Microsoft Windows Server 2019

Windows Hello Security Feature Bypass Vulnerability

CVE-2021-42288 6.1 - Medium - November 10, 2021

Windows Hello Security Feature Bypass Vulnerability

AuthZ

Active Directory Domain Services Elevation of Privilege Vulnerability

CVE-2021-42282 8.8 - High - November 10, 2021

Active Directory Domain Services Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-42278, CVE-2021-42287, CVE-2021-42291.

Improper Privilege Management

NTFS Elevation of Privilege Vulnerability

CVE-2021-42283 7.8 - High - November 10, 2021

NTFS Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-41367, CVE-2021-41370.

Improper Privilege Management

Windows Hyper-V Denial of Service Vulnerability

CVE-2021-42284 7.5 - High - November 10, 2021

Windows Hyper-V Denial of Service Vulnerability

Resource Exhaustion

Windows Kernel Elevation of Privilege Vulnerability

CVE-2021-42285 7.8 - High - November 10, 2021

Windows Kernel Elevation of Privilege Vulnerability

Improper Privilege Management

Active Directory Domain Services Elevation of Privilege Vulnerability

CVE-2021-42287 8.8 - High - November 10, 2021

Active Directory Domain Services Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-42278, CVE-2021-42282, CVE-2021-42291.

Improper Privilege Management

Active Directory Domain Services Elevation of Privilege Vulnerability

CVE-2021-42291 8.8 - High - November 10, 2021

Active Directory Domain Services Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-42278, CVE-2021-42282, CVE-2021-42287.

Improper Privilege Management

Windows Fast FAT File System Driver Elevation of Privilege Vulnerability

CVE-2021-41377 7.8 - High - November 10, 2021

Windows Fast FAT File System Driver Elevation of Privilege Vulnerability

Improper Privilege Management

Windows NTFS Remote Code Execution Vulnerability

CVE-2021-41378 8.8 - High - November 10, 2021

Windows NTFS Remote Code Execution Vulnerability

Windows Installer Elevation of Privilege Vulnerability

CVE-2021-41379 7.8 - High - November 10, 2021

Windows Installer Elevation of Privilege Vulnerability

Improper Privilege Management

Windows Hyper-V Discrete Device Assignment (DDA) Denial of Service Vulnerability

CVE-2021-42274 6.5 - Medium - November 10, 2021

Windows Hyper-V Discrete Device Assignment (DDA) Denial of Service Vulnerability

Microsoft COM for Windows Remote Code Execution Vulnerability

CVE-2021-42275 8.8 - High - November 10, 2021

Microsoft COM for Windows Remote Code Execution Vulnerability

Microsoft Windows Media Foundation Remote Code Execution Vulnerability

CVE-2021-42276 7.8 - High - November 10, 2021

Microsoft Windows Media Foundation Remote Code Execution Vulnerability

Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability

CVE-2021-42277 7.8 - High - November 10, 2021

Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability

Improper Privilege Management

Active Directory Domain Services Elevation of Privilege Vulnerability

CVE-2021-42278 8.8 - High - November 10, 2021

Active Directory Domain Services Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-42282, CVE-2021-42287, CVE-2021-42291.

Improper Privilege Management

Credential Security Support Provider Protocol (CredSSP) Elevation of Privilege Vulnerability

CVE-2021-41366 7.8 - High - November 10, 2021

Credential Security Support Provider Protocol (CredSSP) Elevation of Privilege Vulnerability

Improper Privilege Management

NTFS Elevation of Privilege Vulnerability

CVE-2021-41367 7.8 - High - November 10, 2021

NTFS Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-41370, CVE-2021-42283.

Improper Privilege Management

NTFS Elevation of Privilege Vulnerability

CVE-2021-41370 7.8 - High - November 10, 2021

NTFS Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-41367, CVE-2021-42283.

Improper Privilege Management

Chakra Scripting Engine Memory Corruption Vulnerability

CVE-2021-42279 7.5 - High - November 10, 2021

Chakra Scripting Engine Memory Corruption Vulnerability

Memory Corruption

Windows Feedback Hub Elevation of Privilege Vulnerability

CVE-2021-42280 7.8 - High - November 10, 2021

Windows Feedback Hub Elevation of Privilege Vulnerability

Improper Privilege Management

Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability

CVE-2021-41371 4.4 - Medium - November 10, 2021

Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-38631.

