CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Microsoft » Windows Server 2019 : Security Vulnerabilities (CVSS score between 2 and 2.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
51 CVE-2021-26884 200 +Info 2021-03-11 2021-03-13
2.1
None Local Low Not required Partial None None
Windows Media Photo Codec Information Disclosure Vulnerability
52 CVE-2021-26417 200 +Info 2021-04-13 2021-04-15
2.1
None Local Low Not required Partial None None
Windows Overlay Filter Information Disclosure Vulnerability
53 CVE-2021-26413 2021-04-13 2021-04-20
2.1
None Local Low Not required None Partial None
Windows Installer Spoofing Vulnerability
54 CVE-2021-24107 2021-03-11 2021-03-17
2.1
None Local Low Not required Partial None None
Windows Event Tracing Information Disclosure Vulnerability
55 CVE-2021-24106 200 +Info 2021-02-25 2021-03-03
2.1
None Local Low Not required Partial None None
Windows DirectX Information Disclosure Vulnerability
56 CVE-2021-24098 DoS 2021-02-25 2021-03-03
2.1
None Local Low Not required None None Partial
Windows Console Driver Denial of Service Vulnerability
57 CVE-2021-24079 200 +Info 2021-02-25 2021-03-04
2.1
None Local Low Not required Partial None None
Windows Backup Engine Information Disclosure Vulnerability
58 CVE-2021-24076 200 +Info 2021-02-25 2021-03-04
2.1
None Local Low Not required Partial None None
Microsoft Windows VMSwitch Information Disclosure Vulnerability
59 CVE-2021-1731 Bypass 2021-02-25 2021-03-03
2.1
None Local Low Not required Partial None None
PFX Encryption Security Feature Bypass Vulnerability
60 CVE-2021-1699 2021-01-12 2021-01-20
2.1
None Local Low Not required Partial None None
Windows (modem.sys) Information Disclosure Vulnerability
61 CVE-2021-1684 Bypass 2021-01-12 2021-01-20
2.1
None Local Low Not required Partial None None
Windows Bluetooth Security Feature Bypass Vulnerability This CVE ID is unique from CVE-2021-1638, CVE-2021-1683.
62 CVE-2021-1683 Bypass 2021-01-12 2021-01-20
2.1
None Local Low Not required Partial None None
Windows Bluetooth Security Feature Bypass Vulnerability This CVE ID is unique from CVE-2021-1638, CVE-2021-1684.
63 CVE-2021-1676 2021-01-12 2021-01-20
2.1
None Local Low Not required Partial None None
Windows NT Lan Manager Datagram Receiver Driver Information Disclosure Vulnerability
64 CVE-2021-1672 2021-01-12 2021-01-20
2.1
None Local Low Not required Partial None None
Windows Projected File System FS Filter Driver Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-1663, CVE-2021-1670.
65 CVE-2021-1656 2021-01-12 2021-01-19
2.1
None Local Low Not required Partial None None
TPM Device Driver Information Disclosure Vulnerability
66 CVE-2021-1638 863 Bypass 2021-01-12 2021-01-14
2.1
None Local Low Not required Partial None None
Windows Bluetooth Security Feature Bypass Vulnerability This CVE ID is unique from CVE-2021-1683, CVE-2021-1684.
67 CVE-2020-24588 306 2021-05-11 2021-10-28
2.9
None Local Network Medium Not required None Partial None
The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that the A-MSDU flag in the plaintext QoS header field is authenticated. Against devices that support receiving non-SSP A-MSDU frames (which is mandatory as part of 802.11n), an adversary can abuse this to inject arbitrary network packets.
68 CVE-2020-17098 2020-12-10 2021-03-03
2.1
None Local Low Not required Partial None None
Windows GDI+ Information Disclosure Vulnerability
69 CVE-2020-17094 2020-12-10 2021-03-03
2.1
None Local Low Not required Partial None None
Windows Error Reporting Information Disclosure Vulnerability This CVE ID is unique from CVE-2020-17138.
