Microsoft Windows Server 2022 vulnerabilities

2,817 known vulnerabilities affecting microsoft/windows_server_2022.

Total CVEs

2,817

CISA KEV

103

actively exploited

Public exploits

Exploited in wild

Severity breakdown

CRITICAL74HIGH2015MEDIUM717LOW11

Vulnerabilities

Page 141 of 141

CVE-2021-38628HIGHCVSS 7.8≥ 10.0.0, < 10.0.20348.2302021-09-15

CVE-2021-38628 [HIGH] CWE-269 CVE-2021-38628: Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

nvd

CVE-2021-36975HIGHCVSS 7.8≥ 10.0.0, < 10.0.20348.2302021-09-15

CVE-2021-36975 [HIGH] Win32k Elevation of Privilege Vulnerability Win32k Elevation of Privilege Vulnerability Win32k Elevation of Privilege Vulnerability

cvelistv5

CVE-2021-36963HIGHCVSS 7.8≥ 10.0.0, < 10.0.20348.2302021-09-15

CVE-2021-36963 [HIGH] CWE-269 CVE-2021-36963: Windows Common Log File System Driver Elevation of Privilege Vulnerability Windows Common Log File System Driver Elevation of Privilege Vulnerability

nvd

CVE-2021-36972MEDIUMCVSS 5.5≥ 10.0.0, < 10.0.20348.2302021-09-15

CVE-2021-36972 [MEDIUM] Windows SMB Information Disclosure Vulnerability Windows SMB Information Disclosure Vulnerability Windows SMB Information Disclosure Vulnerability

cvelistv5

CVE-2021-36961MEDIUMCVSS 5.5≥ 10.0.0, < 10.0.20348.2302021-09-15

CVE-2021-36961 [MEDIUM] Windows Installer Denial of Service Vulnerability Windows Installer Denial of Service Vulnerability Windows Installer Denial of Service Vulnerability

cvelistv5

CVE-2021-38632MEDIUMCVSS 5.7≥ 10.0.0, < 10.0.20348.2302021-09-15

CVE-2021-38632 [MEDIUM] BitLocker Security Feature Bypass Vulnerability BitLocker Security Feature Bypass Vulnerability BitLocker Security Feature Bypass Vulnerability

cvelistv5

CVE-2021-38636MEDIUMCVSS 5.5≥ 10.0.0, < 10.0.20348.2302021-09-15

CVE-2021-38636 [MEDIUM] CVE-2021-38636: Windows Redirected Drive Buffering SubSystem Driver Information Disclosure Vulnerability Windows Redirected Drive Buffering SubSystem Driver Information Disclosure Vulnerability

nvd

CVE-2021-38635MEDIUMCVSS 5.5≥ 10.0.0, < 10.0.20348.2302021-09-15

CVE-2021-38635 [MEDIUM] CVE-2021-38635: Windows Redirected Drive Buffering SubSystem Driver Information Disclosure Vulnerability Windows Redirected Drive Buffering SubSystem Driver Information Disclosure Vulnerability

nvd

CVE-2021-38629MEDIUMCVSS 6.5≥ 10.0.0, < 10.0.20348.2302021-09-15

CVE-2021-38629 [MEDIUM] CVE-2021-38629: Windows Ancillary Function Driver for WinSock Information Disclosure Vulnerability Windows Ancillary Function Driver for WinSock Information Disclosure Vulnerability

nvd

CVE-2021-36959MEDIUMCVSS 5.5≥ 10.0.0, < 10.0.20348.2302021-09-15

CVE-2021-36959 [MEDIUM] Windows Authenticode Spoofing Vulnerability Windows Authenticode Spoofing Vulnerability Windows Authenticode Spoofing Vulnerability

cvelistv5

CVE-2021-38624MEDIUMCVSS 6.5≥ 10.0.0, < 10.0.20348.2882021-09-15

CVE-2021-38624 [MEDIUM] CWE-639 CVE-2021-38624: Windows Key Storage Provider Security Feature Bypass Vulnerability Windows Key Storage Provider Security Feature Bypass Vulnerability

nvd

CVE-2021-38637MEDIUMCVSS 5.5≥ 10.0.0, < 10.0.20348.2302021-09-15

CVE-2021-38637 [MEDIUM] CVE-2021-38637: Windows Storage Information Disclosure Vulnerability Windows Storage Information Disclosure Vulnerability

nvd

CVE-2021-36969MEDIUMCVSS 5.5≥ 10.0.0, < 10.0.20348.2302021-09-15

CVE-2021-36969 [MEDIUM] CVE-2021-36969: Windows Redirected Drive Buffering SubSystem Driver Information Disclosure Vulnerability Windows Redirected Drive Buffering SubSystem Driver Information Disclosure Vulnerability

nvd

CVE-2021-34527HIGHCVSS 8.8KEVPoCfixed in 10.0.20348.230≥ 10.0.0, < 10.0.20348.2302021-07-02

CVE-2021-34527 [HIGH] CVE-2021-34527: <p>A remote code execution vulnerability exists when the Windows Print Spooler service improperly pe A remote code execution vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations. An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. UPDAT

nvd

CVE-2021-26414MEDIUMCVSS 4.8≥ 10.0.0, < 10.0.20348.16072021-06-08

CVE-2021-26414 [MEDIUM] Windows DCOM Server Security Feature Bypass Windows DCOM Server Security Feature Bypass Windows DCOM Server Security Feature Bypass

cvelistv5

CVE-2020-17042HIGHCVSS 8.8≥ 10.0.0, < 10.0.20348.2700≥ 10.0.0, < 10.0.20348.26952020-11-11

CVE-2020-17042 [HIGH] CVE-2020-17042: Windows Print Spooler Remote Code Execution Vulnerability Windows Print Spooler Remote Code Execution Vulnerability

nvd

CVE-2013-3900HIGHCVSS 8.8KEVvN/A2013-12-11

CVE-2013-3900 [HIGH] CWE-347 CVE-2013-3900: Why is Microsoft republishing a CVE from 2013? We are republishing CVE-2013-3900 in the Security Upd Why is Microsoft republishing a CVE from 2013? We are republishing CVE-2013-3900 in the Security Update Guide to update the Security Updates table and to inform customers that the EnableCertPaddingCheck is available in all currently supported versions of Windows 10 and Windows 11. While the format is different from the original CVE published in 2013, ex

nvd

← Previous141 / 141