Microsoft Windows Server 2016
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Microsoft Windows Server 2016.
By the Year
In 2025 there have been 111 vulnerabilities in Microsoft Windows Server 2016 with an average score of 7.1 out of ten. Last year, in 2024 Windows Server 2016 had 493 security vulnerabilities published. If vulnerabilities keep coming in at the current rate, it appears that number of security vulnerabilities in Windows Server 2016 in 2025 could surpass last years number. Last year, the average CVE base score was greater by 0.41
Year | Vulnerabilities | Average Score |
---|---|---|
2025 | 111 | 7.12 |
2024 | 493 | 7.52 |
2023 | 505 | 7.52 |
2022 | 515 | 7.42 |
2021 | 505 | 7.38 |
2020 | 791 | 7.38 |
2019 | 443 | 7.32 |
2018 | 244 | 6.57 |
It may take a day or so for new Windows Server 2016 vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Microsoft Windows Server 2016 Security Vulnerabilities
Windows Storage Elevation of Privilege Vulnerability
CVE-2025-21391
7.1 - High
- February 11, 2025
Windows Storage Elevation of Privilege Vulnerability
insecure temporary file
Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
CVE-2025-21418
7.8 - High
- February 11, 2025
Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
Heap-based Buffer Overflow
Windows Telephony Service Remote Code Execution Vulnerability
CVE-2025-21417
8.8 - High
- January 14, 2025
Windows Telephony Service Remote Code Execution Vulnerability
Heap-based Buffer Overflow
Windows Telephony Service Remote Code Execution Vulnerability
CVE-2025-21413
8.8 - High
- January 14, 2025
Windows Telephony Service Remote Code Execution Vulnerability
Heap-based Buffer Overflow
Windows Telephony Service Remote Code Execution Vulnerability
CVE-2025-21411
8.8 - High
- January 14, 2025
Windows Telephony Service Remote Code Execution Vulnerability
Heap-based Buffer Overflow
Windows Telephony Service Remote Code Execution Vulnerability
CVE-2025-21409
8.8 - High
- January 14, 2025
Windows Telephony Service Remote Code Execution Vulnerability
Heap-based Buffer Overflow
Windows upnphost.dll Denial of Service Vulnerability
CVE-2025-21389
7.5 - High
- January 14, 2025
Windows upnphost.dll Denial of Service Vulnerability
Resource Exhaustion
Windows CSC Service Elevation of Privilege Vulnerability
CVE-2025-21378
7.8 - High
- January 14, 2025
Windows CSC Service Elevation of Privilege Vulnerability
Heap-based Buffer Overflow
Windows CSC Service Information Disclosure Vulnerability
CVE-2025-21374
5.5 - Medium
- January 14, 2025
Windows CSC Service Information Disclosure Vulnerability
Out-of-bounds Read
Windows Telephony Service Remote Code Execution Vulnerability
CVE-2025-21286
8.8 - High
- January 14, 2025
Windows Telephony Service Remote Code Execution Vulnerability
Heap-based Buffer Overflow
Windows Digital Media Elevation of Privilege Vulnerability
CVE-2025-21260
6.6 - Medium
- January 14, 2025
Windows Digital Media Elevation of Privilege Vulnerability
Out-of-bounds Read
Windows Digital Media Elevation of Privilege Vulnerability
CVE-2025-21261
6.6 - Medium
- January 14, 2025
Windows Digital Media Elevation of Privilege Vulnerability
Out-of-bounds Read
Windows Digital Media Elevation of Privilege Vulnerability
CVE-2025-21263
6.6 - Medium
- January 14, 2025
Windows Digital Media Elevation of Privilege Vulnerability
Out-of-bounds Read
Windows Digital Media Elevation of Privilege Vulnerability
CVE-2025-21265
6.6 - Medium
- January 14, 2025
Windows Digital Media Elevation of Privilege Vulnerability
Out-of-bounds Read
Windows Telephony Service Remote Code Execution Vulnerability
CVE-2025-21266
8.8 - High
- January 14, 2025
Windows Telephony Service Remote Code Execution Vulnerability
Heap-based Buffer Overflow
MapUrlToZone Security Feature Bypass Vulnerability
CVE-2025-21268
4.3 - Medium
- January 14, 2025
MapUrlToZone Security Feature Bypass Vulnerability
Improper Resolution of Path Equivalence
Windows HTML Platforms Security Feature Bypass Vulnerability
CVE-2025-21269
4.3 - Medium
- January 14, 2025
Windows HTML Platforms Security Feature Bypass Vulnerability
Improper Resolution of Path Equivalence
Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
CVE-2025-21270
7.5 - High
- January 14, 2025
Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
Resource Exhaustion
Windows COM Server Information Disclosure Vulnerability
CVE-2025-21272
6.5 - Medium
- January 14, 2025
Windows COM Server Information Disclosure Vulnerability
Use of Uninitialized Resource
Windows Telephony Service Remote Code Execution Vulnerability
CVE-2025-21273
8.8 - High
- January 14, 2025
