Windows Server 2008 Security Vulnerabilities and Issues — Page 2 of Windows Server 2008 CVE List

Lucene search

MicrosoftWindows Server 2008

3407 matches found

CVE•added 2019/12/10 10:15 p.m.•1124 views

CVE-2019-1458

An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'.

7.8CVSS8.2AI score0.92947EPSS

CVE•added 2021/07/14 6:15 p.m.•1109 views

CVE-2021-33771

Windows Kernel Elevation of Privilege Vulnerability

7.8CVSS8.3AI score0.01694EPSS

CVE•added 2020/08/17 7:15 p.m.•1102 views

CVE-2020-1464

A spoofing vulnerability exists when Windows incorrectly validates file signatures. An attacker who successfully exploited this vulnerability could bypass security features and load improperly signed files.In an attack scenario, an attacker could bypass security features intended to prevent imprope...

7.8CVSS7.3AI score0.05831EPSS

CVE•added 2022/01/11 9:15 p.m.•1102 views

CVE-2022-21919

Windows User Profile Service Elevation of Privilege Vulnerability

7CVSS8.2AI score0.00684EPSS

CVE•added 2016/08/09 9:59 p.m.•1098 views

CVE-2016-3309

The kernel-mode drivers in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607 allow local users to gain privileges via a crafted application, aka "Win32k Elevation of Privi...

7.8CVSS7.5AI score0.49455EPSS

CVE•added 2019/07/29 2:13 p.m.•1093 views

CVE-2019-1132

An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'.

7.8CVSS7.7AI score0.29255EPSS

CVE•added 2016/03/09 11:59 a.m.•1092 views

CVE-2016-0099

The Secondary Logon Service in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 does not properly process request handles, which allows local users to gain privileges via a craf...

7.8CVSS7.5AI score0.91168EPSS

CVE•added 2021/09/15 12:15 p.m.•1084 views

CVE-2021-36955

Windows Common Log File System Driver Elevation of Privilege Vulnerability

7.8CVSS8AI score0.18971EPSS

CVE•added 2020/07/14 11:15 p.m.•1082 views

CVE-2020-1040

A remote code execution vulnerability exists when Hyper-V RemoteFX vGPU on a host server fails to properly validate input from an authenticated user on a guest operating system, aka 'Hyper-V RemoteFX vGPU Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1032, CVE-2020-1036,...

9CVSS9.2AI score0.01001EPSS

CVE•added 2017/06/15 1:29 a.m.•1081 views

CVE-2017-8543

Microsoft Windows XP SP3, Windows XP x64 XP2, Windows Server 2003 SP2, Windows Vista, Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to take co...

10CVSS6.2AI score0.75599EPSS

CVE•added 2019/10/10 2:15 p.m.•1073 views

CVE-2019-1315

An elevation of privilege vulnerability exists when Windows Error Reporting manager improperly handles hard links, aka 'Windows Error Reporting Manager Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1339, CVE-2019-1342.

7.8CVSS8.5AI score0.06219EPSS

CVE•added 2016/11/10 7:0 a.m.•1072 views

CVE-2016-7255

The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allow local users to gain privileges via a crafted application, aka "Win3...

7.8CVSS7.6AI score0.89359EPSS

CVE•added 2022/04/15 7:15 p.m.•1072 views

CVE-2022-26904

Windows User Profile Service Elevation of Privilege Vulnerability

7CVSS8.2AI score0.27261EPSS

CVE•added 2017/03/17 12:59 a.m.•1069 views

CVE-2017-0001

The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607 allows local users to gain privileges via a crafted application, aka "Windows GDI ...

7.8CVSS6.2AI score0.12861EPSS

CVE•added 2019/05/16 7:29 p.m.•1069 views

CVE-2019-0863

An elevation of privilege vulnerability exists in the way Windows Error Reporting (WER) handles files, aka 'Windows Error Reporting Elevation of Privilege Vulnerability'.

7.8CVSS7.7AI score0.13544EPSS

CVE•added 2020/04/15 3:15 p.m.•1068 views

CVE-2020-0938

A remote code execution vulnerability exists in Microsoft Windows when the Windows Adobe Type Manager Library improperly handles a specially-crafted multi-master font - Adobe Type 1 PostScript format.For all systems except Windows 10, an attacker who successfully exploited the vulnerability could e...

