Microsoft Windows Server 2022 vulnerabilities

2,817 known vulnerabilities affecting microsoft/windows_server_2022.

Total CVEs

2,817

CISA KEV

103

actively exploited

Public exploits

Exploited in wild

Severity breakdown

CRITICAL74HIGH2015MEDIUM717LOW11

Vulnerabilities

Page 121 of 141

CVE-2022-30154MEDIUMCVSS 5.3≥ 10.0.20348.0, < 10.0.20348.7702022-06-15

CVE-2022-30154 [MEDIUM] CVE-2022-30154: Microsoft File Server Shadow Copy Agent Service (RVSS) Elevation of Privilege Vulnerability Microsoft File Server Shadow Copy Agent Service (RVSS) Elevation of Privilege Vulnerability

nvd

CVE-2022-30148MEDIUMCVSS 5.5≥ 10.0.20348.0, < 10.0.20348.7702022-06-15

CVE-2022-30148 [MEDIUM] CWE-532 CVE-2022-30148: Windows Desired State Configuration (DSC) Information Disclosure Vulnerability Windows Desired State Configuration (DSC) Information Disclosure Vulnerability

nvd

CVE-2022-30162MEDIUMCVSS 5.5≥ 10.0.20348.0, < 10.0.20348.7702022-06-15

CVE-2022-30162 [MEDIUM] CVE-2022-30162: Windows Kernel Information Disclosure Vulnerability Windows Kernel Information Disclosure Vulnerability

nvd

CVE-2022-30190HIGHCVSS 7.8KEVPoCfixed in 10.0.20348.770≥ 10.0.20348.0, < 10.0.20348.7702022-06-01

CVE-2022-30190 [HIGH] CVE-2022-30190: A remote code execution vulnerability exists when MSDT is called using the URL protocol from a calli A remote code execution vulnerability exists when MSDT is called using the URL protocol from a calling application such as Word. An attacker who successfully exploits this vulnerability can run arbitrary code with the privileges of the calling application. The attacker can then install programs, view, change, or delete data, or create new accounts in the cont

nvd

CVE-2022-30138HIGHCVSS 7.8≥ 10.0.20348.0, < 10.0.20348.7072022-05-18

CVE-2022-30138 [HIGH] CVE-2022-30138: Windows Print Spooler Elevation of Privilege Vulnerability Windows Print Spooler Elevation of Privilege Vulnerability

nvd

CVE-2022-22012CRITICALCVSS 9.8≥ 10.0.20348.0, < 10.0.20348.7072022-05-10

CVE-2022-22012 [CRITICAL] CVE-2022-22012: Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability

nvd

CVE-2022-29130CRITICALCVSS 9.8≥ 10.0.20348.0, < 10.0.20348.7072022-05-10

CVE-2022-29130 [CRITICAL] CVE-2022-29130: Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability

nvd

CVE-2022-26937CRITICALCVSS 9.8≥ 10.0.20348.0, < 10.0.20348.7072022-05-10

CVE-2022-26937 [CRITICAL] CVE-2022-26937: Windows Network File System Remote Code Execution Vulnerability Windows Network File System Remote Code Execution Vulnerability

nvd

CVE-2022-29125HIGHCVSS 7.0≥ 10.0.20348.0, < 10.0.20348.7072022-05-10

CVE-2022-29125 [HIGH] CVE-2022-29125: Windows Push Notifications Apps Elevation of Privilege Vulnerability Windows Push Notifications Apps Elevation of Privilege Vulnerability

nvd

CVE-2022-26923HIGHCVSS 8.8KEVPoCfixed in 10.0.20348.1668≥ 10.0.20348.0, < 10.0.20348.16682022-05-10

CVE-2022-26923 [HIGH] CWE-295 CVE-2022-26923: Active Directory Domain Services Elevation of Privilege Vulnerability Active Directory Domain Services Elevation of Privilege Vulnerability

nvd

CVE-2022-29137HIGHCVSS 8.8≥ 10.0.20348.0, < 10.0.20348.7072022-05-10

CVE-2022-29137 [HIGH] CVE-2022-29137: Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability

nvd

CVE-2022-29129HIGHCVSS 8.8≥ 10.0.20348.0, < 10.0.20348.7072022-05-10

CVE-2022-29129 [HIGH] CVE-2022-29129: Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability

nvd

CVE-2022-26913HIGHCVSS 7.4≥ 10.0.20348.0, < 10.0.20348.7072022-05-10

CVE-2022-26913 [HIGH] CVE-2022-26913: Windows Authentication Information Disclosure Vulnerability Windows Authentication Information Disclosure Vulnerability

nvd

CVE-2022-29142HIGHCVSS 7.0≥ 10.0.20348.0, < 10.0.20348.7072022-05-10

CVE-2022-29142 [HIGH] CVE-2022-29142: Windows Kernel Elevation of Privilege Vulnerability Windows Kernel Elevation of Privilege Vulnerability

nvd

CVE-2022-29104HIGHCVSS 7.8≥ 10.0.20348.0, < 10.0.20348.7072022-05-10

CVE-2022-29104 [HIGH] CVE-2022-29104: Windows Print Spooler Elevation of Privilege Vulnerability Windows Print Spooler Elevation of Privilege Vulnerability

nvd

CVE-2022-29139HIGHCVSS 8.8≥ 10.0.20348.0, < 10.0.20348.7072022-05-10

CVE-2022-29139 [HIGH] CVE-2022-29139: Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability

nvd

CVE-2022-26927HIGHCVSS 8.8≥ 10.0.20348.0, < 10.0.20348.7072022-05-10

CVE-2022-26927 [HIGH] CVE-2022-26927: Windows Graphics Component Remote Code Execution Vulnerability Windows Graphics Component Remote Code Execution Vulnerability

nvd

CVE-2022-22016HIGHCVSS 7.0≥ 10.0.20348.0, < 10.0.20348.7072022-05-10

CVE-2022-22016 [HIGH] CVE-2022-22016: Windows PlayToManager Elevation of Privilege Vulnerability Windows PlayToManager Elevation of Privilege Vulnerability

nvd

CVE-2022-22014HIGHCVSS 8.8≥ 10.0.20348.0, < 10.0.20348.7072022-05-10

CVE-2022-22014 [HIGH] CVE-2022-22014: Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability

nvd

CVE-2022-23270HIGHCVSS 8.1≥ 10.0.20348.0, < 10.0.20348.7072022-05-10

CVE-2022-23270 [HIGH] CVE-2022-23270: Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability

nvd

← Previous121 / 141Next →