Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
MicrosoftWindows Server 2008

3446 matches found

CVE
CVEadded 2015/07/20 6:59 p.m.896 views

CVE-2015-2426

Buffer underflow in atmfd.dll in the Windows Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code via a cra...

9.3CVSS7.4AI score0.91612EPSS
CVE
CVEadded 2017/03/17 12:59 a.m.884 views

CVE-2017-0022

Microsoft XML Core Services (MSXML) in Windows 10 Gold, 1511, and 1607; Windows 7 SP1; Windows 8.1; Windows RT 8.1; Windows Server 2008 SP2 and R2 SP1; Windows Server 2012 Gold and R2; Windows Server 2016; and Windows Vista SP2 improperly handles objects in memory, allowing attackers to test for fi...

6.5CVSS4.3AI score0.34723EPSS
CVE
CVEadded 2022/09/13 7:15 p.m.878 views

CVE-2022-37969

Windows Common Log File System Driver Elevation of Privilege Vulnerability

7.8CVSS8.9AI score0.05424EPSS
CVE
CVEadded 2016/10/14 2:59 a.m.877 views

CVE-2016-3298

Microsoft Internet Explorer 9 through 11 and the Internet Messaging API in Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allow remote attackers to determine the existence of arbitrary files via a crafted web site, aka "Internet Explorer Information Disclosure Vulnerabilit...

6.5CVSS5.4AI score0.27734EPSS
CVE
CVEadded 2015/06/10 1:59 a.m.871 views

CVE-2015-2360

win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges or cause a denial o...

8.8CVSS6.5AI score0.05865EPSS
CVE
CVEadded 2025/01/14 6:15 p.m.863 views

CVE-2025-21298

Windows OLE Remote Code Execution Vulnerability

9.8CVSS9.8AI score0.70558EPSS
CVE
CVEadded 2014/11/11 10:55 p.m.858 views

CVE-2014-4077

Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, and Office 2007 SP3, when IMJPDCT.EXE (aka IME for Japanese) is installed, allow remote attackers to bypass a sandbox protection mechanism via a crafted PDF document, aka "Microsoft IME (Japanes...

9.3CVSS8.4AI score0.2956EPSS
CVE
CVEadded 2022/11/09 10:15 p.m.846 views

CVE-2022-41128

Windows Scripting Languages Remote Code Execution Vulnerability

8.8CVSS8.3AI score0.67153EPSS
CVE
CVEadded 2022/10/11 7:15 p.m.826 views

CVE-2022-41033

Windows COM+ Event System Service Elevation of Privilege Vulnerability

7.8CVSS8.1AI score0.00234EPSS
CVE
CVEadded 2023/02/14 9:15 p.m.820 views

CVE-2023-21823

Windows Graphics Component Remote Code Execution Vulnerability

7.8CVSS7.9AI score0.03155EPSS
CVE
CVEadded 2019/11/12 7:15 p.m.817 views

CVE-2019-1388

An elevation of privilege vulnerability exists in the Windows Certificate Dialog when it does not properly enforce user privileges, aka 'Windows Certificate Dialog Elevation of Privilege Vulnerability'.

7.8CVSS8.5AI score0.03282EPSS
CVE
CVEadded 2011/12/30 1:55 a.m.777 views

CVE-2011-3416

The Forms Authentication feature in the ASP.NET subsystem in Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5 SP1, 3.5.1, and 4.0 allows remote authenticated users to obtain access to arbitrary user accounts via a crafted username, aka "ASP.Net Forms Authentication Bypass Vulnerability."

8.5CVSS6AI score0.86632EPSS
CVE
CVEadded 2022/11/09 10:15 p.m.774 views

CVE-2022-41073

Windows Print Spooler Elevation of Privilege Vulnerability

7.8CVSS8.1AI score0.00699EPSS
CVE
CVEadded 2023/05/09 6:15 p.m.765 views

CVE-2023-29336

Win32k Elevation of Privilege Vulnerability

7.8CVSS8.8AI score0.73519EPSS
CVE
CVEadded 2024/10/08 6:15 p.m.760 views

CVE-2024-38124

Windows Netlogon Elevation of Privilege Vulnerability

9CVSS9AI score0.00962EPSS
CVE
CVEadded 2018/05/22 12:29 p.m.747 views

CVE-2018-3639

Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store ...