7.8CVSS8.2AI score0.8787EPSS

CVE•added 2019/09/11 10:15 p.m.•1066 views

CVE-2019-1215

An elevation of privilege vulnerability exists in the way that ws2ifsl.sys (Winsock) handles objects in memory, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1253, CVE-2019-1278, CVE-2019-1303.

7.8CVSS8.1AI score0.19565EPSS

CVE•added 2019/09/11 10:15 p.m.•1064 views

CVE-2019-1214

An elevation of privilege vulnerability exists when the Windows Common Log File System (CLFS) driver improperly handles objects in memory, aka 'Windows Common Log File System Driver Elevation of Privilege Vulnerability'.

7.8CVSS8AI score0.11567EPSS

CVE•added 2020/04/15 3:15 p.m.•1062 views

CVE-2020-1027

An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0913, CVE-2020-1000, CVE-2020-1003.

7.8CVSS8AI score0.13396EPSS

CVE•added 2019/04/09 12:29 a.m.•1060 views

CVE-2019-0703

An information disclosure vulnerability exists in the way that the Windows SMB Server handles certain requests, aka 'Windows SMB Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0704, CVE-2019-0821.

6.5CVSS6.8AI score0.14208EPSS

CVE•added 2012/04/10 9:55 p.m.•1059 views

CVE-2012-0151

The Authenticode Signature Verification function in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, and Windows 8 Consumer Preview does not properly validate the digest of a signed portable executable (PE...

9.3CVSS5.8AI score0.88546EPSS

CVE•added 2013/11/06 3:55 p.m.•1057 views

CVE-2013-3906

GDI+ in Microsoft Windows Vista SP2 and Server 2008 SP2; Office 2003 SP3, 2007 SP3, and 2010 SP1 and SP2; Office Compatibility Pack SP3; and Lync 2010, 2010 Attendee, 2013, and Basic 2013 allows remote attackers to execute arbitrary code via a crafted TIFF image, as demonstrated by an image in a Wo...

9.3CVSS9.4AI score0.92746EPSS

CVE•added 2018/09/13 12:29 a.m.•1054 views

CVE-2018-8440

An elevation of privilege vulnerability exists when Windows improperly handles calls to Advanced Local Procedure Call (ALPC), aka "Windows ALPC Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8....

7.8CVSS7.5AI score0.76175EPSS

CVE•added 2022/07/12 11:15 p.m.•1053 views

CVE-2022-22047

Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability

7.8CVSS8.3AI score0.00669EPSS

CVE•added 2019/01/08 9:29 p.m.•1049 views

CVE-2019-0543

An elevation of privilege vulnerability exists when Windows improperly handles authentication requests, aka "Microsoft Windows Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Window...

7.8CVSS7.7AI score0.03524EPSS

CVE•added 2023/04/11 9:15 p.m.•1040 views

CVE-2023-28252

Windows Common Log File System Driver Elevation of Privilege Vulnerability

7.8CVSS8.1AI score0.54137EPSS

CVE•added 2017/03/17 12:59 a.m.•1036 views

CVE-2017-0005

7.8CVSS6.2AI score0.12861EPSS

CVE•added 2022/08/09 8:15 p.m.•1032 views

CVE-2022-34713

Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability

7.8CVSS8.9AI score0.08936EPSS

CVE•added 2019/05/16 7:29 p.m.•1019 views

CVE-2019-0903

A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory, aka 'GDI+ Remote Code Execution Vulnerability'.

9.3CVSS8AI score0.50678EPSS

CVE•added 2010/12/06 1:44 p.m.•1006 views

CVE-2010-4398

Stack-based buffer overflow in the RtlQueryRegistryValues function in win32k.sys in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows local users to gain privileges, and bypass the User Account Control (...

7.8CVSS6.8AI score0.14487EPSS

CVE•added 2014/10/22 2:55 p.m.•1006 views

CVE-2014-6352

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow remote attackers to execute arbitrary code via a crafted OLE object, as exploited in the wild in October 2014 with a crafted Pow...

9.3CVSS7.6AI score0.90891EPSS

CVE•added 2016/02/10 11:59 a.m.•1003 views

CVE-2016-0040

The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows local users to gain privileges via a crafted application, aka "Windows Elevation of Privilege Vulnerability."

7.8CVSS7.3AI score0.72234EPSS

CVE•added 2017/03/17 12:59 a.m.•1002 views

CVE-2017-0101

The kernel-mode drivers in Transaction Manager in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2; Windows 7 SP1; Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allow local users to gain privileges via a crafted app...

