Filtered by vendor Microsoft
Subscriptions
Filtered by product Windows Server 2012
Subscriptions
Total
4008 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2015-0015 | 1 Microsoft | 3 Windows Server 2003, Windows Server 2008, Windows Server 2012 | 2025-04-12 | N/A |
| Microsoft Windows Server 2003 SP2, Server 2008 SP2 and R2 SP1, and Server 2012 Gold and R2 allow remote attackers to cause a denial of service (system hang and RADIUS outage) via crafted username strings to (1) Internet Authentication Service (IAS) or (2) Network Policy Server (NPS), aka "Network Policy Server RADIUS Implementation Denial of Service Vulnerability." | ||||
| CVE-2015-0081 | 1 Microsoft | 9 Windows 7, Windows 8, Windows 8.1 and 6 more | 2025-04-12 | N/A |
| Windows Text Services (WTS) in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code via a crafted (1) web site or (2) file, aka "WTS Remote Code Execution Vulnerability." | ||||
| CVE-2015-0003 | 1 Microsoft | 9 Windows 7, Windows 8, Windows 8.1 and 6 more | 2025-04-12 | N/A |
| win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges or cause a denial of service (NULL pointer dereference) via a crafted application, aka "Win32k Elevation of Privilege Vulnerability." | ||||
| CVE-2015-0004 | 1 Microsoft | 9 Windows 7, Windows 8, Windows 8.1 and 6 more | 2025-04-12 | N/A |
| The User Profile Service (aka ProfSvc) in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges by conducting a junction attack to load another user's UsrClass.dat registry hive, aka MSRC ID 20674 or "Microsoft User Profile Service Elevation of Privilege Vulnerability." | ||||
| CVE-2015-0011 | 1 Microsoft | 8 Windows 7, Windows 8, Windows 8.1 and 5 more | 2025-04-12 | N/A |
| mrxdav.sys (aka the WebDAV driver) in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to bypass an impersonation protection mechanism, and obtain privileges for redirection of WebDAV requests, via a crafted application, aka "WebDAV Elevation of Privilege Vulnerability." | ||||
| CVE-2015-0084 | 1 Microsoft | 7 Windows 7, Windows 8, Windows 8.1 and 4 more | 2025-04-12 | N/A |
| The Task Scheduler in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly constrain impersonation levels, which allows local users to bypass intended restrictions on launching executable files via a crafted task, aka "Task Scheduler Security Feature Bypass Vulnerability." | ||||
| CVE-2015-2524 | 1 Microsoft | 6 Windows 10, Windows 8, Windows 8.1 and 3 more | 2025-04-12 | N/A |
| Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 do not properly constrain impersonation levels, which allows local users to gain privileges via a crafted application, aka "Windows Task Management Elevation of Privilege Vulnerability," a different vulnerability than CVE-2015-2528. | ||||
| CVE-2015-2364 | 1 Microsoft | 9 Windows 2003 Server, Windows 7, Windows 8 and 6 more | 2025-04-12 | N/A |
| The graphics component in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a crafted application that leverages an incorrect bitmap conversion, aka "Graphics Component EOP Vulnerability." | ||||
| CVE-2015-2435 | 1 Microsoft | 15 .net Framework, Live Meeting, Lync and 12 more | 2025-04-12 | N/A |
| Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, Windows 10, Office 2007 SP3 and 2010 SP2, Live Meeting 2007 Console, Lync 2010, Lync 2010 Attendee, Lync 2013 SP1, Lync Basic 2013 SP1, and Silverlight before 5.1.40728 allow remote attackers to execute arbitrary code via a crafted TrueType font, aka "TrueType Font Parsing Vulnerability." | ||||
| CVE-2015-0087 | 1 Microsoft | 9 Windows 7, Windows 8, Windows 8.1 and 6 more | 2025-04-12 | N/A |
| Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to obtain sensitive information from kernel memory, and possibly bypass the KASLR protection mechanism, via a crafted font, aka "Adobe Font Driver Information Disclosure Vulnerability," a different vulnerability than CVE-2015-0089. | ||||
| CVE-2014-6317 | 1 Microsoft | 9 Windows 7, Windows 8, Windows 8.1 and 6 more | 2025-04-12 | N/A |
| Array index error in win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to cause a denial of service (reboot) via a crafted TrueType font, aka "Denial of Service in Windows Kernel Mode Driver Vulnerability." | ||||
| CVE-2014-0255 | 1 Microsoft | 2 Windows Server 2008, Windows Server 2012 | 2025-04-12 | N/A |
| Microsoft Windows Server 2008 SP2 and R2 SP1 and Server 2012 Gold and R2 allow remote attackers to cause a denial of service (iSCSI service outage) by sending many crafted packets, aka "iSCSI Target Remote Denial of Service Vulnerability." | ||||
| CVE-2016-0046 | 1 Microsoft | 3 Windows 10, Windows 8.1, Windows Server 2012 | 2025-04-12 | N/A |
| Windows Reader in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, and Windows 10 allows remote attackers to execute arbitrary code via a crafted Reader file, aka "Microsoft Windows Reader Vulnerability." | ||||
| CVE-2014-4118 | 1 Microsoft | 9 Windows 7, Windows 8, Windows 8.1 and 6 more | 2025-04-12 | N/A |
| XML Core Services (aka MSXML) 3.0 in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code or cause a denial of service (system-state corruption) via crafted XML content, aka "MSXML Remote Code Execution Vulnerability." | ||||
| CVE-2016-0153 | 1 Microsoft | 6 Windows 7, Windows 8.1, Windows Rt 8.1 and 3 more | 2025-04-12 | N/A |
| OLE in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT 8.1 allows remote attackers to execute arbitrary code via a crafted file, aka "Windows OLE Remote Code Execution Vulnerability." | ||||
| CVE-2014-0315 | 1 Microsoft | 10 Windows 7, Windows 8, Windows 8.1 and 7 more | 2025-04-12 | N/A |
| Untrusted search path vulnerability in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a Trojan horse cmd.exe file in the current working directory, as demonstrated by a directory that contains a .bat or .cmd file, aka "Windows File Handling Vulnerability." | ||||
| CVE-2014-0323 | 1 Microsoft | 10 Windows 7, Windows 8, Windows 8.1 and 7 more | 2025-04-12 | N/A |
| win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to obtain sensitive information from kernel memory or cause a denial of service (system hang) via a crafted application, aka "Win32k Information Disclosure Vulnerability." | ||||
| CVE-2016-7184 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2025-04-12 | N/A |
| The Common Log File System (CLFS) driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows local users to gain privileges via a crafted application, aka "Windows Common Log File System Driver Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-0026, CVE-2016-3332, CVE-2016-3333, CVE-2016-3334, CVE-2016-3335, CVE-2016-3338, CVE-2016-3340, CVE-2016-3342, and CVE-2016-3343. | ||||
| CVE-2016-3368 | 1 Microsoft | 7 Windows 10, Windows 7, Windows 8.1 and 4 more | 2025-04-12 | N/A |
| Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 allow remote authenticated users to execute arbitrary code by leveraging a domain account to make a crafted request, aka "Windows Remote Code Execution Vulnerability." | ||||
| CVE-2014-0317 | 1 Microsoft | 5 Windows Server 2003, Windows Server 2008, Windows Server 2012 and 2 more | 2025-04-12 | N/A |
| The Security Account Manager Remote (SAMR) protocol implementation in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows Server 2012 Gold and R2 does not properly determine the user-lockout state, which makes it easier for remote attackers to bypass the account lockout policy and obtain access via a brute-force attack, aka "SAMR Security Feature Bypass Vulnerability." | ||||