5.5CVSS5.9AI score0.46737EPSS
CVE
CVEadded 2023/10/10 6:15 p.m.740 views

CVE-2023-36563

Microsoft WordPad Information Disclosure Vulnerability

6.5CVSS7.1AI score0.00725EPSS
CVE
CVEadded 2022/11/09 10:15 p.m.739 views

CVE-2022-38023

Netlogon RPC Elevation of Privilege Vulnerability

8.1CVSS8.3AI score0.0032EPSS
CVE
CVEadded 2023/02/14 8:15 p.m.676 views

CVE-2023-23376

Windows Common Log File System Driver Elevation of Privilege Vulnerability

7.8CVSS7.9AI score0.18778EPSS
CVE
CVEadded 2023/09/12 5:15 p.m.676 views

CVE-2023-36805

Windows MSHTML Platform Security Feature Bypass Vulnerability

7CVSS7.6AI score0.00221EPSS
CVE
CVEadded 2023/10/10 6:15 p.m.668 views

CVE-2023-36434

Windows IIS Server Elevation of Privilege Vulnerability

9.8CVSS9.4AI score0.02926EPSS
CVE
CVEadded 2023/09/12 5:15 p.m.663 views

CVE-2023-38142

Windows Kernel Elevation of Privilege Vulnerability

7.8CVSS8.1AI score0.04835EPSS
CVE
CVEadded 2018/09/06 9:29 p.m.660 views

CVE-2018-5391

The Linux kernel, versions 3.9+, is vulnerable to a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. An attacker may cause a denial of service condition by sending specially crafted IP fragments. Various vulnerabilities in IP fragmentation hav...

7.8CVSS7.7AI score0.01732EPSS
CVE
CVEadded 2023/09/12 5:15 p.m.653 views

CVE-2023-38160

Windows TCP/IP Information Disclosure Vulnerability

5.5CVSS6.6AI score0.00221EPSS
CVE
CVEadded 2009/09/08 10:30 p.m.645 views

CVE-2009-3103

Array index error in the SMBv2 protocol implementation in srv2.sys in Microsoft Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold and SP2, and Windows 7 RC allows remote attackers to execute arbitrary code or cause a denial of service (system crash) via an & (ampersand) character in a Proc...

10CVSS9.4AI score0.92944EPSS
CVE
CVEadded 2024/10/08 6:15 p.m.639 views

CVE-2024-43572

Microsoft Management Console Remote Code Execution Vulnerability

7.8CVSS8.6AI score0.55754EPSS
CVE
CVEadded 2022/04/15 7:15 p.m.628 views

CVE-2022-26809

Remote Procedure Call Runtime Remote Code Execution Vulnerability

10CVSS9.6AI score0.92281EPSS
CVE
CVEadded 2023/10/10 6:15 p.m.624 views

CVE-2023-36584

Windows Mark of the Web Security Feature Bypass Vulnerability

5.4CVSS7.3AI score0.20094EPSS
CVE
CVEadded 2023/05/09 6:15 p.m.619 views

CVE-2023-24932

Secure Boot Security Feature Bypass Vulnerability

6.7CVSS6.9AI score0.00708EPSS
CVE
CVEadded 2019/09/03 6:15 p.m.598 views

CVE-2019-1125

An information disclosure vulnerability exists when certain central processing units (CPU) speculatively access memory. An attacker who successfully exploited the vulnerability could read privileged data across trust boundaries.To exploit this vulnerability, an attacker would have to log on to an a...

5.6CVSS6.8AI score0.15102EPSS
CVE
CVEadded 2022/05/10 9:15 p.m.584 views

CVE-2022-29130

Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability

9.8CVSS9.4AI score0.08527EPSS
CVE
CVEadded 2023/07/11 6:15 p.m.584 views

CVE-2023-36874

Windows Error Reporting Service Elevation of Privilege Vulnerability

7.8CVSS8.7AI score0.62953EPSS
CVE
CVEadded 2022/07/12 11:15 p.m.576 views

CVE-2022-30209

Windows IIS Server Elevation of Privilege Vulnerability

7.4CVSS7.9AI score0.01647EPSS
CVE
CVEadded 2025/04/08 6:16 p.m.572 views

CVE-2025-29824

Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.