7.8CVSS6.2AI score0.6193EPSS

CVE•added 2013/05/24 8:55 p.m.•994 views

CVE-2013-3660

The EPATHOBJ::pprFlattenRec function in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, and Windows Server 2012 does not properly initialize a pointer for the next ob...

7.8CVSS6.5AI score0.67944EPSS

CVE•added 2016/11/10 7:0 a.m.•992 views

CVE-2016-7256

atmfd.dll in the Windows font library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows remote attackers to execute arbitrary code via a cra...

9.3CVSS8.8AI score0.50761EPSS

CVE•added 2019/04/09 3:29 a.m.•988 views

CVE-2019-0808

An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0797.

7.8CVSS8.2AI score0.52291EPSS

CVE•added 2015/04/21 10:59 a.m.•981 views

CVE-2015-1701

Win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Vista SP2, and Server 2008 SP2 allows local users to gain privileges via a crafted application, as exploited in the wild in April 2015, aka "Win32k Elevation of Privilege Vulnerability."

7.8CVSS7.3AI score0.90769EPSS

CVE•added 2014/10/15 10:55 a.m.•972 views

CVE-2014-4113

win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a crafted application, as ...

7.8CVSS8AI score0.78854EPSS

CVE•added 2018/12/12 12:29 a.m.•967 views

CVE-2018-8611

An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka "Windows Kernel Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012...

7.8CVSS8.4AI score0.06406EPSS

CVE•added 2009/06/10 6:30 p.m.•949 views

CVE-2009-1123

The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 SP2 does not properly validate changes to unspecified kernel objects, which allows local users to gain privileges via a crafted application, aka "Windows Kernel Desktop Vulnerability...

7.8CVSS6.2AI score0.04402EPSS

CVE•added 2014/10/15 10:55 a.m.•945 views

CVE-2014-4114

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow remote attackers to execute arbitrary code via a crafted OLE object in an Office document, as exploited in the wild with a "Sand...

9.3CVSS9.5AI score0.92026EPSS

CVE•added 2020/11/11 7:15 a.m.•937 views

CVE-2020-17049

A security feature bypass vulnerability exists in the way Key Distribution Center (KDC) determines if a service ticket can be used for delegation via Kerberos Constrained Delegation (KCD).To exploit the vulnerability, a compromised service that is configured to use KCD could tamper with a service t...

9CVSS6.8AI score0.20086EPSS

CVE•added 2014/11/18 11:59 p.m.•936 views

CVE-2014-6324

The Kerberos Key Distribution Center (KDC) in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 allows remote authenticated domain users to obtain domain administrator privileges via a...

9CVSS5.9AI score0.87205EPSS

CVE•added 2014/10/15 10:55 a.m.•913 views

CVE-2014-4148

win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code via a crafted True...

9.3CVSS7.9AI score0.34773EPSS

CVE•added 2018/11/14 1:29 a.m.•910 views

CVE-2018-8589

An elevation of privilege vulnerability exists when Windows improperly handles calls to Win32k.sys, aka "Windows Win32k Elevation of Privilege Vulnerability." This affects Windows Server 2008, Windows 7, Windows Server 2008 R2.

7.8CVSS8AI score0.04922EPSS

CVE•added 2015/08/15 12:59 a.m.•906 views

CVE-2015-1769

Mount Manager in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 mishandles symlinks, which allows physically proximate attackers to execute arbitrary code by connecting ...

7.2CVSS7.3AI score0.14049EPSS

CVE•added 2024/08/13 6:15 p.m.•905 views

CVE-2024-38063

Windows TCP/IP Remote Code Execution Vulnerability

9.8CVSS9.8AI score0.88095EPSS

CVE•added 2015/07/14 10:59 p.m.•903 views

CVE-2015-2387

ATMFD.DLL in the Adobe Type Manager Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a crafted applic...

7.8CVSS6.2AI score0.24298EPSS

CVE•added 2015/01/13 10:59 p.m.•902 views

CVE-2015-0016

Directory traversal vulnerability in the TS WebProxy (aka TSWbPrxy) component in Microsoft Windows Vista SP2, Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to gain privileges via a crafted path...

9.3CVSS6.8AI score0.91334EPSS

CVE•added 2016/10/14 2:59 a.m.•897 views

CVE-2016-3393

Graphics Device Interface (aka GDI or GDI+) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607 allows remote attackers to execute arbitrary code via a crafted web site, ...

9.3CVSS7.8AI score0.29859EPSS

Total number of security vulnerabilities3407