Microsoft Windows Server 20H2 vulnerabilities
26 known vulnerabilities affecting microsoft/windows_server_20h2.
Total CVEs
26
CISA KEV
25
actively exploited
Public exploits
5
Exploited in wild
25
Severity breakdown
CRITICAL1HIGH24MEDIUM1
Vulnerabilities
Page 1 of 2
CVE-2022-35751HIGHCVSS 7.8fixed in 10.0.19042.18892023-05-31
CVE-2022-35751 [HIGH] CVE-2022-35751: Windows Hyper-V Elevation of Privilege Vulnerability
Windows Hyper-V Elevation of Privilege Vulnerability
nvd
CVE-2022-34713HIGHCVSS 7.8KEVfixed in 10.0.19042.18892022-08-09
CVE-2022-34713 [HIGH] CVE-2022-34713: Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability
Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability
nvd
CVE-2022-22047HIGHCVSS 7.8KEVfixed in 10.0.19042.18262022-07-12
CVE-2022-22047 [HIGH] CWE-426 CVE-2022-22047: Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability
Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability
nvd
CVE-2022-30190HIGHCVSS 7.8KEVfixed in 10.0.19042.17662022-06-01
CVE-2022-30190 [HIGH] CVE-2022-30190: A remote code execution vulnerability exists when MSDT is called using the URL protocol from a calli
A remote code execution vulnerability exists when MSDT is called using the URL protocol from a calling application such as Word. An attacker who successfully exploits this vulnerability can run arbitrary code with the privileges of the calling application. The attacker can then install programs, view, change, or delete data, or create new accounts in the cont
nvd
CVE-2022-26904HIGHCVSS 7.0KEVPoCfixed in 10.0.19042.16452022-04-15
CVE-2022-26904 [HIGH] CWE-362 CVE-2022-26904: Windows User Profile Service Elevation of Privilege Vulnerability
Windows User Profile Service Elevation of Privilege Vulnerability
nvd
CVE-2022-24521HIGHCVSS 7.8KEVfixed in 10.0.19042.16452022-04-15
CVE-2022-24521 [HIGH] CWE-787 CVE-2022-24521: Windows Common Log File System Driver Elevation of Privilege Vulnerability
Windows Common Log File System Driver Elevation of Privilege Vulnerability
nvd
CVE-2022-21999HIGHCVSS 7.8KEVPoCfixed in 10.0.19042.15262022-02-09
CVE-2022-21999 [HIGH] CWE-22 CVE-2022-21999: Windows Print Spooler Elevation of Privilege Vulnerability
Windows Print Spooler Elevation of Privilege Vulnerability
nvd
CVE-2022-22718HIGHCVSS 7.8KEVfixed in 10.0.19042.15262022-02-09
CVE-2022-22718 [HIGH] CVE-2022-22718: Windows Print Spooler Elevation of Privilege Vulnerability
Windows Print Spooler Elevation of Privilege Vulnerability
nvd
CVE-2022-21971HIGHCVSS 7.8KEVfixed in 10.0.19042.15262022-02-09
CVE-2022-21971 [HIGH] CWE-824 CVE-2022-21971: Windows Runtime Remote Code Execution Vulnerability
Windows Runtime Remote Code Execution Vulnerability
nvd
CVE-2022-21919HIGHCVSS 7.0KEVPoCfixed in 10.0.19042.14662022-01-11
CVE-2022-21919 [HIGH] CWE-59 CVE-2022-21919: Windows User Profile Service Elevation of Privilege Vulnerability
Windows User Profile Service Elevation of Privilege Vulnerability
nvd
CVE-2021-43226HIGHCVSS 7.8KEVfixed in 10.0.19042.14152021-12-15
CVE-2021-43226 [HIGH] CVE-2021-43226: Windows Common Log File System Driver Elevation of Privilege Vulnerability
Windows Common Log File System Driver Elevation of Privilege Vulnerability
nvd
CVE-2021-41379HIGHCVSS 7.8KEVfixed in 10.0.19042.13482021-11-10
CVE-2021-41379 [MEDIUM] CWE-59 CVE-2021-41379: Windows Installer Elevation of Privilege Vulnerability
Windows Installer Elevation of Privilege Vulnerability
nvd
CVE-2021-42278HIGHCVSS 7.5KEVfixed in 10.0.19042.13482021-11-10
CVE-2021-42278 [HIGH] CVE-2021-42278: Active Directory Domain Services Elevation of Privilege Vulnerability
Active Directory Domain Services Elevation of Privilege Vulnerability
nvd
CVE-2021-40444HIGHCVSS 7.8KEVfixed in 10.0.19042.12372021-09-15
CVE-2021-40444 [HIGH] CWE-22 CVE-2021-40444: <p>Microsoft is investigating reports of a remote code execution vulnerability in MSHTML that affect
Microsoft is investigating reports of a remote code execution vulnerability in MSHTML that affects Microsoft Windows. Microsoft is aware of targeted attacks that attempt to exploit this vulnerability by using specially-crafted Microsoft Office documents.
An attacker could craft a malicious ActiveX control to be used by a Microsoft Office document that
nvd
CVE-2021-36955HIGHCVSS 7.8KEVfixed in 10.0.19042.12372021-09-15
CVE-2021-36955 [HIGH] CVE-2021-36955: Windows Common Log File System Driver Elevation of Privilege Vulnerability
Windows Common Log File System Driver Elevation of Privilege Vulnerability
nvd
CVE-2021-34484HIGHCVSS 7.8KEVPoCfixed in 10.0.19042.11652021-08-12
CVE-2021-34484 [HIGH] CVE-2021-34484: Windows User Profile Service Elevation of Privilege Vulnerability
Windows User Profile Service Elevation of Privilege Vulnerability
nvd
CVE-2021-34486HIGHCVSS 7.8KEVfixed in 10.0.19042.11652021-08-12
CVE-2021-34486 [HIGH] CWE-416 CVE-2021-34486: Windows Event Tracing Elevation of Privilege Vulnerability
Windows Event Tracing Elevation of Privilege Vulnerability
nvd
CVE-2021-36948HIGHCVSS 7.8KEVfixed in 10.0.19042.11652021-08-12
CVE-2021-36948 [HIGH] CVE-2021-36948: Windows Update Medic Service Elevation of Privilege Vulnerability
Windows Update Medic Service Elevation of Privilege Vulnerability
nvd
CVE-2021-33771HIGHCVSS 7.8KEVfixed in 10.0.19042.11102021-07-14
CVE-2021-33771 [HIGH] CVE-2021-33771: Windows Kernel Elevation of Privilege Vulnerability
Windows Kernel Elevation of Privilege Vulnerability
nvd
CVE-2021-31979HIGHCVSS 7.8KEVfixed in 10.0.19042.11102021-07-14
CVE-2021-31979 [HIGH] CWE-119 CVE-2021-31979: Windows Kernel Elevation of Privilege Vulnerability
Windows Kernel Elevation of Privilege Vulnerability
nvd
1 / 2Next →