Lucene search

K
MicrosoftWindows Server 2008

3407 matches found

CVE
CVE
added 2015/07/20 6:59 p.m.896 views

CVE-2015-2426

Buffer underflow in atmfd.dll in the Windows Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code via a cra...

9.3CVSS7.4AI score0.91723EPSS
CVE
CVE
added 2017/03/17 12:59 a.m.884 views

CVE-2017-0022

Microsoft XML Core Services (MSXML) in Windows 10 Gold, 1511, and 1607; Windows 7 SP1; Windows 8.1; Windows RT 8.1; Windows Server 2008 SP2 and R2 SP1; Windows Server 2012 Gold and R2; Windows Server 2016; and Windows Vista SP2 improperly handles objects in memory, allowing attackers to test for fi...

6.5CVSS4.3AI score0.48804EPSS
CVE
CVE
added 2016/10/14 2:59 a.m.877 views

CVE-2016-3298

Microsoft Internet Explorer 9 through 11 and the Internet Messaging API in Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allow remote attackers to determine the existence of arbitrary files via a crafted web site, aka "Internet Explorer Information Disclosure Vulnerabilit...

6.5CVSS5.4AI score0.27734EPSS
CVE
CVE
added 2015/06/10 1:59 a.m.871 views

CVE-2015-2360

win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges or cause a denial o...

8.8CVSS6.5AI score0.05865EPSS
CVE
CVE
added 2014/11/11 10:55 p.m.858 views

CVE-2014-4077

Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, and Office 2007 SP3, when IMJPDCT.EXE (aka IME for Japanese) is installed, allow remote attackers to bypass a sandbox protection mechanism via a crafted PDF document, aka "Microsoft IME (Japanes...

9.3CVSS8.4AI score0.2956EPSS
CVE
CVE
added 2022/09/13 7:15 p.m.855 views

CVE-2022-37969

Windows Common Log File System Driver Elevation of Privilege Vulnerability

7.8CVSS8.9AI score0.04824EPSS
CVE
CVE
added 2025/01/14 6:15 p.m.842 views

CVE-2025-21298

Windows OLE Remote Code Execution Vulnerability

9.8CVSS9.8AI score0.70558EPSS
CVE
CVE
added 2022/11/09 10:15 p.m.822 views

CVE-2022-41128

Windows Scripting Languages Remote Code Execution Vulnerability

8.8CVSS8.3AI score0.71181EPSS
CVE
CVE
added 2022/10/11 7:15 p.m.802 views

CVE-2022-41033

Windows COM+ Event System Service Elevation of Privilege Vulnerability

7.8CVSS8.1AI score0.00234EPSS
CVE
CVE
added 2023/02/14 9:15 p.m.796 views

CVE-2023-21823

Windows Graphics Component Remote Code Execution Vulnerability

7.8CVSS7.9AI score0.03155EPSS
CVE
CVE
added 2019/11/12 7:15 p.m.792 views

CVE-2019-1388

An elevation of privilege vulnerability exists in the Windows Certificate Dialog when it does not properly enforce user privileges, aka 'Windows Certificate Dialog Elevation of Privilege Vulnerability'.

7.8CVSS8.5AI score0.02925EPSS
CVE
CVE
added 2011/12/30 1:55 a.m.777 views

CVE-2011-3416

The Forms Authentication feature in the ASP.NET subsystem in Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5 SP1, 3.5.1, and 4.0 allows remote authenticated users to obtain access to arbitrary user accounts via a crafted username, aka "ASP.Net Forms Authentication Bypass Vulnerability."

8.5CVSS6AI score0.86632EPSS
CVE
CVE
added 2024/10/08 6:15 p.m.759 views

CVE-2024-38124

Windows Netlogon Elevation of Privilege Vulnerability

9CVSS9AI score0.00798EPSS
CVE
CVE
added 2022/11/09 10:15 p.m.749 views

CVE-2022-41073

Windows Print Spooler Elevation of Privilege Vulnerability

7.8CVSS8.1AI score0.00699EPSS
CVE
CVE
added 2023/05/09 6:15 p.m.742 views

CVE-2023-29336

Win32k Elevation of Privilege Vulnerability

7.8CVSS8.8AI score0.75481EPSS
CVE
CVE
added 2018/05/22 12:29 p.m.724 views

CVE-2018-3639

Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store ...