Windows Telephony Service Remote Code Execution Vulnerability
Heap-based Buffer Overflow
Windows Event Tracing Denial of Service Vulnerability
CVE-2025-21274
5.5 - Medium
- January 14, 2025
Windows Event Tracing Denial of Service Vulnerability
insecure temporary file
Windows MapUrlToZone Denial of Service Vulnerability
CVE-2025-21276
7.5 - High
- January 14, 2025
Windows MapUrlToZone Denial of Service Vulnerability
Integer underflow
Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
CVE-2025-21277
7.5 - High
- January 14, 2025
Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
Buffer Over-read
Windows Remote Desktop Gateway (RD Gateway) Denial of Service Vulnerability
CVE-2025-21278
5.5 - Medium
- January 14, 2025
Windows Remote Desktop Gateway (RD Gateway) Denial of Service Vulnerability
Race Condition
Windows Virtual Trusted Platform Module Denial of Service Vulnerability
CVE-2025-21280
5.5 - Medium
- January 14, 2025
Windows Virtual Trusted Platform Module Denial of Service Vulnerability
Improper Input Validation
Microsoft COM for Windows Elevation of Privilege Vulnerability
CVE-2025-21281
7.8 - High
- January 14, 2025
Microsoft COM for Windows Elevation of Privilege Vulnerability
Dangling pointer
Windows Telephony Service Remote Code Execution Vulnerability
CVE-2025-21282
8.8 - High
- January 14, 2025
Windows Telephony Service Remote Code Execution Vulnerability
Heap-based Buffer Overflow
Windows Virtual Trusted Platform Module Denial of Service Vulnerability
CVE-2025-21284
5.5 - Medium
- January 14, 2025
Windows Virtual Trusted Platform Module Denial of Service Vulnerability
Improper Input Validation
Windows SmartScreen Spoofing Vulnerability
CVE-2025-21314
6.5 - Medium
- January 14, 2025
Windows SmartScreen Spoofing Vulnerability
User Interface (UI) Misrepresentation of Critical Information
Windows Digital Media Elevation of Privilege Vulnerability
CVE-2025-21232
6.6 - Medium
- January 14, 2025
Windows Digital Media Elevation of Privilege Vulnerability
Out-of-bounds Read
Windows Telephony Service Remote Code Execution Vulnerability
CVE-2025-21233
8.8 - High
- January 14, 2025
Windows Telephony Service Remote Code Execution Vulnerability
Heap-based Buffer Overflow
Windows Telephony Service Remote Code Execution Vulnerability
CVE-2025-21236
8.8 - High
- January 14, 2025
Windows Telephony Service Remote Code Execution Vulnerability
Heap-based Buffer Overflow
Windows Telephony Service Remote Code Execution Vulnerability
CVE-2025-21237
8.8 - High
- January 14, 2025
Windows Telephony Service Remote Code Execution Vulnerability
Heap-based Buffer Overflow
Windows Telephony Service Remote Code Execution Vulnerability
CVE-2025-21238
8.8 - High
- January 14, 2025
Windows Telephony Service Remote Code Execution Vulnerability
Heap-based Buffer Overflow
Windows Telephony Service Remote Code Execution Vulnerability
CVE-2025-21239
8.8 - High
- January 14, 2025
Windows Telephony Service Remote Code Execution Vulnerability
Heap-based Buffer Overflow
Windows Telephony Service Remote Code Execution Vulnerability
CVE-2025-21240
8.8 - High
- January 14, 2025
Windows Telephony Service Remote Code Execution Vulnerability
Heap-based Buffer Overflow
Windows Telephony Service Remote Code Execution Vulnerability
CVE-2025-21241
8.8 - High
- January 14, 2025
Windows Telephony Service Remote Code Execution Vulnerability
Heap-based Buffer Overflow
Windows Kerberos Information Disclosure Vulnerability
CVE-2025-21242
5.9 - Medium
- January 14, 2025
Windows Kerberos Information Disclosure Vulnerability
Information Disclosure
Windows Telephony Service Remote Code Execution Vulnerability
CVE-2025-21243
8.8 - High
- January 14, 2025
Windows Telephony Service Remote Code Execution Vulnerability
Integer Overflow or Wraparound
Windows Telephony Service Remote Code Execution Vulnerability
CVE-2025-21244
8.8 - High
- January 14, 2025
Windows Telephony Service Remote Code Execution Vulnerability
Integer Overflow or Wraparound
Windows Digital Media Elevation of Privilege Vulnerability
CVE-2025-21258
6.6 - Medium
- January 14, 2025
Windows Digital Media Elevation of Privilege Vulnerability
Out-of-bounds Read
Windows WLAN AutoConfig Service Information Disclosure Vulnerability
CVE-2025-21257
5.5 - Medium
- January 14, 2025
Windows WLAN AutoConfig Service Information Disclosure Vulnerability
Out-of-bounds Read
Windows Digital Media Elevation of Privilege Vulnerability
CVE-2025-21256
6.6 - Medium
- January 14, 2025
Windows Digital Media Elevation of Privilege Vulnerability
Out-of-bounds Read
Windows Telephony Service Remote Code Execution Vulnerability
CVE-2025-21245
8.8 - High
- January 14, 2025
