Msrc Windows Server Version 20H2 vulnerabilities

473 known vulnerabilities affecting msrc/windows_server_version_20h2.

Total CVEs
473
CISA KEV
17
actively exploited
Public exploits
8
Exploited in wild
19
Severity breakdown
CRITICAL18HIGH323MEDIUM130LOW2

Vulnerabilities

Page 9 of 24
CVE-2022-21882HIGHCVSS 7.0KEVPoC2022-01-11
CVE-2022-21882 [HIGH] Win32k Elevation of Privilege Vulnerability Win32k Elevation of Privilege Vulnerability FAQ: What privileges could be gained by an attacker who successfully exploited the vulnerability? A local, authenticated attacker could gain elevated local system or administrator privileges through a vulnerability in the Win32k.sys driver. Windows Win32K: Windows Win32K Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploit Status: Publicly Discl
msrc
CVE-2022-21869HIGHCVSS 7.02022-01-11
CVE-2022-21869 [HIGH] Clipboard User Service Elevation of Privilege Vulnerability Clipboard User Service Elevation of Privilege Vulnerability Windows Clipboard User Service: Windows Clipboard User Service Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely Reference: https://catalog.update.microsoft.com/v7/site/Sea
msrc
CVE-2022-21902HIGHCVSS 7.82022-01-11
CVE-2022-21902 [HIGH] Windows DWM Core Library Elevation of Privilege Vulnerability Windows DWM Core Library Elevation of Privilege Vulnerability Windows DWM Core Library: Windows DWM Core Library Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx
msrc
CVE-2022-21872HIGHCVSS 7.02022-01-11
CVE-2022-21872 [HIGH] Windows Event Tracing Elevation of Privilege Vulnerability Windows Event Tracing Elevation of Privilege Vulnerability Windows Event Tracing: Windows Event Tracing Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009557
msrc
CVE-2022-21898HIGHCVSS 7.8Exploited2022-01-11
CVE-2022-21898 [HIGH] DirectX Graphics Kernel Remote Code Execution Vulnerability DirectX Graphics Kernel Remote Code Execution Vulnerability Windows DirectX: Windows DirectX Microsoft: Microsoft Customer Action Required: Yes Impact: Remote Code Execution Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009557 Reference
msrc
CVE-2022-21867HIGHCVSS 7.02022-01-11
CVE-2022-21867 [HIGH] Windows Push Notifications Apps Elevation of Privilege Vulnerability Windows Push Notifications Apps Elevation of Privilege Vulnerability Windows Push Notifications: Windows Push Notifications Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely Reference: https://catalog.update.microsoft.com/v
msrc
CVE-2022-21895HIGHCVSS 7.82022-01-11
CVE-2022-21895 [HIGH] Windows User Profile Service Elevation of Privilege Vulnerability Windows User Profile Service Elevation of Privilege Vulnerability Windows User Profile Service: Windows User Profile Service Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely Reference: https://catalog.update.microsoft.com/v7/
msrc
CVE-2022-21868HIGHCVSS 7.02022-01-11
CVE-2022-21868 [HIGH] Windows Devices Human Interface Elevation of Privilege Vulnerability Windows Devices Human Interface Elevation of Privilege Vulnerability Windows Devices Human Interface: Windows Devices Human Interface Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely Reference: https://catalog.update.micro
msrc
CVE-2022-21875HIGHCVSS 7.02022-01-11
CVE-2022-21875 [HIGH] Windows Storage Elevation of Privilege Vulnerability Windows Storage Elevation of Privilege Vulnerability Windows Storage: Windows Storage Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009557 Reference: https://sup
msrc
CVE-2022-21896HIGHCVSS 7.02022-01-11
CVE-2022-21896 [HIGH] Windows DWM Core Library Elevation of Privilege Vulnerability Windows DWM Core Library Elevation of Privilege Vulnerability Windows DWM Core Library: Windows DWM Core Library Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx
msrc
CVE-2022-21874HIGHCVSS 7.8Exploited2022-01-11
