Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Microsoft Subscribe
Filtered by product Windows Server 2012
Total 2763 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2015-6113 1 Microsoft 9 Windows 10, Windows 7, Windows 8 and 6 more 2019-05-16 2.1 LOW N/A
The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 allows local users to bypass intended filesystem permissions by leveraging Low Integrity access, aka "Windows Kernel Security Feature Bypass Vulnerability."
CVE-2016-0014 1 Microsoft 9 Windows 10, Windows 7, Windows 8 and 6 more 2019-05-16 7.2 HIGH 7.8 HIGH
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 mishandle DLL loading, which allows local users to gain privileges via a crafted application, aka "DLL Loading Elevation of Privilege Vulnerability."
CVE-2016-7855 6 Adobe, Apple, Google and 3 more 12 Flash Player, Mac Os X, Chrome Os and 9 more 2019-05-16 9.3 HIGH 8.8 HIGH
Use-after-free vulnerability in Adobe Flash Player before 23.0.0.205 on Windows and OS X and before 11.2.202.643 on Linux allows remote attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in October 2016.
CVE-2016-7857 6 Adobe, Apple, Google and 3 more 14 Flash Player, Flash Player For Linux, Mac Os X and 11 more 2019-05-16 9.3 HIGH 8.8 HIGH
Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and earlier have an exploitable use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution.
CVE-2016-7859 6 Adobe, Apple, Google and 3 more 14 Flash Player, Flash Player For Linux, Mac Os X and 11 more 2019-05-16 9.3 HIGH 8.8 HIGH
Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and earlier have an exploitable use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution.
CVE-2015-2515 1 Microsoft 9 Windows 10, Windows 7, Windows 8 and 6 more 2019-05-16 9.3 HIGH N/A
Use-after-free vulnerability in Windows Shell in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows remote attackers to execute arbitrary code via a crafted toolbar object, aka "Toolbar Use After Free Vulnerability."
CVE-2017-11815 1 Microsoft 7 Windows 10, Windows 7, Windows 8.1 and 4 more 2019-05-16 3.5 LOW 5.3 MEDIUM
The Microsoft Server Block Message (SMB) on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, allows an information disclosure vulnerability in the way that it handles certain requests, aka "Windows SMB Information Disclosure Vulnerability".
CVE-2015-1696 1 Microsoft 8 Windows 7, Windows 8, Windows 8.1 and 5 more 2019-05-16 9.3 HIGH N/A
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow remote attackers to execute arbitrary code via a crafted Journal file, aka "Windows Journal Remote Code Execution Vulnerability," a different vulnerability than CVE-2015-1675, CVE-2015-1695, CVE-2015-1697, CVE-2015-1698, and CVE-2015-1699.
CVE-2017-11818 1 Microsoft 5 Windows 10, Windows 8.1, Windows Rt 8.1 and 2 more 2019-05-16 4.4 MEDIUM 4.5 MEDIUM
The Microsoft Windows Storage component on Microsoft Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows a security feature bypass vulnerability when it fails to validate an integrity-level check, aka "Windows Storage Security Feature Bypass Vulnerability".
CVE-2016-3302 1 Microsoft 4 Windows 10, Windows 8.1, Windows Rt 8.1 and 1 more 2019-05-16 6.2 MEDIUM 6.3 MEDIUM
Microsoft Windows 8.1, Windows Server 2012 R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607, when the lock screen is enabled, do not properly restrict the loading of web content, which allows physically proximate attackers to execute arbitrary code via a (1) crafted Wi-Fi access point or (2) crafted mobile-broadband device, aka "Windows Lock Screen Elevation of Privilege Vulnerability."
CVE-2017-11822 1 Microsoft 8 Internet Explorer, Windows 10, Windows 7 and 5 more 2019-05-16 7.6 HIGH 7.5 HIGH
Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how Internet Explorer handles objects in memory, aka "Internet Explorer Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11813.
CVE-2017-11817 1 Microsoft 7 Windows 10, Windows 7, Windows 8.1 and 4 more 2019-05-16 1.9 LOW 4.7 MEDIUM
The Microsoft Windows Kernel component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, allows an information disclosure vulnerability when it improperly validates objects in memory, aka "Windows Information Disclosure Vulnerability".
CVE-2016-7865 6 Adobe, Apple, Google and 3 more 14 Flash Player, Flash Player For Linux, Mac Os X and 11 more 2019-05-15 9.3 HIGH 8.8 HIGH
Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and earlier have an exploitable type confusion vulnerability. Successful exploitation could lead to arbitrary code execution.
CVE-2016-7863 6 Adobe, Apple, Google and 3 more 13 Flash Player, Flash Player For Linux, Mac Os X and 10 more 2019-05-15 9.3 HIGH 8.8 HIGH
Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and earlier have an exploitable use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution.
CVE-2016-7858 6 Adobe, Apple, Google and 3 more 14 Flash Player, Flash Player For Linux, Mac Os X and 11 more 2019-05-15 9.3 HIGH 8.8 HIGH
Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and earlier have an exploitable use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution.
CVE-2017-11816 1 Microsoft 7 Windows 10, Windows 7, Windows 8.1 and 4 more 2019-05-15 2.1 LOW 5.5 MEDIUM
The Microsoft Windows Graphics Device Interface (GDI) on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an information disclosure vulnerability in the way it handles objects in memory, aka "Windows GDI Information Disclosure Vulnerability".
CVE-2016-0008 1 Microsoft 8 Windows 7, Windows 8, Windows 8.1 and 5 more 2019-05-15 4.3 MEDIUM 4.3 MEDIUM
The graphics device interface in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to bypass the ASLR protection mechanism via unspecified vectors, aka "Windows GDI32.dll ASLR Bypass Vulnerability."
CVE-2015-6132 1 Microsoft 9 Windows 10, Windows 7, Windows 8 and 6 more 2019-05-15 7.2 HIGH N/A
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 mishandle library loading, which allows local users to gain privileges via a crafted application, aka "Windows Library Loading Remote Code Execution Vulnerability."
CVE-2016-0018 1 Microsoft 5 Windows 10, Windows 7, Windows 8 and 2 more 2019-05-15 6.9 MEDIUM 7.3 HIGH
Microsoft Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 R2, and Windows 10 Gold and 1511 mishandle DLL loading, which allows local users to gain privileges via a crafted application, aka "DLL Loading Remote Code Execution Vulnerability."
CVE-2015-2553 1 Microsoft 9 Windows 10, Windows 7, Windows 8 and 6 more 2019-05-15 7.2 HIGH N/A
The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 mishandles junctions during mountpoint creation, which makes it easier for local users to gain privileges by leveraging certain sandbox access, aka "Windows Mount Point Elevation of Privilege Vulnerability."