This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Microsoft First view 2017-12-12
Product Windows Server 2016 Last view 2020-05-21
Version 1709 Type Os
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:o:microsoft:windows_server_2016

Activity : Overall

Related : CVE

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
  Date Alert Description
7.8 2020-05-21 CVE-2020-1087

An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1114.

5.5 2020-05-21 CVE-2020-1075

An information disclosure vulnerability exists when Windows Subsystem for Linux improperly handles objects in memory, aka 'Windows Subsystem for Linux Information Disclosure Vulnerability'.

5.5 2020-03-12 CVE-2020-0775

An information disclosure vulnerability exists when Windows Error Reporting improperly handles file operations.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows Error Reporting Information Disclosure Vulnerability'.

6.5 2020-03-12 CVE-2020-0774

An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-0874, CVE-2020-0879, CVE-2020-0880, CVE-2020-0882.

7.8 2019-06-12 CVE-2019-1021

An elevation of privilege exists in Windows Audio Service, aka 'Windows Audio Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1007, CVE-2019-1022, CVE-2019-1026, CVE-2019-1027, CVE-2019-1028.

7.8 2019-05-16 CVE-2019-0892

An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'.

7.8 2019-05-16 CVE-2019-0885

A remote code execution vulnerability exists when Microsoft Windows OLE fails to properly validate user input, aka 'Windows OLE Remote Code Execution Vulnerability'.

7.8 2019-05-16 CVE-2019-0881

An elevation of privilege vulnerability exists when the Windows Kernel improperly handles key enumeration, aka 'Windows Kernel Elevation of Privilege Vulnerability'.

7.8 2019-04-09 CVE-2019-0879

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0846, CVE-2019-0847, CVE-2019-0851, CVE-2019-0877.

7.8 2019-04-09 CVE-2019-0877

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0846, CVE-2019-0847, CVE-2019-0851, CVE-2019-0879.

7.8 2019-04-09 CVE-2019-0859

An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0685, CVE-2019-0803.

7.2 2019-04-09 CVE-2019-0856

A remote code execution vulnerability exists when Windows improperly handles objects in memory, aka 'Windows Remote Code Execution Vulnerability'.

8.8 2019-04-09 CVE-2019-0853

A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory, aka 'GDI+ Remote Code Execution Vulnerability'.

7.8 2019-04-09 CVE-2019-0851

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0846, CVE-2019-0847, CVE-2019-0877, CVE-2019-0879.

6.5 2019-04-09 CVE-2019-0849

An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0802.

5.5 2019-04-09 CVE-2019-0848

An information disclosure vulnerability exists when the win32k component improperly provides kernel information, aka 'Win32k Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0814.

7.8 2019-04-09 CVE-2019-0847

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0846, CVE-2019-0851, CVE-2019-0877, CVE-2019-0879.

7.8 2019-04-09 CVE-2019-0846

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0847, CVE-2019-0851, CVE-2019-0877, CVE-2019-0879.

8.8 2019-04-09 CVE-2019-0845

A remote code execution vulnerability exists when the IOleCvt interface renders ASP webpage content, aka 'Windows IOleCvt Interface Remote Code Execution Vulnerability'.

5.5 2019-04-09 CVE-2019-0844

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0840.

8.8 2019-04-09 CVE-2019-0842

A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'Windows VBScript Engine Remote Code Execution Vulnerability'.

7.8 2019-04-09 CVE-2019-0841

An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0730, CVE-2019-0731, CVE-2019-0796, CVE-2019-0805, CVE-2019-0836.

5.5 2019-04-09 CVE-2019-0840

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0844.

4.4 2019-04-09 CVE-2019-0839

An information disclosure vulnerability exists when the Terminal Services component improperly discloses the contents of its memory, aka 'Windows Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0838.

7.8 2019-04-09 CVE-2019-0838

An information disclosure vulnerability exists when Windows Task Scheduler improperly discloses credentials to Windows Credential Manager, aka 'Windows Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0839.

CWE : Common Weakness Enumeration

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
%idName
18% (29) CWE-404 Improper Resource Shutdown or Release
16% (26) CWE-200 Information Exposure
16% (25) CWE-20 Improper Input Validation
5% (9) CWE-665 Improper Initialization
5% (8) CWE-787 Out-of-bounds Write
5% (8) CWE-611 Information Leak Through XML External Entity File Disclosure
3% (5) CWE-269 Improper Privilege Management
3% (5) CWE-190 Integer Overflow or Wraparound
2% (4) CWE-732 Incorrect Permission Assignment for Critical Resource
2% (4) CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition
1% (3) CWE-264 Permissions, Privileges, and Access Controls
1% (3) CWE-94 Failure to Control Generation of Code ('Code Injection')
1% (3) CWE-59 Improper Link Resolution Before File Access ('Link Following')
1% (2) CWE-502 Deserialization of Untrusted Data
1% (2) CWE-416 Use After Free
1% (2) CWE-287 Improper Authentication
1% (2) CWE-19 Data Handling
0% (1) CWE-706 Use of Incorrectly-Resolved Name or Reference
0% (1) CWE-522 Insufficiently Protected Credentials
0% (1) CWE-401 Failure to Release Memory Before Removing Last Reference ('Memory L...
0% (1) CWE-345 Insufficient Verification of Data Authenticity
0% (1) CWE-331 Insufficient Entropy
0% (1) CWE-327 Use of a Broken or Risky Cryptographic Algorithm
0% (1) CWE-295 Certificate Issues
0% (1) CWE-273 Improper Check for Dropped Privileges

