Microsoft Windows Server 2022 vulnerabilities

2,817 known vulnerabilities affecting microsoft/windows_server_2022.

Total CVEs

2,817

CISA KEV

102

actively exploited

Public exploits

Exploited in wild

Severity breakdown

CRITICAL74HIGH2015MEDIUM717LOW11

Vulnerabilities

Page 85 of 141

CVE-2023-36563MEDIUMCVSS 5.5KEVfixed in 10.0.20348.2031≥ 10.0.20348.0, < 10.0.20348.20312023-10-10

CVE-2023-36563 [MEDIUM] CWE-20 CVE-2023-36563: Microsoft WordPad Information Disclosure Vulnerability Microsoft WordPad Information Disclosure Vulnerability

nvd

CVE-2023-36576MEDIUMCVSS 5.5≥ 10.0.20348.0, < 10.0.20348.20312023-10-10

CVE-2023-36576 [MEDIUM] CWE-190 CVE-2023-36576: Windows Kernel Information Disclosure Vulnerability Windows Kernel Information Disclosure Vulnerability

nvd

CVE-2023-36706MEDIUMCVSS 6.5≥ 10.0.20348.0, < 10.0.20348.20312023-10-10

CVE-2023-36706 [MEDIUM] CWE-20 CVE-2023-36706: Windows Deployment Services Information Disclosure Vulnerability Windows Deployment Services Information Disclosure Vulnerability

nvd

CVE-2023-38039HIGHCVSS 7.5fixed in 10.0.20348.21132023-09-15

CVE-2023-38039 [HIGH] CWE-770 CVE-2023-38039: When curl retrieves an HTTP response, it stores the incoming headers so that they can be accessed la When curl retrieves an HTTP response, it stores the incoming headers so that they can be accessed later via the libcurl headers API. However, curl did not have a limit in how many or how large headers it would accept in a response, allowing a malicious server to stream an endless series of headers and eventually cause curl to run out of heap memory.

nvd

CVE-2023-38149HIGHCVSS 7.5≥ 10.0.20348.0, < 10.0.20348.19702023-09-12

CVE-2023-38149 [HIGH] CWE-400 Windows TCP/IP Denial of Service Vulnerability Windows TCP/IP Denial of Service Vulnerability Windows TCP/IP Denial of Service Vulnerability

cvelistv5

CVE-2023-38147HIGHCVSS 8.8≥ 10.0.20348.0, < 10.0.20348.19702023-09-12

CVE-2023-38147 [HIGH] CWE-122 CVE-2023-38147: Windows Miracast Wireless Display Remote Code Execution Vulnerability Windows Miracast Wireless Display Remote Code Execution Vulnerability

nvd

CVE-2023-38142HIGHCVSS 7.8fixed in 10.0.20348.1970≥ 10.0.20348.0, < 10.0.20348.19702023-09-12

CVE-2023-38142 [HIGH] CWE-190 CVE-2023-38142: Windows Kernel Elevation of Privilege Vulnerability Windows Kernel Elevation of Privilege Vulnerability

nvd

CVE-2023-38144HIGHCVSS 7.8fixed in 10.0.20348.1970≥ 10.0.20348.0, < 10.0.20348.19702023-09-12

CVE-2023-38144 [HIGH] CWE-126 CVE-2023-38144: Windows Common Log File System Driver Elevation of Privilege Vulnerability Windows Common Log File System Driver Elevation of Privilege Vulnerability

nvd

CVE-2023-38161HIGHCVSS 7.8≥ 10.0.20348.0, < 10.0.20348.19702023-09-12

CVE-2023-38161 [HIGH] CWE-416 Windows GDI Elevation of Privilege Vulnerability Windows GDI Elevation of Privilege Vulnerability Windows GDI Elevation of Privilege Vulnerability

cvelistv5

CVE-2023-38148HIGHCVSS 8.8fixed in 10.0.20348.1960≥ 10.0.20348.0, < 10.0.20348.19702023-09-12

