Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
MicrosoftWindows Server 2008

3447 matches found

cve
cveadded 2015/07/20 6:59 p.m.897 views

CVE-2015-2426

Buffer underflow in atmfd.dll in the Windows Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code via a cra...

9.3CVSS7.4AI score0.91612EPSS
In wild
cve
cveadded 2022/09/13 7:15 p.m.886 views

CVE-2022-37969

Windows Common Log File System Driver Elevation of Privilege Vulnerability

7.8CVSS8.9AI score0.04835EPSS
In wild
cve
cveadded 2025/01/14 6:15 p.m.886 views

CVE-2025-21298

Windows OLE Remote Code Execution Vulnerability

9.8CVSS9.8AI score0.70558EPSS
cve
cveadded 2017/03/17 12:59 a.m.885 views

CVE-2017-0022

Microsoft XML Core Services (MSXML) in Windows 10 Gold, 1511, and 1607; Windows 7 SP1; Windows 8.1; Windows RT 8.1; Windows Server 2008 SP2 and R2 SP1; Windows Server 2012 Gold and R2; Windows Server 2016; and Windows Vista SP2 improperly handles objects in memory, allowing attackers to test for fi...

6.5CVSS4.3AI score0.34723EPSS
In wild
cve
cveadded 2016/10/14 2:59 a.m.878 views

CVE-2016-3298

Microsoft Internet Explorer 9 through 11 and the Internet Messaging API in Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allow remote attackers to determine the existence of arbitrary files via a crafted web site, aka "Internet Explorer Information Disclosure Vulnerabilit...

6.5CVSS5.4AI score0.27734EPSS
In wild
cve
cveadded 2015/06/10 1:59 a.m.872 views

CVE-2015-2360

win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges or cause a denial o...

8.8CVSS6.5AI score0.05865EPSS
In wild
cve
cveadded 2014/11/11 10:55 p.m.859 views

CVE-2014-4077

Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, and Office 2007 SP3, when IMJPDCT.EXE (aka IME for Japanese) is installed, allow remote attackers to bypass a sandbox protection mechanism via a crafted PDF document, aka "Microsoft IME (Japanes...

9.3CVSS8.4AI score0.2956EPSS
In wild
cve
cveadded 2022/11/09 10:15 p.m.854 views

CVE-2022-41128

Windows Scripting Languages Remote Code Execution Vulnerability

8.8CVSS8.3AI score0.67153EPSS
In wild
cve
cveadded 2022/10/11 7:15 p.m.833 views

CVE-2022-41033

Windows COM+ Event System Service Elevation of Privilege Vulnerability

7.8CVSS8.1AI score0.00234EPSS
In wild
cve
cveadded 2023/02/14 9:15 p.m.829 views

CVE-2023-21823

Windows Graphics Component Remote Code Execution Vulnerability

7.8CVSS7.9AI score0.03215EPSS
In wild
cve
cveadded 2019/11/12 7:15 p.m.826 views

CVE-2019-1388

An elevation of privilege vulnerability exists in the Windows Certificate Dialog when it does not properly enforce user privileges, aka 'Windows Certificate Dialog Elevation of Privilege Vulnerability'.

7.8CVSS8.5AI score0.03445EPSS
In wild
cve
cveadded 2022/11/09 10:15 p.m.781 views

CVE-2022-41073

Windows Print Spooler Elevation of Privilege Vulnerability

7.8CVSS8.1AI score0.00699EPSS
In wild
cve
cveadded 2011/12/30 1:55 a.m.778 views

CVE-2011-3416

The Forms Authentication feature in the ASP.NET subsystem in Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5 SP1, 3.5.1, and 4.0 allows remote authenticated users to obtain access to arbitrary user accounts via a crafted username, aka "ASP.Net Forms Authentication Bypass Vulnerability."

8.5CVSS6AI score0.83531EPSS
Web
cve
cveadded 2023/05/09 6:15 p.m.773 views

CVE-2023-29336

Win32k Elevation of Privilege Vulnerability

7.8CVSS8.8AI score0.71132EPSS
In wild
cve
cveadded 2024/10/08 6:15 p.m.764 views

CVE-2024-38124

Windows Netlogon Elevation of Privilege Vulnerability

9CVSS9AI score0.00293EPSS
cve
cveadded 2018/05/22 12:29 p.m.763 views

CVE-2018-3639

Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store ...

