Microsoft Windows Server Version 2004 vulnerabilities
747 known vulnerabilities affecting microsoft/windows_server_version_2004.
Total CVEs
747
CISA KEV
27
actively exploited
Public exploits
10
Exploited in wild
28
Severity breakdown
CRITICAL32HIGH535MEDIUM177LOW3
Vulnerabilities
Page 35 of 38
CVE-2020-1564HIGHCVSS 7.8≥ 10.0.0, < publication2020-08-17
CVE-2020-1564 [HIGH] CVE-2020-1564: A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.
An attacker could exploit this vulnerability by enticing a victim to open a specially crafted file.
The update addresses the vulnerabili
nvd
CVE-2020-1528HIGHCVSS 7.8≥ 10.0.0, < publication2020-08-17
CVE-2020-1528 [HIGH] CVE-2020-1528: An elevation of privilege vulnerability exists when the Windows Radio Manager API improperly handles
An elevation of privilege vulnerability exists when the Windows Radio Manager API improperly handles memory.
To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.
The security update addresses the vulnerability by correcting how the Wi
nvd
CVE-2020-1521HIGHCVSS 7.8≥ 10.0.0, < publication2020-08-17
CVE-2020-1521 [HIGH] CVE-2020-1521: An elevation of privilege vulnerability exists when the Windows Speech Runtime improperly handles me
An elevation of privilege vulnerability exists when the Windows Speech Runtime improperly handles memory.
To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.
The security update addresses the vulnerability by correcting how the Windo
nvd
CVE-2020-1378HIGHCVSS 7.8≥ 10.0.0, < publication2020-08-17
CVE-2020-1378 [HIGH] CWE-787 CVE-2020-1378: An elevation of privilege vulnerability exists when the Windows Kernel API improperly handles regist
An elevation of privilege vulnerability exists when the Windows Kernel API improperly handles registry objects in memory. An attacker who successfully exploited the vulnerability could gain elevated privileges on a targeted system.
A locally authenticated attacker could exploit this vulnerability by running a specially crafted application.
The security
nvd
CVE-2020-1538HIGHCVSS 7.8≥ 10.0.0, < publication2020-08-17
CVE-2020-1538 [HIGH] CVE-2020-1538: An elevation of privilege vulnerability exists when the Windows UPnP Device Host improperly handles
An elevation of privilege vulnerability exists when the Windows UPnP Device Host improperly handles memory.
To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.
The security update addresses the vulnerability by correcting how the Wind
nvd
CVE-2020-1479HIGHCVSS 7.8≥ 10.0.0, < publication2020-08-17
CVE-2020-1479 [HIGH] CVE-2020-1479: An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory. An
An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
To exploit this vulnerability, an attacker would
nvd
CVE-2020-1553HIGHCVSS 7.8≥ 10.0.0, < publication2020-08-17
CVE-2020-1553 [HIGH] CVE-2020-1553: An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects i
An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in an elevated context.
An attacker could exploit this vulnerability by running a specially crafted application on the victim system.
The update addresses the vulnerabili
nvd
CVE-2020-1518HIGHCVSS 7.8≥ 10.0.0, < publication2020-08-17
CVE-2020-1518 [HIGH] CVE-2020-1518: An elevation of privilege vulnerability exists when the Windows File Server Resource Management Serv
An elevation of privilege vulnerability exists when the Windows File Server Resource Management Service improperly handles memory.
To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.
The security update addresses the vulnerability by
nvd
CVE-2020-1534HIGHCVSS 7.8≥ 10.0.0, < publication2020-08-17
CVE-2020-1534 [HIGH] CVE-2020-1534: An elevation of privilege vulnerability exists when the Windows Backup Service improperly handles fi
An elevation of privilege vulnerability exists when the Windows Backup Service improperly handles file operations.
To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.
The security update addresses the vulnerability by correcting how
nvd
CVE-2020-1470HIGHCVSS 7.8≥ 10.0.0, < publication2020-08-17
CVE-2020-1470 [HIGH] CVE-2020-1470: An elevation of privilege vulnerability exists when the Windows Work Folders Service improperly hand
An elevation of privilege vulnerability exists when the Windows Work Folders Service improperly handles memory.
