Microsoft Windows_server_2012
790 CVEs affecting Microsoft Windows_server_2012. Latest disclosed: 2026-05-12. Critical: 12, High: 329.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-41089 | Critical | 9.8 | 2026-05-12 | Stack-based buffer overflow in Windows Netlogon allows an unauthorized attacker to execute code over a network. |
CVE-2025-60724 | Critical | 9.8 | 2025-11-11 | Heap-based buffer overflow in Microsoft Graphics Component allows an unauthorized attacker to execute code over a network. |
CVE-2025-53766 | Critical | 9.8 | 2025-08-12 | Heap-based buffer overflow in Windows GDI+ allows an unauthorized attacker to execute code over a network. |
CVE-2017-11771 | Critical | 9.8 | 2017-10-13 | The Microsoft Windows Search component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT… |
CVE-2017-8686 | Critical | 9.8 | 2017-09-13 | The Windows Server DHCP service in Windows Server 2012 Gold and R2, and Windows Server 2016 allows an attacker to either run arbitrary code on the DHCP failove… |
CVE-2017-8589 | Critical | 9.8 | 2017-07-11 | Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and… |
CVE-2016-7182 | Critical | 9.8 | 2016-10-14 | The Graphics component in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows… |
CVE-2016-4138 | Critical | 9.8 | 2016-06-16 | Unspecified vulnerability in Adobe Flash Player 21.0.0.242 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Micro… |
CVE-2016-3236 | Critical | 9.8 | 2016-06-16 | The Web Proxy Auto Discovery (WPAD) protocol implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Win… |
CVE-2016-3227 | Critical | 9.8 | 2016-06-16 | Use-after-free vulnerability in the DNS Server component in Microsoft Windows Server 2012 Gold and R2 allows remote attackers to execute arbitrary code via cra… |
CVE-2016-0088 | Critical | 9.3 | 2016-04-12 | Hyper-V in Microsoft Windows 8.1, Windows Server 2012 Gold and R2, and Windows 10 allows guest OS users to execute arbitrary code on the host OS via a crafted… |
CVE-2012-4787 | Critical | 9.0 | 2012-12-12 | Use-after-free vulnerability in Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code via a crafted web site that triggers acc… |
CVE-2026-40403 | High | 8.8 | 2026-05-12 | Heap-based buffer overflow in Windows Win32K - GRFX allows an authorized attacker to execute code locally. |
CVE-2026-34329 | High | 8.8 | 2026-05-12 | Heap-based buffer overflow in Windows Message Queuing allows an unauthorized attacker to execute code over an adjacent network. |
CVE-2026-32157 | High | 8.8 | 2026-04-14 | Use after free in Remote Desktop Client allows an unauthorized attacker to execute code over a network. |
CVE-2024-43455 | High | 8.8 | 2024-09-10 | Windows Remote Desktop Licensing Service Spoofing Vulnerability |
CVE-2017-11763 | High | 8.8 | 2017-10-13 | The Microsoft Graphics Component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1… |
CVE-2017-11762 | High | 8.8 | 2017-10-13 | The Microsoft Graphics Component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1… |
CVE-2017-8682 | High | 8.8 | 2017-09-13 | Windows graphics on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold… |
CVE-2017-8664 | High | 8.8 | 2017-08-08 | Windows Hyper-V in Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows a remote… |