Vulnerabilities > Microsoft > Windows Server 2016 > Low

DATE CVE VULNERABILITY TITLE RISK
2020-01-24 CVE-2019-1454 Improper Privilege Management vulnerability in Microsoft products
An elevation of privilege vulnerability exists when the Windows User Profile Service (ProfSvc) improperly handles symlinks, aka 'Windows User Profile Service Elevation of Privilege Vulnerability'.
local
low complexity
microsoft CWE-269
3.6
2020-01-14 CVE-2020-0608 Information Exposure vulnerability in Microsoft products
An information disclosure vulnerability exists when the win32k component improperly provides kernel information, aka 'Win32k Information Disclosure Vulnerability'.
local
low complexity
microsoft CWE-200
2.1
2020-01-14 CVE-2020-0615 Information Exposure vulnerability in Microsoft products
An information disclosure vulnerability exists in the Windows Common Log File System (CLFS) driver when it fails to properly handle objects in memory, aka 'Windows Common Log File System Driver Information Disclosure Vulnerability'.
local
low complexity
microsoft CWE-200
2.1
2020-01-14 CVE-2020-0621 Insufficient Session Expiration vulnerability in Microsoft products
A security feature bypass vulnerability exists in Windows 10 when third party filters are called during a password update, aka 'Windows Security Feature Bypass Vulnerability'.
local
low complexity
microsoft CWE-613
2.1
2020-01-14 CVE-2020-0622 Information Exposure vulnerability in Microsoft Windows 10 and Windows Server 2016
An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory, aka 'Microsoft Graphics Component Information Disclosure Vulnerability'.
local
low complexity
microsoft CWE-200
2.1
2020-01-14 CVE-2020-0639 Information Exposure vulnerability in Microsoft products
An information disclosure vulnerability exists in the Windows Common Log File System (CLFS) driver when it fails to properly handle objects in memory, aka 'Windows Common Log File System Driver Information Disclosure Vulnerability'.
local
low complexity
microsoft CWE-200
2.1
2020-01-14 CVE-2020-0643 Information Exposure vulnerability in Microsoft products
An information disclosure vulnerability exists in the way that the Windows Graphics Device Interface Plus (GDI+) handles objects in memory, allowing an attacker to retrieve information from a targeted system, aka 'Windows GDI+ Information Disclosure Vulnerability'.
local
low complexity
microsoft CWE-200
2.1
2019-12-10 CVE-2019-1469 Information Exposure vulnerability in Microsoft products
An information disclosure vulnerability exists when the win32k component improperly provides kernel information, aka 'Win32k Information Disclosure Vulnerability'.
local
low complexity
microsoft CWE-200
2.1
2019-12-10 CVE-2019-1472 Information Exposure vulnerability in Microsoft products
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'.
local
low complexity
microsoft CWE-200
2.1
2019-12-10 CVE-2019-1474 Information Exposure vulnerability in Microsoft products
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'.
local
low complexity
microsoft CWE-200
2.1