CVE-2022-21874 [HIGH] Windows Security Center API Remote Code Execution Vulnerability Windows Security Center API Remote Code Execution Vulnerability Windows Security Center: Windows Security Center Microsoft: Microsoft Customer Action Required: Yes Impact: Remote Code Execution Exploit Status: Publicly Disclosed:Yes;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely Reference: https://catalog.update.microsoft.com/v7/site/Search.as
msrc
CVE-2022-21888HIGHCVSS 7.82022-01-11
CVE-2022-21888 [HIGH] Windows Modern Execution Server Remote Code Execution Vulnerability Windows Modern Execution Server Remote Code Execution Vulnerability Windows Modern Execution Server: Windows Modern Execution Server Microsoft: Microsoft Customer Action Required: Yes Impact: Remote Code Execution Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely Reference: https://catalog.update.microsof
msrc
CVE-2022-21912HIGHCVSS 7.82022-01-11
CVE-2022-21912 [HIGH] DirectX Graphics Kernel Remote Code Execution Vulnerability DirectX Graphics Kernel Remote Code Execution Vulnerability FAQ: How could an attacker exploit this vulnerability? An authenticated attacker could take advantage of a vulnerability in dxgkrnl.sys to execute an arbitrary pointer dereference in kernel mode. FAQ: According to the CVSS metric, privileges required is low (PR:L). What does that mean for this vulnerability? Any authenticated user could trigger this vuln
msrc
CVE-2022-21878HIGHCVSS 7.82022-01-11
CVE-2022-21878 [HIGH] Windows Geolocation Service Remote Code Execution Vulnerability Windows Geolocation Service Remote Code Execution Vulnerability Windows Geolocation Service: Windows Geolocation Service Microsoft: Microsoft Customer Action Required: Yes Impact: Remote Code Execution Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely Reference: https://catalog.update.microsoft.com/v7/site/Se
msrc
CVE-2022-21873HIGHCVSS 7.02022-01-11
CVE-2022-21873 [HIGH] Tile Data Repository Elevation of Privilege Vulnerability Tile Data Repository Elevation of Privilege Vulnerability Windows Tile Data Repository: Windows Tile Data Repository Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx
msrc
CVE-2022-21865HIGHCVSS 7.02022-01-11
CVE-2022-21865 [HIGH] Connected Devices Platform Service Elevation of Privilege Vulnerability Connected Devices Platform Service Elevation of Privilege Vulnerability Windows Connected Devices Platform Service: Windows Connected Devices Platform Service Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely Reference:
msrc
CVE-2022-21863HIGHCVSS 7.02022-01-11
CVE-2022-21863 [HIGH] Windows StateRepository API Server file Elevation of Privilege Vulnerability Windows StateRepository API Server file Elevation of Privilege Vulnerability Windows StateRepository API: Windows StateRepository API Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely Reference: https://catalog.upda
msrc
CVE-2022-21852HIGHCVSS 7.82022-01-11
CVE-2022-21852 [HIGH] Windows DWM Core Library Elevation of Privilege Vulnerability Windows DWM Core Library Elevation of Privilege Vulnerability Windows DWM Core Library: Windows DWM Core Library Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx
msrc
CVE-2022-21858HIGHCVSS 7.82022-01-11
CVE-2022-21858 [HIGH] Windows Bind Filter Driver Elevation of Privilege Vulnerability Windows Bind Filter Driver Elevation of Privilege Vulnerability Windows Bind Filter Driver: Windows Bind Filter Driver Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely Reference: https://catalog.update.microsoft.com/v7/site/Sea
msrc
CVE-2022-21910HIGHCVSS 7.82022-01-11
CVE-2022-21910 [HIGH] Microsoft Cluster Port Driver Elevation of Privilege Vulnerability Microsoft Cluster Port Driver Elevation of Privilege Vulnerability Windows Cluster Port Driver: Windows Cluster Port Driver Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely Reference: https://catalog.update.microsoft.com/v7/
msrc
← Previous9 / 24Next →