53 matches found
KB5073699: Windows Server 2008 R2 Security Update (January 2026)
The remote Windows host is missing security update 5073699. It is, therefore, affected by multiple vulnerabilities - An issue was discovered in Broadcom LSI PCI-SV92EX Soft Modem Kernel Driver through 2.2.100.1 aka AGRSM64.sys. There is Local Privilege Escalation to SYSTEM via a Stack Overflow in...
December 18, 2025—KB5074977 (Monthly Rollup) Out-of-band
December 18, 2025—KB5074977 Monthly Rollup Out-of-band Windows Secure Boot certificate expirationImportant: Secure Boot certificates used by most Windows devices are set to expire starting in June 2026. Microsoft has been updating these certificates on consumer and non-managed business devices fo...
Security Bulletin: Windows Privilege Impersonation Check affects NVIDIA Windows Device Driver for use on NVIDIA PCIe cards installed in System x servers (CVE-2015-1170)
Summary The NVIDIA Windows Server 2008 and 2008 R2 Display Driver's kernel administrator check improperly validates local client impersonation levels in some cases when using the NVIDIA Windows Device Driver for use on NVIDIA PCIe cards installed in System x Servers. NVIDIA's PCIe cards are...
KB5023759: Windows Server 2008 R2 Security Update (March 2023)
The remote Windows host is missing security update 5023759. It is, therefore, affected by multiple vulnerabilities - Internet Control Message Protocol ICMP Remote Code Execution Vulnerability CVE-2023-23415 - Remote Procedure Call Runtime Remote Code Execution Vulnerability CVE-2023-21708,...
KB5021651: Out-of-band update for Windows Server 2008 R2: November 18, 2022
KB5021651: Out-of-band update for Windows Server 2008 R2: November 18, 2022 Summary This update includes improvements for the following: Addresses a known issue that affects Windows Servers that have the Domain Controller DC role. They might have Kerberos authentication issues if both of the...
Exploit for CVE-2017-0144
CVE-2017-0144---EtneralBlue-MS17-010-Remote-Code-Execution Th...
KLA11767 Microsoft Advisory for Windows
Original advisories ADV200006 Related products Microsoft-Windows-Server-2012 Microsoft-Windows-8 Microsoft-Windows-7 Microsoft-Windows-Server-2008 Microsoft-Windows-10 CVE list KB list Solution Install necessary updates from the KB section, that are listed in your Windows Update Windows Update...
Microsoft Windows GDI+ Component CVE-2020-0643 Local Information Disclosure Vulnerability
Description Microsoft Windows is prone to a local information-disclosure vulnerability. Local attackers can exploit this issue to obtain sensitive information that may lead to further attacks. Technologies Affected Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version...
2019-03 Security Update for Windows Server 2008 R2 for Itanium-based Systems (KB4474419)
A security issue has been identified in a Microsoft software product that could affect your system. You can help protect your system by installing this update from Microsoft. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article...
Microsoft Windows SetImeInfoEx Win32k NULL Pointer Dereference Exploit
This Metasploit module exploits an elevation of privilege vulnerability that exists in Windows 7 and 2008 R2 when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploits this vulnerability could run arbitrary code in kernel mode. An attacker could th...
CVE-2018-8422
An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka "Windows GDI Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2008 R2. This CVE ID is unique from CVE-2018-8424...
CVE-2018-8419
Technical details are not publicly available in the provided documents. Monitor for updates.
CVE-2018-8433
An information disclosure vulnerability exists when the Windows Graphics component improperly handles objects in memory, aka "Microsoft Graphics Component Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 201...
Microsoft Windows CVE-2018-8314 Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a privilege-escalation vulnerability. An attackers may exploit this issue to gain elevated privileges. Technologies Affected Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 7 for 32-bit Systems SP1...
Immunity Canvas: SETIMEINFOEX_LPE
Name| setimeinfoexlpe ---|--- CVE| CVE-2018-8120 Exploit Pack| CANVAS Description| SetImeInfoEx LPE Notes| CVE Name: CVE-2018-8120 Notes: Tested: Windows 7 x64 Windows 7 x86 Windows Vista x86 Windows 2008 R2 x64 VENDOR: Microsoft CVE Url: https://nvd.nist.gov/vuln/detail/CVE-2018-8120 CVSS: 7.0...
Remote code execution
The Windows NetBT Session Services component on Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows a remote code execution vulnerability when it fails to maintain...
Microsoft Windows 7/2008 R2 - 'EternalBlue' SMB Remote Code Execution (MS17-010)
!/usr/bin/python from impacket import smb from struct import pack import sys import socket ''' EternalBlue exploit for Windows 7/2008 by sleepya The exploit might FAIL and CRASH a target system depended on what is overwritten EDB Note: Shellcode - x64...
Microsoft SQL Server 2008 R2 10.50.x.x < 10.50.4321.00 Multiple Vulnerabilities (2977319)
Binary data 9703.prm...
Microsoft SQL Server 2008 R2 Detection
Binary data 9509.prm...
CVE-2016-3226
Active Directory in Microsoft Windows Server 2008 R2 SP1 and Server 2012 Gold and R2 allows remote authenticated users to cause a denial of service service hang by creating many machine accounts, aka "Active Directory Denial of Service Vulnerability."...