5.5CVSS5.9AI score0.46737EPSS
In wildWeb
cve
cveadded 2022/11/09 10:15 p.m.762 views

CVE-2022-38023

Netlogon RPC Elevation of Privilege Vulnerability

8.1CVSS8.3AI score0.00314EPSS
cve
cveadded 2023/10/10 6:15 p.m.747 views

CVE-2023-36563

Microsoft WordPad Information Disclosure Vulnerability

6.5CVSS7.1AI score0.00841EPSS
In wild
cve
cveadded 2023/02/14 8:15 p.m.686 views

CVE-2023-23376

Windows Common Log File System Driver Elevation of Privilege Vulnerability

7.8CVSS7.9AI score0.19879EPSS
In wild
cve
cveadded 2023/09/12 5:15 p.m.677 views

CVE-2023-36805

Windows MSHTML Platform Security Feature Bypass Vulnerability

7CVSS7.6AI score0.00221EPSS
cve
cveadded 2023/10/10 6:15 p.m.676 views

CVE-2023-36434

Windows IIS Server Elevation of Privilege Vulnerability

9.8CVSS9.4AI score0.02926EPSS
In wild
cve
cveadded 2018/09/06 9:29 p.m.669 views

CVE-2018-5391

The Linux kernel, versions 3.9+, is vulnerable to a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. An attacker may cause a denial of service condition by sending specially crafted IP fragments. Various vulnerabilities in IP fragmentation hav...

7.8CVSS7.7AI score0.05017EPSS
In wild
cve
cveadded 2023/09/12 5:15 p.m.664 views

CVE-2023-38142

Windows Kernel Elevation of Privilege Vulnerability

7.8CVSS8.1AI score0.04835EPSS
cve
cveadded 2023/09/12 5:15 p.m.656 views

CVE-2023-38160

Windows TCP/IP Information Disclosure Vulnerability

5.5CVSS6.6AI score0.00221EPSS
cve
cveadded 2009/09/08 10:30 p.m.646 views

CVE-2009-3103

Array index error in the SMBv2 protocol implementation in srv2.sys in Microsoft Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold and SP2, and Windows 7 RC allows remote attackers to execute arbitrary code or cause a denial of service (system crash) via an & (ampersand) character in a Proc...

10CVSS9.4AI score0.92944EPSS
Web
cve
cveadded 2024/10/08 6:15 p.m.646 views

CVE-2024-43572

Microsoft Management Console Remote Code Execution Vulnerability

7.8CVSS8.6AI score0.52877EPSS
In wild
cve
cveadded 2023/05/09 6:15 p.m.633 views

CVE-2023-24932

Secure Boot Security Feature Bypass Vulnerability

6.7CVSS6.9AI score0.00782EPSS
In wild
cve
cveadded 2023/10/10 6:15 p.m.631 views

CVE-2023-36584

Windows Mark of the Web Security Feature Bypass Vulnerability

5.4CVSS7.3AI score0.20094EPSS
In wild
cve
cveadded 2022/04/15 7:15 p.m.630 views

CVE-2022-26809

Remote Procedure Call Runtime Remote Code Execution Vulnerability

10CVSS9.6AI score0.92281EPSS
cve
cveadded 2019/09/03 6:15 p.m.606 views

CVE-2019-1125

An information disclosure vulnerability exists when certain central processing units (CPU) speculatively access memory. An attacker who successfully exploited the vulnerability could read privileged data across trust boundaries.To exploit this vulnerability, an attacker would have to log on to an a...

5.6CVSS6.8AI score0.13431EPSS
cve
cveadded 2025/04/08 6:16 p.m.604 views

CVE-2025-29824

Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.