Windows Denial of Service Vulnerability

CVE-2021-41356 7.5 - High - November 10, 2021

Windows Denial of Service Vulnerability

Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability

CVE-2021-38631 4.4 - Medium - November 10, 2021

Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-41371.

Remote Desktop Protocol Client Information Disclosure Vulnerability

CVE-2021-38665 6.5 - Medium - November 10, 2021

Remote Desktop Protocol Client Information Disclosure Vulnerability

Remote Desktop Client Remote Code Execution Vulnerability

CVE-2021-38666 8.8 - High - November 10, 2021

Remote Desktop Client Remote Code Execution Vulnerability

Windows Desktop Bridge Elevation of Privilege Vulnerability

CVE-2021-36957 7.8 - High - November 10, 2021

Windows Desktop Bridge Elevation of Privilege Vulnerability

Improper Privilege Management

Microsoft Virtual Machine Bus (VMBus) Remote Code Execution Vulnerability

CVE-2021-26443 9 - Critical - November 10, 2021

Microsoft Virtual Machine Bus (VMBus) Remote Code Execution Vulnerability

Windows Nearby Sharing Elevation of Privilege Vulnerability

CVE-2021-40464 8 - High - October 13, 2021

Windows Nearby Sharing Elevation of Privilege Vulnerability

Improper Privilege Management

Windows Text Shaping Remote Code Execution Vulnerability

CVE-2021-40465 7.8 - High - October 13, 2021

Windows Text Shaping Remote Code Execution Vulnerability

Storage Spaces Controller Elevation of Privilege Vulnerability

CVE-2021-40489 7.8 - High - October 13, 2021

Storage Spaces Controller Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-26441, CVE-2021-40478, CVE-2021-40488, CVE-2021-41345.

Improper Privilege Management

Storage Spaces Controller Elevation of Privilege Vulnerability

CVE-2021-40488 7.8 - High - October 13, 2021

Storage Spaces Controller Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-26441, CVE-2021-40478, CVE-2021-40489, CVE-2021-41345.

Improper Privilege Management

Storage Spaces Controller Elevation of Privilege Vulnerability

CVE-2021-40478 7.8 - High - October 13, 2021

Storage Spaces Controller Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-26441, CVE-2021-40488, CVE-2021-40489, CVE-2021-41345.

Improper Privilege Management

Windows Event Tracing Elevation of Privilege Vulnerability

CVE-2021-40477 7.8 - High - October 13, 2021

Windows Event Tracing Elevation of Privilege Vulnerability

Improper Privilege Management

Windows AppContainer Elevation Of Privilege Vulnerability

CVE-2021-40476 7.3 - High - October 13, 2021

Windows AppContainer Elevation Of Privilege Vulnerability

Improper Privilege Management

Windows Cloud Files Mini Filter Driver Information Disclosure Vulnerability

CVE-2021-40475 5.5 - Medium - October 13, 2021

Windows Cloud Files Mini Filter Driver Information Disclosure Vulnerability

DirectX Graphics Kernel Elevation of Privilege Vulnerability

CVE-2021-40470 7.8 - High - October 13, 2021

DirectX Graphics Kernel Elevation of Privilege Vulnerability

Improper Privilege Management

Windows DNS Server Remote Code Execution Vulnerability

CVE-2021-40469 7.2 - High - October 13, 2021

Windows DNS Server Remote Code Execution Vulnerability

Windows Common Log File System Driver Elevation of Privilege Vulnerability

CVE-2021-40467 7.8 - High - October 13, 2021

Windows Common Log File System Driver Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-40443, CVE-2021-40466.

Improper Privilege Management

Windows Common Log File System Driver Elevation of Privilege Vulnerability

CVE-2021-40466 7.8 - High - October 13, 2021

Windows Common Log File System Driver Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-40443, CVE-2021-40467.