To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.
The security update addresses the vulnerability by correcting how the
nvd
CVE-2020-1492HIGHCVSS 7.8≥ 10.0.0, < publication2020-08-17
CVE-2020-1492 [HIGH] CWE-787 CVE-2020-1492: A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in
A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory. An attacker who successfully exploited the vulnerability could install programs; view, change, or delete data; or create new accounts with full user rights.
There are multiple ways an attacker could exploit the vulnerability, such as by convincin
nvd
CVE-2020-1531HIGHCVSS 7.8≥ 10.0.0, < publication2020-08-17
CVE-2020-1531 [HIGH] CVE-2020-1531: An elevation of privilege vulnerability exists when the Windows Accounts Control improperly handles
An elevation of privilege vulnerability exists when the Windows Accounts Control improperly handles memory.
To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.
The security update addresses the vulnerability by correcting how the Wind
nvd
CVE-2020-1477HIGHCVSS 7.8≥ 10.0.0, < publication2020-08-17
CVE-2020-1477 [HIGH] CWE-787 CVE-2020-1477: A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in
A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory. An attacker who successfully exploited the vulnerability could install programs; view, change, or delete data; or create new accounts with full user rights.
There are multiple ways an attacker could exploit the vulnerability, such as by convincin
nvd
CVE-2020-1475HIGHCVSS 7.8≥ 10.0.0, < publication2020-08-17
CVE-2020-1475 [HIGH] CVE-2020-1475: An elevation of privilege vulnerability exists in the way that the srmsvc.dll handles objects in mem
An elevation of privilege vulnerability exists in the way that the srmsvc.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.
To exploit the vulnerability, a locally authenticated attacker could run a specially crafted application.
The security update addresses the vulnerability b
nvd
CVE-2020-1554HIGHCVSS 7.8≥ 10.0.0, < publication2020-08-17
CVE-2020-1554 [HIGH] CWE-787 CVE-2020-1554: A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in
A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory. An attacker who successfully exploited the vulnerability could install programs; view, change, or delete data; or create new accounts with full user rights.
There are multiple ways an attacker could exploit the vulnerability, such as by convincin
nvd
CVE-2020-1549HIGHCVSS 7.8≥ 10.0.0, < publication2020-08-17
CVE-2020-1549 [HIGH] CVE-2020-1549: An elevation of privilege vulnerability exists when the Windows CDP User Components improperly handl
An elevation of privilege vulnerability exists when the Windows CDP User Components improperly handle memory.
To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.
The security update addresses the vulnerability by correcting how the W
nvd
CVE-2020-1513HIGHCVSS 7.8≥ 10.0.0, < publication2020-08-17
CVE-2020-1513 [HIGH] CVE-2020-1513: An elevation of privilege vulnerability exists when the Windows CSC Service improperly handles memor
An elevation of privilege vulnerability exists when the Windows CSC Service improperly handles memory.
To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.
The security update addresses the vulnerability by correcting how the Windows
nvd
CVE-2020-1478HIGHCVSS 7.8≥ 10.0.0, < publication2020-08-17
CVE-2020-1478 [HIGH] CWE-787 CVE-2020-1478: A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in
A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory. An attacker who successfully exploited the vulnerability could install programs; view, change, or delete data; or create new accounts with full user rights.
There are multiple ways an attacker could exploit the vulnerability, such as by convincin
nvd
CVE-2020-1522HIGHCVSS 7.8≥ 10.0.0, < publication2020-08-17
CVE-2020-1522 [HIGH] CVE-2020-1522: An elevation of privilege vulnerability exists when the Windows Speech Runtime improperly handles me
An elevation of privilege vulnerability exists when the Windows Speech Runtime improperly handles memory.
To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.
The security update addresses the vulnerability by correcting how the Windo
nvd
CVE-2020-1417HIGHCVSS 7.8≥ 10.0.0, < publication2020-08-17
CVE-2020-1417 [HIGH] CVE-2020-1417: An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle obje
An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
To exploit this vulnerability, a
nvd