70 CVE-2020-17071 2020-11-11 2020-11-16
2.1
None Local Low Not required Partial None None
Windows Delivery Optimization Information Disclosure Vulnerability
71 CVE-2020-17069 2020-11-11 2020-11-16
2.1
None Local Low Not required Partial None None
Windows NDIS Information Disclosure Vulnerability
72 CVE-2020-17056 2020-11-11 2020-11-18
2.1
None Local Low Not required Partial None None
Windows Network File System Information Disclosure Vulnerability
73 CVE-2020-17013 2020-11-11 2020-11-18
2.1
None Local Low Not required Partial None None
Win32k Information Disclosure Vulnerability
74 CVE-2020-17004 2020-11-11 2020-11-18
2.1
None Local Low Not required Partial None None
Windows Graphics Component Information Disclosure Vulnerability
75 CVE-2020-17000 2020-11-11 2020-11-18
2.1
None Local Low Not required Partial None None
Remote Desktop Protocol Client Information Disclosure Vulnerability
76 CVE-2020-16922 347 2020-10-16 2020-10-20
2.1
None Local Low Not required None Partial None
A spoofing vulnerability exists when Windows incorrectly validates file signatures, aka 'Windows Spoofing Vulnerability'.
77 CVE-2020-16921 119 Overflow 2020-10-16 2021-07-21
2.1
None Local Low Not required Partial None None
An information disclosure vulnerability exists in Text Services Framework when it fails to properly handle objects in memory, aka 'Windows Text Services Framework Information Disclosure Vulnerability'.
78 CVE-2020-16919 200 +Info 2020-10-16 2021-07-21
2.1
None Local Low Not required Partial None None
An information disclosure vulnerability exists when the Windows Enterprise App Management Service improperly handles certain file operations, aka 'Windows Enterprise App Management Service Information Disclosure Vulnerability'.
79 CVE-2020-16914 200 +Info 2020-10-16 2021-07-21
2.1
None Local Low Not required Partial None None
An information disclosure vulnerability exists in the way that the Windows Graphics Device Interface Plus (GDI+) handles objects in memory, allowing an attacker to retrieve information from a targeted system, aka 'Windows GDI+ Information Disclosure Vulnerability'.
80 CVE-2020-16897 2020-10-16 2020-10-22
2.1
None Local Low Not required Partial None None
An information disclosure vulnerability exists when NetBIOS over TCP (NBT) Extensions (NetBT) improperly handle objects in memory, aka 'NetBT Information Disclosure Vulnerability'.
81 CVE-2020-16889 200 +Info 2020-10-16 2021-07-21
2.1
None Local Low Not required Partial None None
An information disclosure vulnerability exists when the Windows KernelStream improperly handles objects in memory, aka 'Windows KernelStream Information Disclosure Vulnerability'.
82 CVE-2020-16879 20 2020-09-11 2021-07-21
2.1
None Local Low Not required Partial None None
An information disclosure vulnerability exists when a Windows Projected Filesystem improperly handles file redirections, aka 'Projected Filesystem Information Disclosure Vulnerability'.
83 CVE-2020-16854 2020-09-11 2020-09-16
2.1
None Local Low Not required Partial None None
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-0928, CVE-2020-1033, CVE-2020-1589, CVE-2020-1592.
84 CVE-2020-1599 2020-11-11 2020-11-24
2.1
None Local Low Not required None Partial None
Windows Spoofing Vulnerability
85 CVE-2020-1596 327 2020-09-11 2020-09-21
2.9
None Local Network Medium Not required Partial None None
A information disclosure vulnerability exists when TLS components use weak hash algorithms, aka 'TLS Information Disclosure Vulnerability'.
86 CVE-2020-1592 665 2020-09-11 2020-09-17
2.1
None Local Low Not required Partial None None
An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory.To exploit this vulnerability, an authenticated attacker could run a specially crafted application, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-0928, CVE-2020-1033, CVE-2020-1589, CVE-2020-16854.