Improper Privilege Management

Windows NAT Denial of Service Vulnerability

CVE-2021-40463 6.5 - Medium - October 13, 2021

Windows NAT Denial of Service Vulnerability

Windows Media Foundation Dolby Digital Atmos Decoders Remote Code Execution Vulnerability

CVE-2021-40462 7.8 - High - October 13, 2021

Windows Media Foundation Dolby Digital Atmos Decoders Remote Code Execution Vulnerability

Windows AppX Deployment Service Elevation of Privilege Vulnerability

CVE-2021-41347 7.8 - High - October 13, 2021

Windows AppX Deployment Service Elevation of Privilege Vulnerability

Improper Privilege Management

Storage Spaces Controller Elevation of Privilege Vulnerability

CVE-2021-41345 7.8 - High - October 13, 2021

Storage Spaces Controller Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-26441, CVE-2021-40478, CVE-2021-40488, CVE-2021-40489.

Improper Privilege Management

Windows Fast FAT File System Driver Information Disclosure Vulnerability

CVE-2021-41343 5.5 - Medium - October 13, 2021

Windows Fast FAT File System Driver Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-38662.

Windows MSHTML Platform Remote Code Execution Vulnerability

CVE-2021-41342 8.8 - High - October 13, 2021

Windows MSHTML Platform Remote Code Execution Vulnerability

Windows Graphics Component Remote Code Execution Vulnerability

CVE-2021-41340 7.8 - High - October 13, 2021

Windows Graphics Component Remote Code Execution Vulnerability

Windows AppContainer Firewall Rules Security Feature Bypass Vulnerability

CVE-2021-41338 5.5 - Medium - October 13, 2021

Windows AppContainer Firewall Rules Security Feature Bypass Vulnerability

Windows Kernel Elevation of Privilege Vulnerability

CVE-2021-41335 7.8 - High - October 13, 2021

Windows Kernel Elevation of Privilege Vulnerability

Improper Privilege Management

Windows Print Spooler Information Disclosure Vulnerability

CVE-2021-41332 6.5 - Medium - October 13, 2021

Windows Print Spooler Information Disclosure Vulnerability

Windows Media Audio Decoder Remote Code Execution Vulnerability

CVE-2021-41331 7.8 - High - October 13, 2021

Windows Media Audio Decoder Remote Code Execution Vulnerability

Microsoft Windows Media Foundation Remote Code Execution Vulnerability

CVE-2021-41330 7.8 - High - October 13, 2021

Microsoft Windows Media Foundation Remote Code Execution Vulnerability

Windows Hyper-V Remote Code Execution Vulnerability

CVE-2021-40461 9 - Critical - October 13, 2021

Windows Hyper-V Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-38672.

Windows Remote Procedure Call Runtime Security Feature Bypass Vulnerability

CVE-2021-40460 6.5 - Medium - October 13, 2021

Windows Remote Procedure Call Runtime Security Feature Bypass Vulnerability

Windows AD FS Security Feature Bypass Vulnerability

CVE-2021-40456 7.5 - High - October 13, 2021

Windows AD FS Security Feature Bypass Vulnerability

Active Directory Federation Server Spoofing Vulnerability

CVE-2021-41361 3.5 - Low - October 13, 2021

Active Directory Federation Server Spoofing Vulnerability

Windows Installer Spoofing Vulnerability

CVE-2021-40455 5.5 - Medium - October 13, 2021

Windows Installer Spoofing Vulnerability

Rich Text Edit Control Information Disclosure Vulnerability

CVE-2021-40454 5.5 - Medium - October 13, 2021

Rich Text Edit Control Information Disclosure Vulnerability

Cleartext Storage of Sensitive Information

Win32k Elevation of Privilege Vulnerability

CVE-2021-40450 7.8 - High - October 13, 2021

Win32k Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-40449, CVE-2021-41357.

Improper Privilege Management

Win32k Elevation of Privilege Vulnerability

CVE-2021-40449 7.8 - High - October 13, 2021

Win32k Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-40450, CVE-2021-41357.

Improper Privilege Management

Windows Common Log File System Driver Elevation of Privilege Vulnerability

CVE-2021-40443 7.8 - High - October 13, 2021

Windows Common Log File System Driver Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-40466, CVE-2021-40467.

