Vulnerabilities > Microsoft > Windows Server 2012 > Medium

DATE CVE VULNERABILITY TITLE RISK
2021-12-15 CVE-2021-43224 Unspecified vulnerability in Microsoft products
Windows Common Log File System Driver Information Disclosure Vulnerability
local
low complexity
microsoft
5.5
2020-08-17 CVE-2020-1383 Unspecified vulnerability in Microsoft products
An information disclosure vulnerability exists in RPC if the server has Routing and Remote Access enabled.
local
low complexity
microsoft
5.5
2020-07-29 CVE-2020-15707 Integer Overflow or Wraparound vulnerability in multiple products
Integer overflows were discovered in the functions grub_cmd_initrd and grub_initrd_init in the efilinux component of GRUB2, as shipped in Debian, Red Hat, and Ubuntu (the functionality is not included in GRUB2 upstream), leading to a heap-based buffer overflow.
6.4
2020-07-29 CVE-2020-15706 Use After Free vulnerability in multiple products
GRUB2 contains a race condition in grub_script_function_create() leading to a use-after-free vulnerability which can be triggered by redefining a function whilst the same function is already executing, leading to arbitrary code execution and secure boot restriction bypass.
6.4
2020-07-29 CVE-2020-15705 Improper Verification of Cryptographic Signature vulnerability in multiple products
GRUB2 fails to validate kernel signature when booted directly without shim, allowing secure boot to be bypassed.
6.4
2020-07-14 CVE-2020-1468 Unspecified vulnerability in Microsoft products
An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'.
network
low complexity
microsoft
6.5
2020-07-14 CVE-2020-1419 Missing Initialization of Resource vulnerability in Microsoft products
An information disclosure vulnerability exists when the Windows kernel fails to properly initialize a memory address, aka 'Windows Kernel Information Disclosure Vulnerability'.
local
low complexity
microsoft CWE-909
5.5
2020-07-14 CVE-2020-1397 Unspecified vulnerability in Microsoft products
An information disclosure vulnerability exists in Windows when the Windows Imaging Component fails to properly handle objects in memory, aka 'Windows Imaging Component Information Disclosure Vulnerability'.
network
low complexity
microsoft
6.5
2020-07-14 CVE-2020-1389 Improper Initialization vulnerability in Microsoft products
An information disclosure vulnerability exists when the Windows kernel fails to properly initialize a memory address, aka 'Windows Kernel Information Disclosure Vulnerability'.
local
low complexity
microsoft CWE-665
5.5
2020-07-14 CVE-2020-1351 Unspecified vulnerability in Microsoft products
An information disclosure vulnerability exists when the Windows Graphics component improperly handles objects in memory, aka 'Microsoft Graphics Component Information Disclosure Vulnerability'.
local
low complexity
microsoft
5.5