Exposure of Windows Server
Operating systems1,483
exposure score
243,602
sites use
33
exploited
3
critical
CVEs
831 resultsCVE-2019-0708CRITICALA remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unauthenticated attackerEPSS 100.0%KEVCVE-2020-1350CRITICALA remote code execution vulnerability exists in Windows Domain Name System servers when they fail to properly handle requests, aka 'Windows EPSS 92.2%KEVCVE-2020-0601HIGHA spoofing vulnerability exists in the way Windows CryptoAPI (Crypt32.dll) validates Elliptic Curve Cryptography (ECC) certificates.An attacEPSS 89.4%KEVCVE-2019-1458HIGHAn elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k EPSS 74.4%KEVCVE-2020-0938HIGHA remote code execution vulnerability exists in Microsoft Windows when the Windows Adobe Type Manager Library improperly handles a speciallyEPSS 69.2%KEVCVE-2020-1020HIGHA remote code execution vulnerability exists in Microsoft Windows when the Windows Adobe Type Manager Library improperly handles a speciallyEPSS 65.0%KEVCVE-2019-0808HIGHAn elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k EPSS 53.3%KEVCVE-2020-1054HIGHAn elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, akEPSS 52.8%KEVCVE-2019-0803HIGHAn elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k EPSS 45.2%KEVCVE-2020-0787HIGHAn elevation of privilege vulnerability exists when the Windows Background Intelligent Transfer Service (BITS) improperly handles symbolic lEPSS 42.5%KEVCVE-2019-0841HIGHAn elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links, aka 'Windows ElEPSS 41.7%KEVCVE-2019-1405HIGHAn elevation of privilege vulnerability exists when the Windows Universal Plug and Play (UPnP) service improperly allows COM object creationEPSS 29.9%KEVCVE-2019-0903HIGHA remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory, aka EPSS 21.7%KEVCVE-2019-1215HIGHAn elevation of privilege vulnerability exists in the way that ws2ifsl.sys (Winsock) handles objects in memory, aka 'Windows Elevation of PrEPSS 19.4%KEVCVE-2019-1322HIGHAn elevation of privilege vulnerability exists when Windows improperly handles authentication requests, aka 'Microsoft Windows Elevation of EPSS 19.2%KEVCVE-2020-0986HIGHAn elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel ElevaEPSS 15.9%KEVCVE-2019-1253HIGHAn elevation of privilege vulnerability exists when the Windows AppX Deployment Server improperly handles junctions.To exploit this vulnerabEPSS 11.6%KEVCVE-2019-1132HIGHAn elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k EPSS 9.8%KEVCVE-2019-0703MEDIUMAn information disclosure vulnerability exists in the way that the Windows SMB Server handles certain requests, aka 'Windows SMB InformationEPSS 9.6%KEVCVE-2019-1388HIGHAn elevation of privilege vulnerability exists in the Windows Certificate Dialog when it does not properly enforce user privileges, aka 'WinEPSS 8.6%KEV
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →