Home › Vendors › Microsoft › Windows Server 1803Microsoft Windows Server 1803 — known CVE vulnerabilities Every CVE whose affected-product data names Microsoft Windows Server 1803, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (35) CVE-2018-0824 — CVSS 8.8 (high) — actively exploited : A remote code execution vulnerability exists in "Microsoft COM for Windows" when it fails to properly handle serialized objects, aka…CVE-2018-8414 — CVSS 8.8 (high) — actively exploited : A remote code execution vulnerability exists when the Windows Shell does not properly validate file paths, aka "Windows Shell Remote Code…CVE-2019-0903 — CVSS 8.8 (high) — actively exploited : A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory, aka…CVE-2020-0601 — CVSS 8.1 (high) — actively exploited : A spoofing vulnerability exists in the way Windows CryptoAPI (Crypt32.dll) validates Elliptic Curve Cryptography (ECC) certificates.An…CVE-2018-8231 — CVSS 8.1 (high) : A remote code execution vulnerability exists when HTTP Protocol Stack (Http.sys) improperly handles objects in memory, aka "HTTP Protocol…CVE-2020-0986 — CVSS 7.8 (high) — actively exploited : An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel…CVE-2018-8405 — CVSS 7.8 (high) — actively exploited : An elevation of privilege vulnerability exists when the DirectX Graphics Kernel (DXGKRNL) driver improperly handles objects in memory, aka…CVE-2018-8406 — CVSS 7.8 (high) — actively exploited : An elevation of privilege vulnerability exists when the DirectX Graphics Kernel (DXGKRNL) driver improperly handles objects in memory, aka…CVE-2020-1027 — CVSS 7.8 (high) — actively exploited : An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory, aka 'Windows Kernel Elevation…CVE-2018-8453 — CVSS 7.8 (high) — actively exploited : An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka "Win32k…CVE-2019-0543 — CVSS 7.8 (high) — actively exploited : An elevation of privilege vulnerability exists when Windows improperly handles authentication requests, aka "Microsoft Windows Elevation of…CVE-2020-0938 — CVSS 7.8 (high) — actively exploited : A remote code execution vulnerability exists in Microsoft Windows when the Windows Adobe Type Manager Library improperly handles a…CVE-2019-0797 — CVSS 7.8 (high) — actively exploited : An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k…CVE-2019-0803 — CVSS 7.8 (high) — actively exploited : An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k…CVE-2019-0859 — CVSS 7.8 (high) — actively exploited : An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k…CVE-2019-0863 — CVSS 7.8 (high) — actively exploited : An elevation of privilege vulnerability exists in the way Windows Error Reporting (WER) handles files, aka 'Windows Error Reporting…CVE-2020-1054 — CVSS 7.8 (high) — actively exploited : An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory…CVE-2019-1064 — CVSS 7.8 (high) — actively exploited : An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links. An attacker…CVE-2019-1069 — CVSS 7.8 (high) — actively exploited : An elevation of privilege vulnerability exists in the way the Task Scheduler Service validates certain file operations. An attacker who…CVE-2019-1129 — CVSS 7.8 (high) — actively exploited : An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links, aka 'Windows…CVE-2019-1130 — CVSS 7.8 (high) — actively exploited : An elevation of privilege vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links, aka 'Windows…CVE-2019-1214 — CVSS 7.8 (high) — actively exploited : An elevation of privilege vulnerability exists when the Windows Common Log File System (CLFS) driver improperly handles objects in memory…CVE-2019-1215 — CVSS 7.8 (high) — actively exploited : An elevation of privilege vulnerability exists in the way that ws2ifsl.sys (Winsock) handles objects in memory, aka 'Windows Elevation of…CVE-2019-1253 — CVSS 7.8 (high) — actively exploited : An elevation of privilege vulnerability exists when the Windows AppX Deployment Server improperly handles junctions.To exploit this…CVE-2019-1322 — CVSS 7.8 (high) — actively exploited : An elevation of privilege vulnerability exists when Windows improperly handles authentication requests, aka 'Microsoft Windows Elevation of…CVE-2019-1405 — CVSS 7.8 (high) — actively exploited : An elevation of privilege vulnerability exists when the Windows Universal Plug and Play (UPnP) service improperly allows COM object…CVE-2020-0683 — CVSS 7.8 (high) — actively exploited : An elevation of privilege vulnerability exists in the Windows Installer when MSI packages process symbolic links, aka 'Windows Installer…CVE-2020-0638 — CVSS 7.8 (high) — actively exploited : An elevation of privilege vulnerability exists in the way the Update Notification Manager handles files.To exploit this vulnerability, an…CVE-2020-0787 — CVSS 7.8 (high) — actively exploited : An elevation of privilege vulnerability exists when the Windows Background Intelligent Transfer Service (BITS) improperly handles symbolic…CVE-2018-8226 — CVSS 7.5 (high) : A denial of service vulnerability exists in the HTTP 2.0 protocol stack (HTTP.sys) when HTTP.sys improperly parses specially crafted HTTP…CVE-2018-8493 — CVSS 7.5 (high) : An information disclosure vulnerability exists when the Windows TCP/IP stack improperly handles fragmented IP packets, aka "Windows TCP/IP…CVE-2018-8140 — CVSS 6.8 (medium) : An Elevation of Privilege vulnerability exists when Cortana retrieves data from user input services without consideration for status, aka…CVE-2019-0703 — CVSS 6.5 (medium) — actively exploited : An information disclosure vulnerability exists in the way that the Windows SMB Server handles certain requests, aka 'Windows SMB…CVE-2018-8175 — CVSS 6.5 (medium) : An denial of service vulnerability exists when Windows NT WEBDAV Minirdr attempts to query a WEBDAV directory, aka "WEBDAV Denial of…CVE-2018-8239 — CVSS 5.5 (medium) : An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka "Windows…