5.5CVSS5.9AI score0.46737EPSS
CVE
CVE
added 2023/10/10 6:15 p.m.716 views

CVE-2023-36563

Microsoft WordPad Information Disclosure Vulnerability

6.5CVSS7.1AI score0.00725EPSS
CVE
CVE
added 2022/11/09 10:15 p.m.713 views

CVE-2022-38023

Netlogon RPC Elevation of Privilege Vulnerability

8.1CVSS8.3AI score0.0032EPSS
CVE
CVE
added 2023/09/12 5:15 p.m.676 views

CVE-2023-36805

Windows MSHTML Platform Security Feature Bypass Vulnerability

7CVSS7.6AI score0.00221EPSS
CVE
CVE
added 2023/09/12 5:15 p.m.663 views

CVE-2023-38142

Windows Kernel Elevation of Privilege Vulnerability

7.8CVSS8.1AI score0.04835EPSS
CVE
CVE
added 2023/09/12 5:15 p.m.653 views

CVE-2023-38160

Windows TCP/IP Information Disclosure Vulnerability

5.5CVSS6.6AI score0.00221EPSS
CVE
CVE
added 2023/02/14 8:15 p.m.651 views

CVE-2023-23376

Windows Common Log File System Driver Elevation of Privilege Vulnerability

7.8CVSS7.9AI score0.18778EPSS
CVE
CVE
added 2023/10/10 6:15 p.m.644 views

CVE-2023-36434

Windows IIS Server Elevation of Privilege Vulnerability

9.8CVSS9.4AI score0.02926EPSS
CVE
CVE
added 2009/09/08 10:30 p.m.643 views

CVE-2009-3103

Array index error in the SMBv2 protocol implementation in srv2.sys in Microsoft Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold and SP2, and Windows 7 RC allows remote attackers to execute arbitrary code or cause a denial of service (system crash) via an & (ampersand) character in a Proc...

10CVSS9.4AI score0.92229EPSS
CVE
CVE
added 2018/09/06 9:29 p.m.636 views

CVE-2018-5391

The Linux kernel, versions 3.9+, is vulnerable to a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly. An attacker may cause a denial of service condition by sending specially crafted IP fragments. Various vulnerabilities in IP fragmentation hav...

7.8CVSS7.7AI score0.01732EPSS
CVE
CVE
added 2022/04/15 7:15 p.m.626 views

CVE-2022-26809

Remote Procedure Call Runtime Remote Code Execution Vulnerability

10CVSS9.6AI score0.92281EPSS
CVE
CVE
added 2024/10/08 6:15 p.m.615 views

CVE-2024-43572

Microsoft Management Console Remote Code Execution Vulnerability

7.8CVSS8.6AI score0.56476EPSS
CVE
CVE
added 2023/10/10 6:15 p.m.601 views

CVE-2023-36584

Windows Mark of the Web Security Feature Bypass Vulnerability

5.4CVSS7.3AI score0.20094EPSS
CVE
CVE
added 2023/05/09 6:15 p.m.596 views

CVE-2023-24932

Secure Boot Security Feature Bypass Vulnerability

6.7CVSS6.9AI score0.00536EPSS
CVE
CVE
added 2019/09/03 6:15 p.m.590 views

CVE-2019-1125

An information disclosure vulnerability exists when certain central processing units (CPU) speculatively access memory. An attacker who successfully exploited the vulnerability could read privileged data across trust boundaries.To exploit this vulnerability, an attacker would have to log on to an a...

