Microsoft Windows Server 2022 vulnerabilities
2,817 known vulnerabilities affecting microsoft/windows_server_2022.
Total CVEs
2,817
CISA KEV
102
actively exploited
Public exploits
38
Exploited in wild
85
Severity breakdown
CRITICAL74HIGH2015MEDIUM717LOW11
Vulnerabilities
Page 32 of 141
CVE-2025-49684MEDIUMCVSS 5.5fixed in 10.0.20348.3932≥ 10.0.20348.0, < 10.0.20348.39322025-07-08
CVE-2025-49684 [MEDIUM] CWE-126 CVE-2025-49684: Buffer over-read in Storage Port Driver allows an authorized attacker to disclose information locall
Buffer over-read in Storage Port Driver allows an authorized attacker to disclose information locally.
nvd
CVE-2025-49722MEDIUMCVSS 5.7fixed in 10.0.20348.3932≥ 10.0.20348.0, < 10.0.20348.39322025-07-08
CVE-2025-49722 [MEDIUM] CWE-400 CVE-2025-49722: Uncontrolled resource consumption in Windows Print Spooler Components allows an authorized attacker
Uncontrolled resource consumption in Windows Print Spooler Components allows an authorized attacker to deny service over an adjacent network.
nvd
CVE-2025-49670MEDIUMCVSS 6.5fixed in 10.0.20348.3932≥ 10.0.20348.0, < 10.0.20348.39322025-07-08
CVE-2025-49670 [MEDIUM] CWE-122 CVE-2025-49670: Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorize
Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.
nvd
CVE-2025-48818MEDIUMCVSS 6.8fixed in 10.0.20348.3932≥ 10.0.20348.0, < 10.0.20348.39322025-07-08
CVE-2025-48818 [MEDIUM] CWE-367 CVE-2025-48818: Time-of-check time-of-use (toctou) race condition in Windows BitLocker allows an unauthorized attack
Time-of-check time-of-use (toctou) race condition in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack.
nvd
CVE-2025-49671MEDIUMCVSS 6.5fixed in 10.0.20348.3932≥ 10.0.20348.0, < 10.0.20348.39322025-07-08
CVE-2025-49671 [MEDIUM] CWE-125 CVE-2025-49671: Exposure of sensitive information to an unauthorized actor in Windows Routing and Remote Access Serv
Exposure of sensitive information to an unauthorized actor in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.
nvd
CVE-2025-49681MEDIUMCVSS 6.5fixed in 10.0.20348.3932≥ 10.0.20348.0, < 10.0.20348.39322025-07-08
CVE-2025-49681 [MEDIUM] CWE-125 CVE-2025-49681: Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attack
Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.
nvd
CVE-2025-47999MEDIUMCVSS 6.8fixed in 10.0.20348.3932≥ 10.0.20348.0, < 10.0.20348.39322025-07-08
CVE-2025-47999 [MEDIUM] CWE-820 CVE-2025-47999: Missing synchronization in Windows Hyper-V allows an authorized attacker to deny service over an adj
Missing synchronization in Windows Hyper-V allows an authorized attacker to deny service over an adjacent network.
nvd
CVE-2025-49760LOWCVSS 3.5fixed in 10.0.20348.3932≥ 10.0.20348.0, < 10.0.20348.39322025-07-08
CVE-2025-49760 [LOW] CWE-73 CVE-2025-49760: External control of file name or path in Windows Storage allows an authorized attacker to perform sp
External control of file name or path in Windows Storage allows an authorized attacker to perform spoofing over a network.
nvd
CVE-2025-32710HIGHCVSS 8.1fixed in 10.0.20348.3630≥ 10.0.20348.0, < 10.0.20348.36922025-06-10
CVE-2025-32710 [HIGH] CWE-362 CVE-2025-32710: Use after free in Windows Remote Desktop Services allows an unauthorized attacker to execute code ov
Use after free in Windows Remote Desktop Services allows an unauthorized attacker to execute code over a network.
nvd
CVE-2025-33073HIGHCVSS 8.8KEVPoCfixed in 10.0.20348.3745≥ 10.0.20348.0, < 10.0.20348.38072025-06-10
CVE-2025-33073 [HIGH] CWE-284 CVE-2025-33073: Improper access control in Windows SMB allows an authorized attacker to elevate privileges over a ne
Improper access control in Windows SMB allows an authorized attacker to elevate privileges over a network.
