Product:

Windows_server_2022

(Microsoft)
Repositories

Unknown:

This might be proprietary software.
#Vulnerabilities 1461
Date Id Summary Products Score Patch Annotated
2023-02-28 CVE-2023-1017 An out-of-bounds write vulnerability exists in TPM2.0's Module Library allowing writing of a 2-byte data past the end of TPM2.0 command in the CryptParameterDecryption routine. An attacker who can successfully exploit this vulnerability can lead to denial of service (crashing the TPM chip/process or rendering it unusable) and/or arbitrary code execution in the TPM context. Windows_10_1507, Windows_10_1607, Windows_10_1809, Windows_10_20h2, Windows_10_21h2, Windows_10_22h2, Windows_11_21h2, Windows_11_22h2, Windows_server_2016, Windows_server_2019, Windows_server_2022, Trusted_platform_module 7.8
2023-02-28 CVE-2023-1018 An out-of-bounds read vulnerability exists in TPM2.0's Module Library allowing a 2-byte read past the end of a TPM2.0 command in the CryptParameterDecryption routine. An attacker who can successfully exploit this vulnerability can read or access sensitive data stored in the TPM. Windows_10_1507, Windows_10_1607, Windows_10_1809, Windows_10_20h2, Windows_10_21h2, Windows_10_22h2, Windows_11_21h2, Windows_11_22h2, Windows_server_2016, Windows_server_2019, Windows_server_2022, Trusted_platform_module 5.5
2023-09-15 CVE-2023-38039 When curl retrieves an HTTP response, it stores the incoming headers so that they can be accessed later via the libcurl headers API. However, curl did not have a limit in how many or how large headers it would accept in a response, allowing a malicious server to stream an endless series of headers and eventually cause curl to run out of heap memory. Fedora, Curl, Windows_10_1809, Windows_10_21h2, Windows_10_22h2, Windows_11_21h2, Windows_11_22h2, Windows_11_23h2, Windows_server_2019, Windows_server_2022 7.5
2021-07-02 CVE-2021-34527 <p>A remote code execution vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations. An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.</p> <p>UPDATE July 7, 2021: The security update for Windows Server 2012, Windows Server 2016 and Windows 10, Version 1607 have been... Windows_10_1507, Windows_10_1607, Windows_10_1809, Windows_10_20h2, Windows_10_21h2, Windows_10_22h2, Windows_11_21h2, Windows_11_22h2, Windows_7, Windows_8\.1, Windows_rt_8\.1, Windows_server_2008, Windows_server_2012, Windows_server_2016, Windows_server_2019, Windows_server_2022, Windows_server_20h2 8.8
2023-12-20 CVE-2022-44684 Windows Local Session Manager (LSM) Denial of Service Vulnerability Windows_10_20h2, Windows_10_21h1, Windows_10_21h2, Windows_10_22h2, Windows_11_21h2, Windows_11_22h2, Windows_server_2022 6.5
2021-09-15 CVE-2021-26435 Windows Scripting Engine Memory Corruption Vulnerability Windows_10, Windows_7, Windows_8\.1, Windows_rt_8\.1, Windows_server_2008, Windows_server_2012, Windows_server_2016, Windows_server_2019, Windows_server_2022 8.1
2021-09-15 CVE-2021-36954 Windows Bind Filter Driver Elevation of Privilege Vulnerability Windows_10, Windows_server_2016, Windows_server_2019, Windows_server_2022 8.8
2021-09-15 CVE-2021-36959 Windows Authenticode Spoofing Vulnerability Windows_10, Windows_7, Windows_8\.1, Windows_rt_8\.1, Windows_server_2008, Windows_server_2012, Windows_server_2016, Windows_server_2019, Windows_server_2022 5.5
2021-09-15 CVE-2021-36960 Windows SMB Information Disclosure Vulnerability Windows_10, Windows_7, Windows_8\.1, Windows_rt_8\.1, Windows_server_2008, Windows_server_2012, Windows_server_2016, Windows_server_2019, Windows_server_2022 7.5
2021-09-15 CVE-2021-36961 Windows Installer Denial of Service Vulnerability Windows_10, Windows_7, Windows_8\.1, Windows_rt_8\.1, Windows_server_2008, Windows_server_2012, Windows_server_2016, Windows_server_2019, Windows_server_2022 5.5