Improper Privilege Management

Windows exFAT File System Information Disclosure Vulnerability

CVE-2021-38663 5.5 - Medium - October 13, 2021

Windows exFAT File System Information Disclosure Vulnerability

Windows Fast FAT File System Driver Information Disclosure Vulnerability

CVE-2021-38662 5.5 - Medium - October 13, 2021

Windows Fast FAT File System Driver Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-41343.

Windows Print Spooler Spoofing Vulnerability

CVE-2021-36970 6.5 - Medium - October 13, 2021

Windows Print Spooler Spoofing Vulnerability

Windows TCP/IP Denial of Service Vulnerability

CVE-2021-36953 7.5 - High - October 13, 2021

Windows TCP/IP Denial of Service Vulnerability

Windows HTTP.sys Elevation of Privilege Vulnerability

CVE-2021-26442 7.8 - High - October 13, 2021

Windows HTTP.sys Elevation of Privilege Vulnerability

Improper Privilege Management

Storage Spaces Controller Elevation of Privilege Vulnerability

CVE-2021-26441 7.8 - High - October 13, 2021

Storage Spaces Controller Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-40478, CVE-2021-40488, CVE-2021-40489, CVE-2021-41345.

Improper Privilege Management

Active Directory Security Feature Bypass Vulnerability

CVE-2021-41337 4.9 - Medium - October 13, 2021

Active Directory Security Feature Bypass Vulnerability

Microsoft Windows Update Client Elevation of Privilege Vulnerability

CVE-2021-38634 7.8 - High - September 15, 2021

Microsoft Windows Update Client Elevation of Privilege Vulnerability

Improper Privilege Management

Windows Installer Denial of Service Vulnerability

CVE-2021-36961 6.1 - Medium - September 15, 2021

Windows Installer Denial of Service Vulnerability

Windows SMB Information Disclosure Vulnerability

CVE-2021-36960 7.5 - High - September 15, 2021

Windows SMB Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-36972.

Windows Common Log File System Driver Elevation of Privilege Vulnerability

CVE-2021-36955 7.8 - High - September 15, 2021

Windows Common Log File System Driver Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-36963, CVE-2021-38633.

Improper Privilege Management

Windows Bind Filter Driver Elevation of Privilege Vulnerability

CVE-2021-36954 7.8 - High - September 15, 2021

Windows Bind Filter Driver Elevation of Privilege Vulnerability

Improper Privilege Management

Windows Scripting Engine Memory Corruption Vulnerability

CVE-2021-26435 7.8 - High - September 15, 2021

Windows Scripting Engine Memory Corruption Vulnerability

Memory Corruption

Windows Print Spooler Elevation of Privilege Vulnerability

CVE-2021-40447 7.8 - High - September 15, 2021

Windows Print Spooler Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-38667, CVE-2021-38671.

Improper Privilege Management

Microsoft MSHTML Remote Code Execution Vulnerability

CVE-2021-40444 7.8 - High - September 15, 2021

Microsoft MSHTML Remote Code Execution Vulnerability

Windows Print Spooler Elevation of Privilege Vulnerability

CVE-2021-38671 7.8 - High - September 15, 2021

Windows Print Spooler Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-38667, CVE-2021-40447.

Improper Privilege Management

Windows Print Spooler Elevation of Privilege Vulnerability

CVE-2021-38667 7.8 - High - September 15, 2021

Windows Print Spooler Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-38671, CVE-2021-40447.

Improper Privilege Management

Windows SMB Information Disclosure Vulnerability

CVE-2021-36972 5.5 - Medium - September 15, 2021

Windows SMB Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-36960.

Windows Redirected Drive Buffering SubSystem Driver Information Disclosure Vulnerability

CVE-2021-36969 5.5 - Medium - September 15, 2021

Windows Redirected Drive Buffering SubSystem Driver Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-38635, CVE-2021-38636.