Windows Telephony Service Remote Code Execution Vulnerability
Out-of-bounds Read
Windows Telephony Service Remote Code Execution Vulnerability
CVE-2025-21246
8.8 - High
- January 14, 2025
Windows Telephony Service Remote Code Execution Vulnerability
Out-of-bounds Read
Windows Telephony Service Remote Code Execution Vulnerability
CVE-2025-21248
8.8 - High
- January 14, 2025
Windows Telephony Service Remote Code Execution Vulnerability
Heap-based Buffer Overflow
Windows Digital Media Elevation of Privilege Vulnerability
CVE-2025-21249
6.6 - Medium
- January 14, 2025
Windows Digital Media Elevation of Privilege Vulnerability
Out-of-bounds Read
Windows Telephony Service Remote Code Execution Vulnerability
CVE-2025-21250
8.8 - High
- January 14, 2025
Windows Telephony Service Remote Code Execution Vulnerability
Heap-based Buffer Overflow
Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
CVE-2025-21251
7.5 - High
- January 14, 2025
Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
Resource Exhaustion
Windows Telephony Service Remote Code Execution Vulnerability
CVE-2025-21252
8.8 - High
- January 14, 2025
Windows Telephony Service Remote Code Execution Vulnerability
Heap-based Buffer Overflow
Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
CVE-2025-21285
7.5 - High
- January 14, 2025
Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
NULL Pointer Dereference
Windows Installer Elevation of Privilege Vulnerability
CVE-2025-21287
7.8 - High
- January 14, 2025
Windows Installer Elevation of Privilege Vulnerability
Improper Privilege Management
Windows COM Server Information Disclosure Vulnerability
CVE-2025-21288
6.5 - Medium
- January 14, 2025
Windows COM Server Information Disclosure Vulnerability
Use of Uninitialized Resource
Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
CVE-2025-21289
7.5 - High
- January 14, 2025
Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
Resource Exhaustion
Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
CVE-2025-21290
7.5 - High
- January 14, 2025
Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
Resource Exhaustion
Active Directory Domain Services Elevation of Privilege Vulnerability
CVE-2025-21293
8.8 - High
- January 14, 2025
Active Directory Domain Services Elevation of Privilege Vulnerability
Authorization
Microsoft Digest Authentication Remote Code Execution Vulnerability
CVE-2025-21294
8.1 - High
- January 14, 2025
Microsoft Digest Authentication Remote Code Execution Vulnerability
Sensitive Data Storage in Improperly Locked Memory
SPNEGO Extended Negotiation (NEGOEX) Security Mechanism Remote Code Execution Vulnerability
CVE-2025-21295
8.1 - High
- January 14, 2025
SPNEGO Extended Negotiation (NEGOEX) Security Mechanism Remote Code Execution Vulnerability
Dangling pointer
BranchCache Remote Code Execution Vulnerability
CVE-2025-21296
7.5 - High
- January 14, 2025
BranchCache Remote Code Execution Vulnerability
Dangling pointer
Windows Remote Desktop Services Remote Code Execution Vulnerability
CVE-2025-21297
8.1 - High
- January 14, 2025
Windows Remote Desktop Services Remote Code Execution Vulnerability
Dangling pointer
Windows OLE Remote Code Execution Vulnerability
CVE-2025-21298
9.8 - Critical
- January 14, 2025
Windows OLE Remote Code Execution Vulnerability
Dangling pointer
Windows Kerberos Security Feature Bypass Vulnerability
CVE-2025-21299
7.8 - High
- January 14, 2025
Windows Kerberos Security Feature Bypass Vulnerability
Insecure Storage of Sensitive Information
Windows upnphost.dll Denial of Service Vulnerability
CVE-2025-21300
7.5 - High
- January 14, 2025
Windows upnphost.dll Denial of Service Vulnerability
Resource Exhaustion
Windows Geolocation Service Information Disclosure Vulnerability
CVE-2025-21301
6.5 - Medium
- January 14, 2025
Windows Geolocation Service Information Disclosure Vulnerability
Authorization
Windows Telephony Service Remote Code Execution Vulnerability
CVE-2025-21302
8.8 - High
- January 14, 2025
Windows Telephony Service Remote Code Execution Vulnerability
Heap-based Buffer Overflow
Windows Telephony Service Remote Code Execution Vulnerability
CVE-2025-21303
8.8 - High
- January 14, 2025
Windows Telephony Service Remote Code Execution Vulnerability
Heap-based Buffer Overflow
Microsoft DWM Core Library Elevation of Privilege Vulnerability
CVE-2025-21304
7.8 - High
- January 14, 2025
Microsoft DWM Core Library Elevation of Privilege Vulnerability
Dangling pointer
Windows Telephony Service Remote Code Execution Vulnerability
CVE-2025-21305
8.8 - High
- January 14, 2025
Windows Telephony Service Remote Code Execution Vulnerability
Heap-based Buffer Overflow