Windows_server_2016 - Vulncode-DB

Note:

This project will be discontinued after December 13, 2021. [more]

Product:
Windows_server_2016
(Microsoft)

Repositories	Unknown: This might be proprietary software.
#Vulnerabilities	4228

Date	Id	Summary	Products	Score	Patch	Annotated
2025-07-08	CVE-2025-48815	Access of resource using incompatible type ('type confusion') in Windows SSDP Service allows an authorized attacker to elevate privileges locally.	Windows_10_1507, Windows_10_1607, Windows_10_1809, Windows_10_21h2, Windows_10_22h2, Windows_11_22h2, Windows_11_23h2, Windows_11_24h2, Windows_server_2008, Windows_server_2012, Windows_server_2016, Windows_server_2019, Windows_server_2022, Windows_server_2022_23h2, Windows_server_2025	7.8
2025-07-08	CVE-2025-48816	Integer overflow or wraparound in HID class driver allows an authorized attacker to elevate privileges locally.	Windows_10_1507, Windows_10_1607, Windows_10_1809, Windows_10_21h2, Windows_10_22h2, Windows_11_22h2, Windows_11_23h2, Windows_11_24h2, Windows_server_2008, Windows_server_2012, Windows_server_2016, Windows_server_2019, Windows_server_2022, Windows_server_2022_23h2, Windows_server_2025	7.8
2025-07-08	CVE-2025-48819	Sensitive data storage in improperly locked memory in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges over an adjacent network.	Windows_10_1507, Windows_10_1607, Windows_10_1809, Windows_10_21h2, Windows_10_22h2, Windows_11_22h2, Windows_11_23h2, Windows_11_24h2, Windows_server_2008, Windows_server_2012, Windows_server_2016, Windows_server_2019, Windows_server_2022, Windows_server_2022_23h2, Windows_server_2025	7.1
2025-07-08	CVE-2025-48818	Time-of-check time-of-use (toctou) race condition in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack.	Windows_10_1507, Windows_10_1607, Windows_10_1809, Windows_10_21h2, Windows_10_22h2, Windows_11_22h2, Windows_11_23h2, Windows_11_24h2, Windows_server_2016, Windows_server_2019, Windows_server_2022, Windows_server_2022_23h2, Windows_server_2025	6.8
2025-07-08	CVE-2025-48820	Improper link resolution before file access ('link following') in Windows AppX Deployment Service allows an authorized attacker to elevate privileges locally.	Windows_10_1507, Windows_10_1607, Windows_10_1809, Windows_10_21h2, Windows_10_22h2, Windows_11_22h2, Windows_11_23h2, Windows_11_24h2, Windows_server_2016, Windows_server_2019, Windows_server_2022, Windows_server_2022_23h2, Windows_server_2025	7.8
2025-07-08	CVE-2025-48821	Use after free in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges over an adjacent network.	Windows_10_1507, Windows_10_1607, Windows_10_1809, Windows_10_21h2, Windows_10_22h2, Windows_11_22h2, Windows_11_23h2, Windows_11_24h2, Windows_server_2008, Windows_server_2012, Windows_server_2016, Windows_server_2019, Windows_server_2022, Windows_server_2022_23h2, Windows_server_2025	7.1
2025-07-08	CVE-2025-48822	Out-of-bounds read in Windows Hyper-V allows an unauthorized attacker to execute code locally.	Windows_10_1607, Windows_10_1809, Windows_10_21h2, Windows_10_22h2, Windows_11_22h2, Windows_11_23h2, Windows_11_24h2, Windows_server_2016, Windows_server_2019, Windows_server_2022, Windows_server_2022_23h2, Windows_server_2025	8.6
2025-07-08	CVE-2025-48823	Cryptographic issues in Windows Cryptographic Services allows an unauthorized attacker to disclose information over a network.	Windows_10_1507, Windows_10_1607, Windows_10_1809, Windows_10_21h2, Windows_10_22h2, Windows_11_22h2, Windows_11_23h2, Windows_11_24h2, Windows_server_2016, Windows_server_2019, Windows_server_2022, Windows_server_2022_23h2, Windows_server_2025	N/A
2025-07-08	CVE-2025-48824	Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.	Windows_server_2008, Windows_server_2012, Windows_server_2016, Windows_server_2019, Windows_server_2022, Windows_server_2022_23h2, Windows_server_2025	8.8
2025-07-08	CVE-2025-49658	Out-of-bounds read in Windows TDX.sys allows an authorized attacker to disclose information locally.	Windows_10_1507, Windows_10_1607, Windows_10_1809, Windows_10_21h2, Windows_10_22h2, Windows_11_22h2, Windows_11_23h2, Windows_11_24h2, Windows_server_2008, Windows_server_2012, Windows_server_2016, Windows_server_2019, Windows_server_2022, Windows_server_2022_23h2, Windows_server_2025	5.5