CVE-2023-38148 [HIGH] CWE-121 CVE-2023-38148: Internet Connection Sharing (ICS) Remote Code Execution Vulnerability Internet Connection Sharing (ICS) Remote Code Execution Vulnerability

nvd

CVE-2023-36802HIGHCVSS 7.8KEVfixed in 10.0.20348.1970≥ 10.0.20348.0, < 10.0.20348.19702023-09-12

CVE-2023-36802 [HIGH] CWE-416 CVE-2023-36802: Microsoft Streaming Service Proxy Elevation of Privilege Vulnerability Microsoft Streaming Service Proxy Elevation of Privilege Vulnerability

nvd

CVE-2023-38141HIGHCVSS 7.8fixed in 10.0.20348.1970≥ 10.0.20348.0, < 10.0.20348.19702023-09-12

CVE-2023-38141 [HIGH] CWE-367 CVE-2023-38141: Windows Kernel Elevation of Privilege Vulnerability Windows Kernel Elevation of Privilege Vulnerability

nvd

CVE-2023-35355HIGHCVSS 7.8fixed in 10.0.20348.1970≥ 10.0.20348.0, < 10.0.20348.19702023-09-12

CVE-2023-35355 [HIGH] CWE-121 CVE-2023-35355: Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability

nvd

CVE-2023-36805HIGHCVSS 7.0fixed in 10.0.20348.1970≥ 10.0.20348.0, < 10.0.20348.19702023-09-12

CVE-2023-36805 [HIGH] CWE-77 CVE-2023-36805: Windows MSHTML Platform Security Feature Bypass Vulnerability Windows MSHTML Platform Security Feature Bypass Vulnerability

nvd

CVE-2023-38139HIGHCVSS 7.8fixed in 10.0.20348.1970≥ 10.0.20348.0, < 10.0.20348.19702023-09-12

CVE-2023-38139 [HIGH] CWE-416 CVE-2023-38139: Windows Kernel Elevation of Privilege Vulnerability Windows Kernel Elevation of Privilege Vulnerability

nvd

CVE-2023-38143HIGHCVSS 7.8fixed in 10.0.20348.1970≥ 10.0.20348.0, < 10.0.20348.19702023-09-12

CVE-2023-38143 [HIGH] CWE-122 CVE-2023-38143: Windows Common Log File System Driver Elevation of Privilege Vulnerability Windows Common Log File System Driver Elevation of Privilege Vulnerability

nvd

CVE-2023-38162HIGHCVSS 7.5≥ 10.0.20348.0, < 10.0.20348.19702023-09-12

CVE-2023-38162 [HIGH] CWE-191 CVE-2023-38162: DHCP Server Service Denial of Service Vulnerability DHCP Server Service Denial of Service Vulnerability

nvd

CVE-2023-36804HIGHCVSS 7.8≥ 10.0.20348.0, < 10.0.20348.19702023-09-12

CVE-2023-36804 [HIGH] CWE-416 Windows GDI Elevation of Privilege Vulnerability Windows GDI Elevation of Privilege Vulnerability Windows GDI Elevation of Privilege Vulnerability

cvelistv5

CVE-2023-36801MEDIUMCVSS 5.3≥ 10.0.20348.0, < 10.0.20348.19702023-09-12

CVE-2023-36801 [MEDIUM] CWE-126 CVE-2023-36801: DHCP Server Service Information Disclosure Vulnerability DHCP Server Service Information Disclosure Vulnerability

nvd

CVE-2023-38140MEDIUMCVSS 5.5fixed in 10.0.20348.1970≥ 10.0.20348.0, < 10.0.20348.19702023-09-12

CVE-2023-38140 [MEDIUM] CWE-908 CVE-2023-38140: Windows Kernel Information Disclosure Vulnerability Windows Kernel Information Disclosure Vulnerability

nvd

← Previous85 / 141Next →