Exposure of Windows Server
Operating systems1,483
exposure score
243,602
sites use
33
exploited
3
critical
CVEs
831 resultsCVE-2019-0731—An elevation of privilege vulnerability exists when Windows improperly handles calls to the LUAFV driver (luafv.sys), aka 'Windows ElevationEPSS 4.4%CVE-2019-0730—An elevation of privilege vulnerability exists when Windows improperly handles calls to the LUAFV driver (luafv.sys), aka 'Windows ElevationEPSS 4.4%CVE-2020-1317—An elevation of privilege vulnerability exists when Group Policy improperly checks access, aka 'Group Policy Elevation of Privilege VulnerabEPSS 4.3%CVE-2019-1324—An information disclosure vulnerability exists when the Windows TCP/IP stack improperly handles IPv6 flowlabel filled in packets, aka 'WindoEPSS 4.3%CVE-2019-0637—A security feature bypass vulnerability exists when Windows Defender Firewall incorrectly applies firewall profiles to cellular network connEPSS 4.3%CVE-2020-0665—An elevation of privilege vulnerability exists in Active Directory Forest trusts due to a default setting that lets an attacker in the trustEPSS 4.3%CVE-2019-0796—An elevation of privilege vulnerability exists when Windows improperly handles calls to the LUAFV driver (luafv.sys), aka 'Windows ElevationEPSS 4.2%CVE-2019-0734—An elevation of privilege vulnerability exists in Microsoft Windows when a man-in-the-middle attacker is able to successfully decode and repEPSS 4.2%CVE-2019-0836—An elevation of privilege vulnerability exists when Windows improperly handles calls to the LUAFV driver (luafv.sys), aka 'Windows ElevationEPSS 4.1%CVE-2019-1365—An elevation of privilege vulnerability exists when Microsoft IIS Server fails to check the length of a buffer prior to copying memory to itEPSS 4.1%CVE-2019-1397—A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated usEPSS 4.0%CVE-2019-1389—A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated usEPSS 4.0%CVE-2020-1150—A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory, aka 'Media Foundation Memory CoEPSS 3.9%CVE-2020-0645—A tampering vulnerability exists when Microsoft IIS Server improperly handles malformed request headers, aka 'Microsoft IIS Server TamperingEPSS 3.8%CVE-2019-0732—A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard when Windows improperly handlEPSS 3.8%CVE-2020-0728—An information vulnerability exists when Windows Modules Installer Service improperly discloses file information, aka 'Windows Modules InstaEPSS 3.7%CVE-2020-1112—An elevation of privilege vulnerability exists when the Windows Background Intelligent Transfer Service (BITS) IIS module improperly handlesEPSS 3.7%CVE-2019-0735—An elevation of privilege vulnerability exists when the Windows Client Server Run-Time Subsystem (CSRSS) fails to properly handle objects inEPSS 3.7%CVE-2020-1309—An elevation of privilege vulnerability exists when the Microsoft Store Runtime improperly handles memory.To exploit this vulnerability, an EPSS 3.7%CVE-2020-1212—An elevation of privilege vulnerability exists when an OLE Automation component improperly handles memory.To exploit this vulnerability, an EPSS 3.4%
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →