Vulnerabilities > Microsoft > Windows Server 2016 > Low

DATE CVE VULNERABILITY TITLE RISK
2017-06-15 CVE-2017-8491 Information Exposure vulnerability in Microsoft products
The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an authenticated attacker to obtain information via a specially crafted application.
1.9
2017-06-15 CVE-2017-8492 Information Exposure vulnerability in Microsoft products
The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an authenticated attacker to obtain information via a specially crafted application.
1.9
2017-06-15 CVE-2017-8493 Improper Handling of Case Sensitivity vulnerability in Microsoft products
Microsoft Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to set variables that are either read-only or require authentication when Windows fails to enforce case sensitivity for certain variable checks, aka "Windows Security Feature Bypass Vulnerability".
local
low complexity
microsoft CWE-178
2.1
2017-06-15 CVE-2017-8544 Information Exposure vulnerability in Microsoft products
Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to obtain information to further compromise the user's system when Windows Search fails to handle objects in memory, aka "Windows Search Information Disclosure Vulnerability".
local
low complexity
microsoft CWE-200
2.1
2017-06-15 CVE-2017-8553 Information Exposure vulnerability in Microsoft products
An information disclosure vulnerability exists in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows Server 2016 when the Windows kernel improperly handles objects in memory, aka "GDI Information Disclosure Vulnerability".
1.9
2017-05-12 CVE-2017-0190 Information Exposure vulnerability in Microsoft products
The GDI component in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and Windows Server 2016 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "GDI Information Disclosure Vulnerability."
local
low complexity
microsoft CWE-200
2.1
2017-05-12 CVE-2017-0258 Information Exposure vulnerability in Microsoft products
The Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows authenticated attackers to obtain sensitive information via a specially crafted document, aka "Windows Kernel Information Disclosure Vulnerability," a different vulnerability than CVE-2017-0175, CVE-2017-0220, and CVE-2017-0259.
1.9
2017-05-12 CVE-2017-0259 Information Exposure vulnerability in Microsoft products
The Windows kernel in Microsoft Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows authenticated attackers to obtain sensitive information via a specially crafted document, aka "Windows Kernel Information Disclosure Vulnerability," a different vulnerability than CVE-2017-0175, CVE-2017-0220, and CVE-2017-0258.
1.9
2017-04-12 CVE-2017-0058 Information Exposure vulnerability in Microsoft products
A Win32k information disclosure vulnerability exists in Microsoft Windows when the win32k component improperly provides kernel information.
1.9
2017-04-12 CVE-2017-0164 Improper Input Validation vulnerability in Microsoft Windows 10 and Windows Server 2016
A denial of service vulnerability exists in Windows 10 1607 and Windows Server 2016 Active Directory when an authenticated attacker sends malicious search queries, aka "Active Directory Denial of Service Vulnerability."
network
microsoft CWE-20
3.5