SAINT Exploits

Description Link
Windows RRAS Service Remote Code Execution Vulnerability More info here

Snort® IPS/IDS

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
Date Description
2019-12-05 Microsoft JET Database ExcelExtractString stack buffer overflow attempt
RuleID : 52073 - Type : SERVER-OTHER - Revision : 1
2019-12-05 Microsoft JET Database ExcelExtractString stack buffer overflow attempt
RuleID : 52072 - Type : SERVER-OTHER - Revision : 1
2019-07-02 Windows DACL privilege escalation attempt
RuleID : 50199 - Type : OS-WINDOWS - Revision : 3
2019-07-02 Windows DACL privilege escalation attempt
RuleID : 50198 - Type : OS-WINDOWS - Revision : 3
2019-06-22 Microsoft Windows GDI component use after free attempt
RuleID : 50175 - Type : OS-WINDOWS - Revision : 1
2019-06-22 Microsoft Windows GDI component use after free attempt
RuleID : 50174 - Type : OS-WINDOWS - Revision : 1
2019-06-11 Microsoft Windows OLE Load Picture remote code execution attempt
RuleID : 50089 - Type : FILE-IMAGE - Revision : 1
2019-06-11 Microsoft Windows OLE Load Picture remote code execution attempt
RuleID : 50088 - Type : FILE-IMAGE - Revision : 1
2019-06-11 Windows Kernel Registry Virtualization privilege escalation attempt
RuleID : 50085 - Type : OS-WINDOWS - Revision : 1
2019-06-11 Windows Kernel Registry Virtualization privilege escalation attempt
RuleID : 50084 - Type : OS-WINDOWS - Revision : 1
2019-05-23 Microsoft Windows IOleCvt interface use attempt
RuleID : 49887 - Type : BROWSER-IE - Revision : 1
2019-05-23 Microsoft Windows IOleCvt interface use attempt
RuleID : 49886 - Type : BROWSER-IE - Revision : 1
2019-05-14 Microsoft Windows AppXSVC privilege escalation attempt
RuleID : 49765 - Type : OS-WINDOWS - Revision : 2
2019-05-14 Microsoft Windows AppXSVC privilege escalation attempt
RuleID : 49764 - Type : OS-WINDOWS - Revision : 2
2019-05-14 Microsoft Windows AppXSVC privilege escalation attempt
RuleID : 49763 - Type : OS-WINDOWS - Revision : 2
2019-05-14 Microsoft Windows AppXSVC privilege escalation attempt
RuleID : 49762 - Type : OS-WINDOWS - Revision : 2
2019-05-09 Microsoft Windows Kernel information disclosure attempt
RuleID : 49755 - Type : OS-WINDOWS - Revision : 1
2019-05-09 Microsoft Windows Kernel information disclosure attempt
RuleID : 49754 - Type : OS-WINDOWS - Revision : 1
2019-05-09 Microsoft Windows kernel information disclosure attempt
RuleID : 49751 - Type : OS-WINDOWS - Revision : 1
2019-05-09 Microsoft Windows kernel information disclosure attempt
RuleID : 49750 - Type : OS-WINDOWS - Revision : 1
2019-05-09 Microsoft Windows LUAFV privilege escalation attempt
RuleID : 49749 - Type : OS-WINDOWS - Revision : 1
2019-05-09 Microsoft Windows LUAFV privilege escalation attempt
RuleID : 49748 - Type : OS-WINDOWS - Revision : 1
2019-05-09 Microsoft Windows win32k privilege escalation attempt
RuleID : 49747 - Type : OS-WINDOWS - Revision : 1
2019-05-09 Microsoft Windows win32k privilege escalation attempt
RuleID : 49746 - Type : OS-WINDOWS - Revision : 1
2019-05-09 Microsoft Windows LuafvPostReadWrite privilege escalation attempt
RuleID : 49721 - Type : OS-WINDOWS - Revision : 1

Nessus® Vulnerability Scanner

id Description
2017-12-12 Name: The remote Windows host is affected by multiple vulnerabilities.
File: smb_nt_ms17_dec_4053578.nasl - Type: ACT_GATHER_INFO
2017-12-12 Name: The remote Windows host is affected by multiple vulnerabilities.
File: smb_nt_ms17_dec_4053579.nasl - Type: ACT_GATHER_INFO
2017-12-12 Name: The remote Windows host is affected by multiple vulnerabilities.
File: smb_nt_ms17_dec_4053580.nasl - Type: ACT_GATHER_INFO
2017-12-12 Name: The remote Windows host is affected by multiple vulnerabilities.
File: smb_nt_ms17_dec_4053581.nasl - Type: ACT_GATHER_INFO
2017-12-12 Name: The remote Windows host is affected by multiple vulnerabilities.
File: smb_nt_ms17_dec_4054517.nasl - Type: ACT_GATHER_INFO
2017-12-12 Name: The remote Windows host is affected by multiple vulnerabilities.
File: smb_nt_ms17_dec_4054518.nasl - Type: ACT_GATHER_INFO
2017-12-12 Name: The remote Windows host is affected by multiple vulnerabilities.
File: smb_nt_ms17_dec_4054519.nasl - Type: ACT_GATHER_INFO
2017-12-12 Name: The remote Windows host is affected by multiple vulnerabilities.
File: smb_nt_ms17_dec_4054520.nasl - Type: ACT_GATHER_INFO
2017-12-12 Name: The remote Windows host is affected by multiple vulnerabilities.
File: smb_nt_ms17_dec_win2008.nasl - Type: ACT_GATHER_INFO