Vulnerabilities > Microsoft > Windows Server 2016 > High

DATE CVE VULNERABILITY TITLE RISK
2016-11-10 CVE-2016-0026 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft products
The Common Log File System (CLFS) driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows local users to gain privileges via a crafted application, aka "Windows Common Log File System Driver Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-3332, CVE-2016-3333, CVE-2016-3334, CVE-2016-3335, CVE-2016-3338, CVE-2016-3340, CVE-2016-3342, CVE-2016-3343, and CVE-2016-7184.
local
low complexity
microsoft CWE-119
7.8
2013-12-11 CVE-2013-3900 Improper Verification of Cryptographic Signature vulnerability in Microsoft products
Why is Microsoft republishing a CVE from 2013? We are republishing CVE-2013-3900 in the Security Update Guide to update the Security Updates table and to inform customers that the EnableCertPaddingCheck is available in all currently supported versions of Windows 10 and Windows 11.
network
low complexity
microsoft CWE-347
8.8