87 CVE-2020-1589 200 +Info 2020-09-11 2021-07-21
2.1
None Local Low Not required Partial None None
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-0928, CVE-2020-1033, CVE-2020-1592, CVE-2020-16854.
88 CVE-2020-1548 200 +Info 2020-08-17 2021-07-21
2.1
None Local Low Not required Partial None None
An information disclosure vulnerability exists when the Windows WaasMedic Service improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows WaasMedic Service Information Disclosure Vulnerability'.
89 CVE-2020-1485 200 +Info 2020-08-17 2021-07-21
2.1
None Local Low Not required Partial None None
An information disclosure vulnerability exists when the Windows Image Acquisition (WIA) Service improperly discloses contents of its memory, aka 'Windows Image Acquisition Service Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-1474.
90 CVE-2020-1474 200 +Info 2020-08-17 2021-07-21
2.1
None Local Low Not required Partial None None
An information disclosure vulnerability exists when the Windows Image Acquisition (WIA) Service improperly discloses contents of its memory, aka 'Windows Image Acquisition Service Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-1485.
91 CVE-2020-1464 347 2020-08-17 2020-08-21
2.1
None Local Low Not required None Partial None
A spoofing vulnerability exists when Windows incorrectly validates file signatures, aka 'Windows Spoofing Vulnerability'.
92 CVE-2020-1426 200 +Info 2020-07-14 2021-07-21
2.1
None Local Low Not required Partial None None
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-1367, CVE-2020-1389, CVE-2020-1419.
93 CVE-2020-1420 200 +Info 2020-07-14 2021-07-21
2.1
None Local Low Not required Partial None None
An information disclosure vulnerability exists when Windows Error Reporting improperly handles file operations.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows Error Reporting Information Disclosure Vulnerability'.
94 CVE-2020-1419 119 Overflow 2020-07-14 2021-07-21
2.1
None Local Low Not required Partial None None
An information disclosure vulnerability exists when the Windows kernel fails to properly initialize a memory address, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-1367, CVE-2020-1389, CVE-2020-1426.
95 CVE-2020-1389 200 +Info 2020-07-14 2021-07-21
2.1
None Local Low Not required Partial None None
An information disclosure vulnerability exists when the Windows kernel fails to properly initialize a memory address, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-1367, CVE-2020-1419, CVE-2020-1426.
96 CVE-2020-1386 200 +Info 2020-07-14 2021-07-21
2.1
None Local Low Not required Partial None None
An information vulnerability exists when Windows Connected User Experiences and Telemetry Service improperly discloses file information, aka 'Connected User Experiences and Telemetry Service Information Disclosure Vulnerability'.
97 CVE-2020-1383 200 +Info 2020-08-17 2021-07-21
2.1
None Local Low Not required Partial None None
An information disclosure vulnerability exists in RPC if the server has Routing and Remote Access enabled, aka 'Windows RRAS Service Information Disclosure Vulnerability'.
98 CVE-2020-1367 200 +Info 2020-07-14 2021-07-21
2.1
None Local Low Not required Partial None None
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-1389, CVE-2020-1419, CVE-2020-1426.
99 CVE-2020-1361 200 Exec Code +Info 2020-07-14 2021-07-21
2.1
None Local Low Not required Partial None None
An information disclosure vulnerability exists in the way that the WalletService handles memory.To exploit the vulnerability, an attacker would first need code execution on a victim system, aka 'Windows WalletService Information Disclosure Vulnerability'.
100 CVE-2020-1358 200 +Info 2020-07-14 2021-07-21
2.1
None Local Low Not required Partial None None
An information disclosure vulnerability exists when the Windows Resource Policy component improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows Resource Policy Information Disclosure Vulnerability'.
Total number of vulnerabilities : 225   Page : 1 2 (This Page)3 4 5
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.