📦 Windows Server 20h2
by Microsoft
🔍 What is Windows Server 20h2?
Description coming soon...
🛡️ Security Overview
Click on a severity to filter vulnerabilities
⚠️ Known Vulnerabilities
CVE-2022-35744 is a critical remote code execution vulnerability in Windows Point-to-Point Protocol (PPP) that allows unauthenticated attackers to execute arbitrary code on affected systems. This affe...
CVE-2021-31166 is a critical remote code execution vulnerability in the Microsoft HTTP Protocol Stack (http.sys) that allows unauthenticated attackers to execute arbitrary code with SYSTEM privileges ...
This vulnerability allows attackers to gain SYSTEM-level privileges on Windows systems by exploiting the Print Spooler service. It affects Windows servers and workstations where the Print Spooler serv...
This vulnerability in the Windows Cloud Files Mini Filter Driver allows attackers to gain SYSTEM-level privileges on affected Windows systems. It affects Windows 10, 11, and Server versions where the ...
This vulnerability allows remote code execution through the Microsoft Windows Support Diagnostic Tool (MSDT) when processing specially crafted files. Attackers can exploit this by tricking users into ...
CVE-2022-35746 is an elevation of privilege vulnerability in Windows Digital Media Receiver that allows authenticated attackers to execute arbitrary code with SYSTEM privileges. This affects Windows s...
CVE-2022-35748 is a denial-of-service vulnerability in HTTP.sys that allows remote attackers to crash affected Windows servers by sending specially crafted HTTP requests. This affects Windows servers ...
CVE-2022-35750 is a Win32k elevation of privilege vulnerability in Windows that allows an authenticated attacker to gain SYSTEM-level privileges on a compromised system. This affects Windows operating...
This vulnerability allows remote attackers to execute arbitrary code on Windows systems by exploiting a flaw in the Secure Socket Tunneling Protocol (SSTP) service. Attackers could gain SYSTEM-level p...
This vulnerability allows an attacker to gain SYSTEM-level privileges on Windows systems by exploiting a flaw in the Client Server Runtime Subsystem (CSRSS). It affects Windows 10, 11, and Server 2019...
This vulnerability allows remote code execution when Microsoft Support Diagnostic Tool (MSDT) is invoked via URL protocol from applications like Microsoft Word. Attackers can execute arbitrary code wi...
CVE-2022-26925 is a Windows Local Security Authority (LSA) spoofing vulnerability that allows an authenticated attacker to impersonate any user on a domain controller, potentially gaining elevated pri...
This vulnerability allows attackers to gain SYSTEM-level privileges on Windows systems by exploiting the Print Spooler service. It affects Windows servers and workstations where the Print Spooler serv...
CVE-2022-21971 is a remote code execution vulnerability in Windows Runtime that allows attackers to execute arbitrary code on affected systems. It affects Windows 10, Windows 11, and Windows Server 20...
CVE-2022-21919 is an elevation of privilege vulnerability in the Windows User Profile Service that allows an authenticated attacker to gain SYSTEM-level privileges on affected systems. It affects Wind...
CVE-2022-21882 is a Win32k elevation of privilege vulnerability in Windows that allows authenticated attackers to gain SYSTEM privileges. This affects Windows operating systems where an attacker with ...
CVE-2021-42278 is an elevation of privilege vulnerability in Active Directory Domain Services (AD DS) that allows an authenticated attacker to gain domain administrator privileges by exploiting a flaw...
CVE-2021-41357 is a Win32k elevation of privilege vulnerability in Windows that allows authenticated attackers to gain SYSTEM-level privileges on affected systems. This affects Windows 10, Windows 11,...
CVE-2021-40449 is a use-after-free vulnerability in the Win32k graphics driver component of Windows. It allows a local authenticated attacker to execute arbitrary code with SYSTEM privileges, leading ...
This vulnerability in the Windows Common Log File System Driver allows attackers to gain SYSTEM-level privileges on affected systems. It affects Windows 10 and Windows Server systems where an attacker...
CVE-2021-36942 is a Local Security Authority (LSA) spoofing vulnerability in Windows that allows an authenticated attacker to impersonate any user on a system, including administrators. This affects W...
This vulnerability allows attackers to gain SYSTEM-level privileges on Windows systems by exploiting a use-after-free bug in Windows Event Tracing. It affects Windows 10, Windows Server 2016, and late...
This is a Windows kernel elevation of privilege vulnerability that allows authenticated attackers to execute arbitrary code with SYSTEM privileges. It affects Windows operating systems and requires an...
CVE-2021-31956 is a Windows NTFS elevation of privilege vulnerability that allows authenticated attackers to gain SYSTEM-level privileges on affected systems. This affects Windows operating systems wi...
CVE-2021-28310 is a Win32k elevation of privilege vulnerability in Windows kernel-mode drivers. It allows authenticated attackers to execute arbitrary code with SYSTEM privileges, affecting Windows 10...
CVE-2020-1472 (Zerologon) is a critical authentication bypass vulnerability in Microsoft's Netlogon protocol that allows unauthenticated attackers to gain domain administrator privileges. It affects W...