7.8CVSS7.5AI score0.03006EPSS
CVE
CVEadded 2023/03/14 5:15 p.m.554 views

CVE-2023-23415

Internet Control Message Protocol (ICMP) Remote Code Execution Vulnerability

9.8CVSS9.7AI score0.03976EPSS
CVE
CVEadded 2021/05/11 8:15 p.m.536 views

CVE-2020-24588

The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that the A-MSDU flag in the plaintext QoS header field is authenticated. Against devices that support receiving non-SSP A-MSDU frames (which is mandatory as part of 802...

3.5CVSS6.4AI score0.00332EPSS
CVE
CVEadded 2008/10/23 10:0 p.m.528 views

CVE-2008-4250

The Server service in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, and 7 Pre-Beta allows remote attackers to execute arbitrary code via a crafted RPC request that triggers the overflow during path canonicalization, as exploited in the wild by...

10CVSS9.5AI score0.94126EPSS
CVE
CVEadded 2023/07/11 6:15 p.m.505 views

CVE-2023-32046

Windows MSHTML Platform Elevation of Privilege Vulnerability

7.8CVSS8.7AI score0.78924EPSS
CVE
CVEadded 2018/03/14 5:29 p.m.502 views

CVE-2018-0886

The Credential Security Support Provider protocol (CredSSP) in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709 Windows Server 2016 and Windows Server, version 1709 allows a remote code execu...

7.6CVSS7AI score0.91013EPSS
CVE
CVEadded 2023/09/12 5:15 p.m.501 views

CVE-2023-38144

Windows Common Log File System Driver Elevation of Privilege Vulnerability

7.8CVSS7.8AI score0.01242EPSS
CVE
CVEadded 2023/09/12 5:15 p.m.492 views

CVE-2023-36801

DHCP Server Service Information Disclosure Vulnerability

5.3CVSS6AI score0.00248EPSS
CVE
CVEadded 2024/11/12 6:15 p.m.492 views

CVE-2024-38203

Windows Package Library Manager Information Disclosure Vulnerability

6.2CVSS5.8AI score0.00165EPSS
CVE
CVEadded 2008/10/20 5:59 p.m.487 views

CVE-2008-4609

The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, (3) Microsoft Windows, (4) Cisco products, and probably other operating systems allows remote attackers to cause a denial of service (connection queue exhaustion) via multiple vectors that manipulate information in the TCP state ...

7.1CVSS8.8AI score0.00461EPSS
CVE
CVEadded 2022/11/09 10:15 p.m.487 views

CVE-2022-37967

Windows Kerberos Elevation of Privilege Vulnerability

7.2CVSS7.9AI score0.0186EPSS
CVE
CVEadded 2023/11/14 6:15 p.m.486 views

CVE-2023-36025

Windows SmartScreen Security Feature Bypass Vulnerability

8.8CVSS9.5AI score0.88675EPSS
CVE
CVEadded 2016/04/12 11:59 p.m.482 views

CVE-2016-0165

The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vu...

7.8CVSS6.8AI score0.11623EPSS
CVE
CVEadded 2023/04/11 9:15 p.m.481 views

CVE-2023-28229

Windows CNG Key Isolation Service Elevation of Privilege Vulnerability

7CVSS7AI score0.07065EPSS
CVE
CVEadded 2024/07/09 5:15 p.m.472 views

CVE-2024-38077

Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability

9.8CVSS9.6AI score0.8355EPSS
CVE
CVEadded 2023/09/12 5:15 p.m.470 views

CVE-2023-38161

Windows GDI Elevation of Privilege Vulnerability

7.8CVSS7.8AI score0.00071EPSS
CVE
CVEadded 2023/09/12 5:15 p.m.460 views

CVE-2023-38149

Windows TCP/IP Denial of Service Vulnerability

7.5CVSS7.9AI score0.05411EPSS
Total number of security vulnerabilities3446