Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Windows_server_2022
(Microsoft)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 1875 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2025-05-13 | CVE-2025-30400 | Use after free in Windows DWM allows an authorized attacker to elevate privileges locally. | Windows_10_1809, Windows_10_21h2, Windows_10_22h2, Windows_11_22h2, Windows_11_23h2, Windows_11_24h2, Windows_server_2019, Windows_server_2022, Windows_server_2022_23h2, Windows_server_2025 | 7.8 | ||
| 2025-05-13 | CVE-2025-32709 | Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. | Windows_10_1507, Windows_10_1607, Windows_10_1809, Windows_10_21h2, Windows_10_22h2, Windows_11_22h2, Windows_11_23h2, Windows_11_24h2, Windows_server_2012, Windows_server_2016, Windows_server_2019, Windows_server_2022, Windows_server_2022_23h2, Windows_server_2025 | N/A | ||
| 2025-05-13 | CVE-2025-32701 | Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally. | Windows_10_1507, Windows_10_1607, Windows_10_1809, Windows_10_21h2, Windows_10_22h2, Windows_11_22h2, Windows_11_23h2, Windows_11_24h2, Windows_server_2008, Windows_server_2012, Windows_server_2016, Windows_server_2019, Windows_server_2022, Windows_server_2022_23h2, Windows_server_2025 | 7.8 | ||
| 2025-05-13 | CVE-2025-32706 | Improper input validation in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally. | Windows_10_1507, Windows_10_1607, Windows_10_1809, Windows_10_21h2, Windows_10_22h2, Windows_11_22h2, Windows_11_23h2, Windows_11_24h2, Windows_server_2008, Windows_server_2012, Windows_server_2016, Windows_server_2019, Windows_server_2022, Windows_server_2022_23h2, Windows_server_2025 | 7.8 | ||
| 2024-02-14 | CVE-2023-50387 | Certain DNSSEC aspects of the DNS protocol (in RFC 4033, 4034, 4035, 6840, and related RFCs) allow remote attackers to cause a denial of service (CPU consumption) via one or more DNSSEC responses, aka the "KeyTrap" issue. One of the concerns is that, when there is a zone with many DNSKEY and RRSIG records, the protocol specification implies that an algorithm must evaluate all combinations of DNSKEY and RRSIG records. | Fedora, Bind, Windows_server_2008, Windows_server_2012, Windows_server_2016, Windows_server_2019, Windows_server_2022, Windows_server_2022_23h2, Knot_resolver, Unbound, Recursor, Enterprise_linux, Dnsmasq | 7.5 | ||
| 2024-08-13 | CVE-2024-38193 | Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability | Windows_10_1507, Windows_10_1607, Windows_10_1809, Windows_10_21h2, Windows_10_22h2, Windows_11_21h2, Windows_11_22h2, Windows_11_23h2, Windows_11_24h2, Windows_server_2008, Windows_server_2012, Windows_server_2016, Windows_server_2019, Windows_server_2022, Windows_server_2022_23h2 | N/A | ||
| 2024-02-13 | CVE-2024-21338 | Windows Kernel Elevation of Privilege Vulnerability | Windows_10_1809, Windows_10_21h2, Windows_10_22h2, Windows_11_21h2, Windows_11_22h2, Windows_11_23h2, Windows_server_2019, Windows_server_2022, Windows_server_2022_23h2 | N/A | ||
| 2024-12-12 | CVE-2024-49138 | Windows Common Log File System Driver Elevation of Privilege Vulnerability | Windows_10_1507, Windows_10_1607, Windows_10_1809, Windows_10_21h2, Windows_10_22h2, Windows_11_22h2, Windows_11_23h2, Windows_11_24h2, Windows_server_2008, Windows_server_2012, Windows_server_2016, Windows_server_2019, Windows_server_2022, Windows_server_2022_23h2, Windows_server_2025 | N/A | ||
| 2023-02-14 | CVE-2023-23376 | Windows Common Log File System Driver Elevation of Privilege Vulnerability | Windows_10_1507, Windows_10_1607, Windows_10_1809, Windows_10_20h2, Windows_10_21h2, Windows_10_22h2, Windows_11_21h2, Windows_11_22h2, Windows_server_2008, Windows_server_2012, Windows_server_2016, Windows_server_2019, Windows_server_2022 | 7.8 | ||
| 2021-07-02 | CVE-2021-34527 | <p>A remote code execution vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations. An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.</p> <p>UPDATE July 7, 2021: The security update for Windows Server 2012, Windows Server 2016 and Windows 10, Version 1607 have been... | Windows_10_1507, Windows_10_1607, Windows_10_1809, Windows_10_20h2, Windows_10_21h2, Windows_10_22h2, Windows_11_21h2, Windows_11_22h2, Windows_7, Windows_8\.1, Windows_rt_8\.1, Windows_server_2008, Windows_server_2012, Windows_server_2016, Windows_server_2019, Windows_server_2022, Windows_server_20h2 | N/A |