5.6CVSS6.8AI score0.15102EPSS
CVE
CVE
added 2022/05/10 9:15 p.m.583 views

CVE-2022-29130

Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability

9.8CVSS9.4AI score0.06808EPSS
CVE
CVE
added 2022/07/12 11:15 p.m.576 views

CVE-2022-30209

Windows IIS Server Elevation of Privilege Vulnerability

7.4CVSS7.9AI score0.01421EPSS
CVE
CVE
added 2023/07/11 6:15 p.m.558 views

CVE-2023-36874

Windows Error Reporting Service Elevation of Privilege Vulnerability

7.8CVSS8.7AI score0.66165EPSS
CVE
CVE
added 2023/03/14 5:15 p.m.553 views

CVE-2023-23415

Internet Control Message Protocol (ICMP) Remote Code Execution Vulnerability

9.8CVSS9.7AI score0.03976EPSS
CVE
CVE
added 2025/04/08 6:16 p.m.547 views

CVE-2025-29824

Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.

7.8CVSS7.5AI score0.02117EPSS
CVE
CVE
added 2008/10/23 10:0 p.m.525 views

CVE-2008-4250

The Server service in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, and 7 Pre-Beta allows remote attackers to execute arbitrary code via a crafted RPC request that triggers the overflow during path canonicalization, as exploited in the wild by...

10CVSS9.5AI score0.94126EPSS
CVE
CVE
added 2021/05/11 8:15 p.m.521 views

CVE-2020-24588

The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that the A-MSDU flag in the plaintext QoS header field is authenticated. Against devices that support receiving non-SSP A-MSDU frames (which is mandatory as part of 802...

3.5CVSS6.4AI score0.00848EPSS
CVE
CVE
added 2023/09/12 5:15 p.m.501 views

CVE-2023-38144

Windows Common Log File System Driver Elevation of Privilege Vulnerability

7.8CVSS7.8AI score0.01242EPSS
CVE
CVE
added 2018/03/14 5:29 p.m.494 views

CVE-2018-0886

The Credential Security Support Provider protocol (CredSSP) in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709 Windows Server 2016 and Windows Server, version 1709 allows a remote code execu...

7.6CVSS7AI score0.91013EPSS
CVE
CVE
added 2023/09/12 5:15 p.m.492 views

CVE-2023-36801

DHCP Server Service Information Disclosure Vulnerability

5.3CVSS6AI score0.00248EPSS
CVE
CVE
added 2024/11/12 6:15 p.m.492 views

CVE-2024-38203

Windows Package Library Manager Information Disclosure Vulnerability

6.2CVSS5.8AI score0.00125EPSS
CVE
CVE
added 2023/07/11 6:15 p.m.482 views

CVE-2023-32046

Windows MSHTML Platform Elevation of Privilege Vulnerability

7.8CVSS8.7AI score0.797EPSS
CVE
CVE
added 2008/10/20 5:59 p.m.481 views

CVE-2008-4609

The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, (3) Microsoft Windows, (4) Cisco products, and probably other operating systems allows remote attackers to cause a denial of service (connection queue exhaustion) via multiple vectors that manipulate information in the TCP state ...

7.1CVSS8.8AI score0.00461EPSS
CVE
CVE
added 2023/09/12 5:15 p.m.470 views

CVE-2023-38161

Windows GDI Elevation of Privilege Vulnerability

7.8CVSS7.8AI score0.00071EPSS
CVE
CVE
added 2022/11/09 10:15 p.m.463 views

CVE-2022-37967

Windows Kerberos Elevation of Privilege Vulnerability

7.2CVSS7.9AI score0.02202EPSS
CVE
CVE
added 2023/11/14 6:15 p.m.460 views

CVE-2023-36025

Windows SmartScreen Security Feature Bypass Vulnerability

8.8CVSS9.5AI score0.90662EPSS
CVE
CVE
added 2023/09/12 5:15 p.m.460 views

CVE-2023-38149

Windows TCP/IP Denial of Service Vulnerability

7.5CVSS7.9AI score0.05411EPSS
CVE
CVE
added 2016/04/12 11:59 p.m.458 views

CVE-2016-0165

The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vu...

7.8CVSS6.8AI score0.11623EPSS
CVE
CVE
added 2023/04/11 9:15 p.m.458 views

CVE-2023-28229

Windows CNG Key Isolation Service Elevation of Privilege Vulnerability

7CVSS7AI score0.07065EPSS
CVE
CVE
added 2024/07/09 5:15 p.m.456 views

CVE-2024-38077

Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability

9.8CVSS9.6AI score0.8355EPSS
Total number of security vulnerabilities3407