIUM] CWE-20 CVE-2023-36706: Windows Deployment Services Information Disclosure Vulnerability Windows Deployment Services Information Disclosure Vulnerability

nvd

CVE-2023-38039HIGHCVSS 7.5fixed in 10.0.17763.51222023-09-15

CVE-2023-38039 [HIGH] CWE-770 CVE-2023-38039: When curl retrieves an HTTP response, it stores the incoming headers so that they can be accessed la When curl retrieves an HTTP response, it stores the incoming headers so that they can be accessed later via the libcurl headers API. However, curl did not have a limit in how many or how large headers it would accept in a response, allowing a malicious server to stream an endless series of headers and eventually cause curl to run out of heap memory.

nvd

CVE-2023-38149HIGHCVSS 7.5≥ 10.0.17763.0, < 10.0.17763.48512023-09-12

CVE-2023-38149 [HIGH] CWE-400 Windows TCP/IP Denial of Service Vulnerability Windows TCP/IP Denial of Service Vulnerability Windows TCP/IP Denial of Service Vulnerability

cvelistv5

CVE-2023-38147HIGHCVSS 8.8≥ 10.0.17763.0, < 10.0.17763.48512023-09-12

CVE-2023-38147 [HIGH] CWE-122 CVE-2023-38147: Windows Miracast Wireless Display Remote Code Execution Vulnerability Windows Miracast Wireless Display Remote Code Execution Vulnerability

nvd

CVE-2023-38142HIGHCVSS 7.8fixed in 10.0.17763.4851≥ 10.0.17763.0, < 10.0.17763.48512023-09-12

CVE-2023-38142 [HIGH] CWE-190 CVE-2023-38142: Windows Kernel Elevation of Privilege Vulnerability Windows Kernel Elevation of Privilege Vulnerability

nvd

CVE-2023-38144HIGHCVSS 7.8fixed in 10.0.17763.4851≥ 10.0.17763.0, < 10.0.17763.48512023-09-12

CVE-2023-38144 [HIGH] CWE-126 CVE-2023-38144: Windows Common Log File System Driver Elevation of Privilege Vulnerability Windows Common Log File System Driver Elevation of Privilege Vulnerability

nvd

CVE-2023-38161HIGHCVSS 7.8≥ 10.0.17763.0, < 10.0.17763.48512023-09-12

CVE-2023-38161 [HIGH] CWE-416 Windows GDI Elevation of Privilege Vulnerability Windows GDI Elevation of Privilege Vulnerability Windows GDI Elevation of Privilege Vulnerability

cvelistv5

CVE-2023-36802HIGHCVSS 7.8KEVfixed in 10.0.17763.4851≥ 10.0.17763.0, < 10.0.17763.48512023-09-12

CVE-2023-36802 [HIGH] CWE-416 CVE-2023-36802: Microsoft Streaming Service Proxy Elevation of Privilege Vulnerability Microsoft Streaming Service Proxy Elevation of Privilege Vulnerability

nvd

CVE-2023-38141HIGHCVSS 7.8fixed in 10.0.17763.4851≥ 10.0.17763.0, < 10.0.17763.48512023-09-12

CVE-2023-38141 [HIGH] CWE-367 CVE-2023-38141: Windows Kernel Elevation of Privilege Vulnerability Windows Kernel Elevation of Privilege Vulnerability

nvd

CVE-2023-35355HIGHCVSS 7.8fixed in 10.0.17763.4851≥ 10.0.17763.0, < 10.0.17763.48512023-09-12

CVE-2023-35355 [HIGH] CWE-121 CVE-2023-35355: Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability

nvd

CVE-2023-36805HIGHCVSS 7.0fixed in 10.0.17763.4851≥ 10.0.17763.0, < 10.0.17763.48512023-09-12

CVE-2023-36805 [HIGH] CWE-77 CVE-2023-36805: Windows MSHTML Platform Security Feature Bypass Vulnerability Windows MSHTML Platform Security Feature Bypass Vulnerability

nvd

CVE-2023-38139HIGHCVSS 7.8fixed in 10.0.17763.4851≥ 10.0.17763.0, < 10.0.17763.48512023-09-12

CVE-2023-38139 [HIGH] CWE-416 CVE-2023-38139: Windows Kernel Elevation of Privilege Vulnerability Windows Kernel Elevation of Privilege Vulnerability

nvd

← Previous82 / 175Next →