Filtered by vendor Microsoft
Subscriptions
Filtered by product Windows Server 2019
Subscriptions
Total
3671 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-21558 | 1 Microsoft | 17 Windows 10, Windows 10 1507, Windows 10 1607 and 14 more | 2024-09-30 | 7.8 High |
| Windows Error Reporting Service Elevation of Privilege Vulnerability | ||||
| CVE-2023-21559 | 1 Microsoft | 13 Windows 10 1809, Windows 10 20h2, Windows 10 20h2 and 10 more | 2024-09-30 | 5.5 Medium |
| Windows Cryptographic Information Disclosure Vulnerability | ||||
| CVE-2023-21542 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 7 and 10 more | 2024-09-30 | 7 High |
| Windows Installer Elevation of Privilege Vulnerability | ||||
| CVE-2023-21550 | 1 Microsoft | 13 Windows 10 1809, Windows 10 20h2, Windows 10 20h2 and 10 more | 2024-09-30 | 5.5 Medium |
| Windows Cryptographic Information Disclosure Vulnerability | ||||
| CVE-2023-21535 | 1 Microsoft | 22 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 19 more | 2024-09-30 | 8.1 High |
| Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability | ||||
| CVE-2023-32034 | 1 Microsoft | 19 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 16 more | 2024-09-27 | 6.5 Medium |
| Remote Procedure Call Runtime Denial of Service Vulnerability | ||||
| CVE-2023-29326 | 1 Microsoft | 14 .net, .net Framework, Windows 10 1507 and 11 more | 2024-09-27 | 7.8 High |
| .NET Framework Remote Code Execution Vulnerability | ||||
| CVE-2023-24897 | 1 Microsoft | 19 .net, .net Framework, Powershell and 16 more | 2024-09-27 | 7.8 High |
| .NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability | ||||
| CVE-2023-32015 | 1 Microsoft | 19 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 16 more | 2024-09-27 | 9.8 Critical |
| Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability | ||||
| CVE-2023-20569 | 5 Amd, Debian, Fedoraproject and 2 more | 302 Epyc 72f3, Epyc 72f3 Firmware, Epyc 7313 and 299 more | 2024-09-23 | 4.7 Medium |
| A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. This may result in speculative execution at an attacker-controlled address, potentially leading to information disclosure. | ||||
| CVE-2019-1069 | 1 Microsoft | 12 Windows 10, Windows 10 1507, Windows 10 1607 and 9 more | 2024-09-20 | 7.8 High |
| An elevation of privilege vulnerability exists in the way the Task Scheduler Service validates certain file operations, aka 'Task Scheduler Elevation of Privilege Vulnerability'. | ||||
| CVE-2024-7553 | 2 Microsoft, Mongodb | 24 Windows 10 1507, Windows 10 1511, Windows 10 1607 and 21 more | 2024-09-19 | 7.3 High |
| Incorrect validation of files loaded from a local untrusted directory may allow local privilege escalation if the underlying operating systems is Windows. This may result in the application executing arbitrary behaviour determined by the contents of untrusted files. This issue affects MongoDB Server v5.0 versions prior to 5.0.27, MongoDB Server v6.0 versions prior to 6.0.16, MongoDB Server v7.0 versions prior to 7.0.12, MongoDB Server v7.3 versions prior 7.3.3, MongoDB C Driver versions prior to 1.26.2 and MongoDB PHP Driver versions prior to 1.18.1. Required Configuration: Only environments with Windows as the underlying operating system is affected by this issue | ||||
| CVE-2019-9510 | 1 Microsoft | 2 Windows 10, Windows Server 2019 | 2024-09-17 | 5.3 Medium |
| A vulnerability in Microsoft Windows 10 1803 and Windows Server 2019 and later systems can allow authenticated RDP-connected clients to gain access to user sessions without needing to interact with the Windows lock screen. Should a network anomaly trigger a temporary RDP disconnect, Automatic Reconnection of the RDP session will be restored to an unlocked state, regardless of how the remote system was left. By interrupting network connectivity of a system, an attacker with access to a system being used as a Windows RDP client can gain access to a connected remote system, regardless of whether or not the remote system was locked. This issue affects Microsoft Windows 10, version 1803 and later, and Microsoft Windows Server 2019, version 2019 and later. | ||||
| CVE-2020-15707 | 8 Canonical, Debian, Gnu and 5 more | 19 Ubuntu Linux, Debian Linux, Grub2 and 16 more | 2024-09-17 | 5.7 Medium |
| Integer overflows were discovered in the functions grub_cmd_initrd and grub_initrd_init in the efilinux component of GRUB2, as shipped in Debian, Red Hat, and Ubuntu (the functionality is not included in GRUB2 upstream), leading to a heap-based buffer overflow. These could be triggered by an extremely large number of arguments to the initrd command on 32-bit architectures, or a crafted filesystem with very large files on any architecture. An attacker could use this to execute arbitrary code and bypass UEFI Secure Boot restrictions. This issue affects GRUB2 version 2.04 and prior versions. | ||||
| CVE-2020-15705 | 7 Canonical, Debian, Gnu and 4 more | 18 Ubuntu Linux, Debian Linux, Grub2 and 15 more | 2024-09-17 | 6.4 Medium |
| GRUB2 fails to validate kernel signature when booted directly without shim, allowing secure boot to be bypassed. This only affects systems where the kernel signing certificate has been imported directly into the secure boot database and the GRUB image is booted directly without the use of shim. This issue affects GRUB2 version 2.04 and prior versions. | ||||
| CVE-2022-32230 | 1 Microsoft | 3 Windows 10, Windows 11, Windows Server 2019 | 2024-09-16 | 7.5 High |
| Microsoft Windows SMBv3 suffers from a null pointer dereference in versions of Windows prior to the April, 2022 patch set. By sending a malformed FileNormalizedNameInformation SMBv3 request over a named pipe, an attacker can cause a Blue Screen of Death (BSOD) crash of the Windows kernel. For most systems, this attack requires authentication, except in the special case of Windows Domain Controllers, where unauthenticated users can always open named pipes as long as they can establish an SMB session. Typically, after the BSOD, the victim SMBv3 server will reboot. | ||||
| CVE-2020-15706 | 7 Canonical, Debian, Gnu and 4 more | 18 Ubuntu Linux, Debian Linux, Grub2 and 15 more | 2024-09-16 | 6.4 Medium |
| GRUB2 contains a race condition in grub_script_function_create() leading to a use-after-free vulnerability which can be triggered by redefining a function whilst the same function is already executing, leading to arbitrary code execution and secure boot restriction bypass. This issue affects GRUB2 version 2.04 and prior versions. | ||||
| CVE-2023-32037 | 1 Microsoft | 11 Windows 10 1809, Windows 10 21h2, Windows 10 21h2 and 8 more | 2024-09-13 | 6.5 Medium |
| Windows Layer-2 Bridge Network Driver Information Disclosure Vulnerability | ||||
| CVE-2023-35322 | 1 Microsoft | 8 Windows Server 2008, Windows Server 2008 R2, Windows Server 2008 Sp2 and 5 more | 2024-09-13 | 8.8 High |
| Windows Deployment Services Remote Code Execution Vulnerability | ||||
| CVE-2023-35346 | 1 Microsoft | 8 Windows Server 2008, Windows Server 2008 R2, Windows Server 2008 Sp2 and 5 more | 2024-09-13 | 6.6 Medium |
| Windows DNS Server Remote Code Execution Vulnerability | ||||