7.8CVSS7.5AI score0.01599EPSS
In wild
cve
cveadded 2023/07/11 6:15 p.m.594 views

CVE-2023-36874

Windows Error Reporting Service Elevation of Privilege Vulnerability

7.8CVSS8.7AI score0.62953EPSS
In wild
cve
cveadded 2022/05/10 9:15 p.m.585 views

CVE-2022-29130

Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability

9.8CVSS9.4AI score0.13776EPSS
cve
cveadded 2022/07/12 11:15 p.m.577 views

CVE-2022-30209

Windows IIS Server Elevation of Privilege Vulnerability

7.4CVSS7.9AI score0.05027EPSS
cve
cveadded 2021/05/11 8:15 p.m.556 views

CVE-2020-24588

The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that the A-MSDU flag in the plaintext QoS header field is authenticated. Against devices that support receiving non-SSP A-MSDU frames (which is mandatory as part of 802...

3.5CVSS6.4AI score0.00446EPSS
cve
cveadded 2023/03/14 5:15 p.m.556 views

CVE-2023-23415

Internet Control Message Protocol (ICMP) Remote Code Execution Vulnerability

9.8CVSS9.7AI score0.03976EPSS
cve
cveadded 2008/10/23 10:0 p.m.530 views

CVE-2008-4250

The Server service in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, and 7 Pre-Beta allows remote attackers to execute arbitrary code via a crafted RPC request that triggers the overflow during path canonicalization, as exploited in the wild by...

10CVSS9.5AI score0.94126EPSS
cve
cveadded 2018/03/14 5:29 p.m.512 views

CVE-2018-0886

The Credential Security Support Provider protocol (CredSSP) in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709 Windows Server 2016 and Windows Server, version 1709 allows a remote code execu...

7.6CVSS7AI score0.91367EPSS
Web
cve
cveadded 2023/07/11 6:15 p.m.512 views

CVE-2023-32046

Windows MSHTML Platform Elevation of Privilege Vulnerability

7.8CVSS8.7AI score0.78924EPSS
In wild
cve
cveadded 2022/11/09 10:15 p.m.510 views

CVE-2022-37967

Windows Kerberos Elevation of Privilege Vulnerability

7.2CVSS7.9AI score0.02345EPSS
cve
cveadded 2023/09/12 5:15 p.m.502 views

CVE-2023-38144

Windows Common Log File System Driver Elevation of Privilege Vulnerability

7.8CVSS7.8AI score0.01242EPSS
cve
cveadded 2023/11/14 6:15 p.m.499 views

CVE-2023-36025

Windows SmartScreen Security Feature Bypass Vulnerability

8.8CVSS9.5AI score0.90393EPSS
In wild
cve
cveadded 2024/11/12 6:15 p.m.494 views

CVE-2024-38203

Windows Package Library Manager Information Disclosure Vulnerability

6.2CVSS5.8AI score0.00176EPSS
cve
cveadded 2023/09/12 5:15 p.m.493 views

CVE-2023-36801

DHCP Server Service Information Disclosure Vulnerability

5.3CVSS6AI score0.00248EPSS
cve
cveadded 2008/10/20 5:59 p.m.491 views

CVE-2008-4609

The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, (3) Microsoft Windows, (4) Cisco products, and probably other operating systems allows remote attackers to cause a denial of service (connection queue exhaustion) via multiple vectors that manipulate information in the TCP state ...

7.1CVSS8.8AI score0.00755EPSS
cve
cveadded 2016/04/12 11:59 p.m.490 views

CVE-2016-0165

The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vu...

7.8CVSS6.8AI score0.11623EPSS
In wild
cve
cveadded 2023/04/11 9:15 p.m.490 views

CVE-2023-28229

Windows CNG Key Isolation Service Elevation of Privilege Vulnerability

7CVSS7AI score0.07065EPSS
In wild
cve
cveadded 2024/07/09 5:15 p.m.488 views

CVE-2024-38077

Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability

9.8CVSS9.6AI score0.85029EPSS
Web
cve
cveadded 2023/09/12 5:15 p.m.471 views

CVE-2023-38161

Windows GDI Elevation of Privilege Vulnerability

7.8CVSS7.8AI score0.00071EPSS
cve
cveadded 2024/12/12 2:4 a.m.470 views

CVE-2024-49138

Windows Common Log File System Driver Elevation of Privilege Vulnerability

7.8CVSS7.5AI score0.85455EPSS
In wild
Total number of security vulnerabilities3447