Windows Subsystem for Linux Elevation of Privilege Vulnerability

CVE-2021-36966 7.8 - High - September 15, 2021

Windows Subsystem for Linux Elevation of Privilege Vulnerability

Improper Privilege Management

Windows WLAN AutoConfig Service Remote Code Execution Vulnerability

CVE-2021-36965 9.8 - Critical - September 15, 2021

Windows WLAN AutoConfig Service Remote Code Execution Vulnerability

Windows Event Tracing Elevation of Privilege Vulnerability

CVE-2021-36964 7.8 - High - September 15, 2021

Windows Event Tracing Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-38630.

Improper Privilege Management

Windows Common Log File System Driver Elevation of Privilege Vulnerability

CVE-2021-36963 7.8 - High - September 15, 2021

Windows Common Log File System Driver Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-36955, CVE-2021-38633.

Improper Privilege Management

Windows Installer Information Disclosure Vulnerability

CVE-2021-36962 5.5 - Medium - September 15, 2021

Windows Installer Information Disclosure Vulnerability

Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

CVE-2021-38638 7.8 - High - September 15, 2021

Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-38628.

Improper Privilege Management

Windows Redirected Drive Buffering SubSystem Driver Information Disclosure Vulnerability

CVE-2021-38635 5.5 - Medium - September 15, 2021

Windows Redirected Drive Buffering SubSystem Driver Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-36969, CVE-2021-38636.

Windows Authenticode Spoofing Vulnerability

CVE-2021-36959 3.3 - Low - September 15, 2021

Windows Authenticode Spoofing Vulnerability

Windows WLAN AutoConfig Service Elevation of Privilege Vulnerability

CVE-2021-36967 8.8 - High - September 15, 2021

Windows WLAN AutoConfig Service Elevation of Privilege Vulnerability

Improper Privilege Management

Windows Redirected Drive Buffering System Elevation of Privilege Vulnerability

CVE-2021-36973 7.8 - High - September 15, 2021

Windows Redirected Drive Buffering System Elevation of Privilege Vulnerability

Improper Privilege Management

Windows SMB Elevation of Privilege Vulnerability

CVE-2021-36974 7.8 - High - September 15, 2021

Windows SMB Elevation of Privilege Vulnerability

Improper Privilege Management

Win32k Elevation of Privilege Vulnerability

CVE-2021-36975 7.8 - High - September 15, 2021

Win32k Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-38639.

Improper Privilege Management

Windows Key Storage Provider Security Feature Bypass Vulnerability

CVE-2021-38624 6.5 - Medium - September 15, 2021

Windows Key Storage Provider Security Feature Bypass Vulnerability

Insecure Direct Object Reference / IDOR

Windows Ancillary Function Driver for WinSock Information Disclosure Vulnerability

CVE-2021-38629 6.5 - Medium - September 15, 2021

Windows Ancillary Function Driver for WinSock Information Disclosure Vulnerability

Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

CVE-2021-38628 7.8 - High - September 15, 2021

Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-38638.

Improper Privilege Management

Win32k Elevation of Privilege Vulnerability

CVE-2021-38639 7.8 - High - September 15, 2021

Win32k Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-36975.

Improper Privilege Management

Windows Storage Information Disclosure Vulnerability

CVE-2021-38637 5.5 - Medium - September 15, 2021

Windows Storage Information Disclosure Vulnerability

Windows Redirected Drive Buffering SubSystem Driver Information Disclosure Vulnerability

CVE-2021-38636 5.5 - Medium - September 15, 2021

Windows Redirected Drive Buffering SubSystem Driver Information Disclosure Vulnerability This CVE ID is unique from CVE-2021-36969, CVE-2021-38635.

BitLocker Security Feature Bypass Vulnerability

CVE-2021-38632 4.6 - Medium - September 15, 2021

BitLocker Security Feature Bypass Vulnerability

Windows Common Log File System Driver Elevation of Privilege Vulnerability

CVE-2021-38633 7.8 - High - September 15, 2021

Windows Common Log File System Driver Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-36955, CVE-2021-36963.

Improper Privilege Management

Windows Event Tracing Elevation of Privilege Vulnerability

CVE-2021-38630 7.8 - High - September 15, 2021

Windows Event Tracing Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-36964.

Improper Privilege Management