nvd
CVE-2025-29828HIGHCVSS 8.1fixed in 10.0.20348.3745≥ 10.0.20348.0, < 10.0.20348.38072025-06-10
CVE-2025-29828 [HIGH] CWE-401 CVE-2025-29828: Missing release of memory after effective lifetime in Windows Cryptographic Services allows an unaut
Missing release of memory after effective lifetime in Windows Cryptographic Services allows an unauthorized attacker to execute code over a network.
nvd
CVE-2025-33070HIGHCVSS 8.1fixed in 10.0.20348.3745≥ 10.0.20348.0, < 10.0.20348.38072025-06-10
CVE-2025-33070 [HIGH] CWE-908 CVE-2025-33070: Use of uninitialized resource in Windows Netlogon allows an unauthorized attacker to elevate privile
Use of uninitialized resource in Windows Netlogon allows an unauthorized attacker to elevate privileges over a network.
nvd
CVE-2025-33067HIGHCVSS 8.4fixed in 10.0.20348.3745≥ 10.0.20348.0, < 10.0.20348.38072025-06-10
CVE-2025-33067 [HIGH] CWE-269 CVE-2025-33067: Improper privilege management in Windows Kernel allows an unauthorized attacker to elevate privilege
Improper privilege management in Windows Kernel allows an unauthorized attacker to elevate privileges locally.
nvd
CVE-2025-33050HIGHCVSS 7.5fixed in 10.0.20348.3745≥ 10.0.20348.0, < 10.0.20348.38072025-06-10
CVE-2025-33050 [HIGH] CWE-693 CVE-2025-33050: Protection mechanism failure in Windows DHCP Server allows an unauthorized attacker to deny service
Protection mechanism failure in Windows DHCP Server allows an unauthorized attacker to deny service over a network.
nvd
CVE-2025-32712HIGHCVSS 7.8fixed in 10.0.20348.3745≥ 10.0.20348.0, < 10.0.20348.38072025-06-10
CVE-2025-32712 [HIGH] CWE-416 CVE-2025-32712: Use after free in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally.
Use after free in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally.
nvd
CVE-2025-33075HIGHCVSS 7.8fixed in 10.0.20348.3745≥ 10.0.20348.0, < 10.0.20348.38072025-06-10
CVE-2025-33075 [HIGH] CWE-59 CVE-2025-33075: Improper link resolution before file access ('link following') in Windows Installer allows an author
Improper link resolution before file access ('link following') in Windows Installer allows an authorized attacker to elevate privileges locally.
nvd
CVE-2025-33064HIGHCVSS 8.8fixed in 10.0.20348.3745≥ 10.0.20348.0, < 10.0.20348.38072025-06-10
CVE-2025-33064 [HIGH] CWE-122 CVE-2025-33064: Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an authorized
Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to execute code over a network.
nvd
CVE-2025-33056HIGHCVSS 7.5fixed in 10.0.20348.3745≥ 10.0.20348.0, < 10.0.20348.38072025-06-10
CVE-2025-33056 [HIGH] CWE-284 CVE-2025-33056: Improper access control in Microsoft Local Security Authority Server (lsasrv) allows an unauthorized
Improper access control in Microsoft Local Security Authority Server (lsasrv) allows an unauthorized attacker to deny service over a network.
nvd
CVE-2025-33066HIGHCVSS 8.8fixed in 10.0.20348.3745≥ 10.0.20348.0, < 10.0.20348.38072025-06-10
CVE-2025-33066 [HIGH] CWE-122 CVE-2025-33066: Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorize
Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.
nvd
CVE-2025-32714HIGHCVSS 7.8fixed in 10.0.20348.3745≥ 10.0.20348.0, < 10.0.20348.38072025-06-10
CVE-2025-32714 [HIGH] CWE-284 CVE-2025-32714: Improper access control in Windows Installer allows an authorized attacker to elevate privileges loc
Improper access control in Windows Installer allows an authorized attacker to elevate privileges locally.
nvd