Vulnerabilities > Microsoft > Windows Server 2016 > Low

DATE CVE VULNERABILITY TITLE RISK
2024-04-09 CVE-2024-26217 Unspecified vulnerability in Microsoft products
Windows Remote Access Connection Manager Information Disclosure Vulnerability
local
low complexity
microsoft
3.3
2021-05-11 CVE-2020-24588 Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products
The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that the A-MSDU flag in the plaintext QoS header field is authenticated.
3.5
2019-12-10 CVE-2019-1488 Unspecified vulnerability in Microsoft products
A security feature bypass vulnerability exists when Microsoft Defender improperly handles specific buffers, aka 'Microsoft Defender Security Feature Bypass Vulnerability'.
local
low complexity
microsoft
3.3
2019-11-12 CVE-2019-1418 Information Exposure vulnerability in Microsoft products
An information vulnerability exists when Windows Modules Installer Service improperly discloses file information, aka 'Windows Modules Installer Service Information Disclosure Vulnerability'.
local
low complexity
microsoft CWE-200
3.3
2018-10-10 CVE-2018-8481 Unspecified vulnerability in Microsoft products
An information disclosure vulnerability exists when Windows Media Player improperly discloses file information, aka "Windows Media Player Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.
network
high complexity
microsoft
3.1
2018-10-10 CVE-2018-8482 Unspecified vulnerability in Microsoft products
An information disclosure vulnerability exists when Windows Media Player improperly discloses file information, aka "Windows Media Player Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.
network
high complexity
microsoft
3.1
2018-09-13 CVE-2018-8449 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Microsoft Windows 10 and Windows Server 2016
A security feature bypass exists when Device Guard incorrectly validates an untrusted file, aka "Device Guard Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers.
local
low complexity
microsoft CWE-367
3.3
2018-04-12 CVE-2018-0966 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Microsoft Windows 10 and Windows Server 2016
A security feature bypass exists when Device Guard incorrectly validates an untrusted file, aka "Device Guard Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers.
local
low complexity
microsoft CWE-367
3.3
2018-03-14 CVE-2018-0878 XXE vulnerability in Microsoft products
Windows Remote Assistance in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an information disclosure vulnerability due to how XML External Entities (XXE) are processed, aka "Windows Remote Assistance Information Disclosure Vulnerability".
network
high complexity
microsoft CWE-611
3.1
2017-11-15 CVE-2017-11850 Information Exposure vulnerability in Microsoft products
Microsoft Graphics Component in Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an attacker to log on to an affected system and run a specially crafted application due to improper handling of objects in memory, aka "Microsoft Graphics Component Information Disclosure Vulnerability".
local
high complexity
microsoft CWE-200
2.5