Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
MicrosoftWindows Server 2008

3407 matches found

CVE
CVEadded 2016/11/10 6:59 a.m.83 views

CVE-2016-7218

Bowser.sys in the kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows local users to obtain sensitive information via a cr...

4.7CVSS5AI score0.01428EPSS
CVE
CVEadded 2016/12/20 6:59 a.m.83 views

CVE-2016-7219

The Crypto driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows local users to obtain sensitive information via a crafted application, a...

5.5CVSS5.4AI score0.01469EPSS
CVE
CVEadded 2017/03/17 12:59 a.m.83 views

CVE-2017-0083

Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to execute arbitrary code via a crafted web site, aka "Uniscribe Remote Code Execution Vulnerability." This vulnerability is different from those described in CVE-2017-0072, CVE-2...

9.3CVSS7.4AI score0.67088EPSS
CVE
CVEadded 2017/03/17 12:59 a.m.83 views

CVE-2017-0113

Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Uniscribe Information Disclosure Vulnerability." CVE-2017-0085, CVE-2017-0091, CVE-2017-0092, CVE-...

4.3CVSS4.5AI score0.13744EPSS
CVE
CVEadded 2017/05/12 2:29 p.m.83 views

CVE-2017-0246

The Graphics Component in the kernel-mode drivers in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows local users to gain privileges via a crafted application or in Window...

7CVSS7.2AI score0.16582EPSS
CVE
CVEadded 2017/06/15 1:29 a.m.83 views

CVE-2017-0300

The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an authenticated attacker to obtain information via a specially crafted application. aka "Window...

5CVSS4.8AI score0.15731EPSS
CVE
CVEadded 2017/10/13 1:29 p.m.83 views

CVE-2017-11817

The Microsoft Windows Kernel component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, allows an information disclosure vulnerability when it improperly vali...

4.7CVSS6.1AI score0.03549EPSS
CVE
CVEadded 2017/07/11 9:29 p.m.83 views

CVE-2017-8587

Windows Explorer in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511 allows a denial of service vulnerability when it attempts to open a non-existent file, aka "Windows Explorer Denial of Service Vulnerability".

6.5CVSS6.2AI score0.16489EPSS
CVE
CVEadded 2017/09/13 1:29 a.m.83 views

CVE-2017-8677

The Windows GDI+ component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an information disclosure vulnerability when it improperly discloses kernel ...

5.5CVSS5.3AI score0.26895EPSS
CVE
CVEadded 2019/06/12 2:29 p.m.83 views

CVE-2019-0960

An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; o...

7.8CVSS7.8AI score0.00167EPSS
CVE
CVEadded 2019/06/12 2:29 p.m.83 views

CVE-2019-1009

An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system.There are multiple ways an attacker could exploit ...

6.5CVSS5.9AI score0.19682EPSS
CVE
CVEadded 2020/02/11 10:15 p.m.83 views

CVE-2020-0680

An elevation of privilege vulnerability exists in the way that the Windows Function Discovery Service handles objects in memory, aka 'Windows Function Discovery Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0679, CVE-2020-0682.

7.8CVSS8.1AI score0.00511EPSS
CVE
CVEadded 2020/03/12 4:15 p.m.83 views

CVE-2020-0781

An elevation of privilege vulnerability exists when the Windows Universal Plug and Play (UPnP) service improperly handles objects in memory, aka 'Windows UPnP Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0783.

7.8CVSS8.5AI score0.00538EPSS
CVE
CVEadded 2020/05/21 11:15 p.m.83 views

CVE-2020-0909

A denial of service vulnerability exists when Hyper-V on a Windows Server fails to properly handle specially crafted network packets.To exploit the vulnerability, an attacker would send specially crafted network packets to the Hyper-V Server.The security update addresses the vulnerability by resolv...

7.5CVSS8.1AI score0.12525EPSS
CVE
CVEadded 2020/04/15 3:15 p.m.83 views

CVE-2020-0993

A denial of service vulnerability exists in Windows DNS when it fails to properly handle queries, aka 'Windows DNS Denial of Service Vulnerability'.

6.8CVSS6.9AI score0.12348EPSS
CVE
CVEadded 2020/04/15 3:15 p.m.83 views

CVE-2020-1005

An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory, aka 'Microsoft Graphics Component Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-0982, CVE-2020-0987.

5.5CVSS6.2AI score0.0176EPSS
CVE
CVEadded 2020/04/15 3:15 p.m.83 views

CVE-2020-1014

An elevation of privilege vulnerability exists in the Microsoft Windows Update Client when it does not properly handle privileges, aka 'Microsoft Windows Update Client Elevation of Privilege Vulnerability'.

7.8CVSS8AI score0.0047EPSS
CVE
CVEadded 2020/05/21 11:15 p.m.83 views

CVE-2020-1116

An information disclosure vulnerability exists when the Windows Client Server Run-Time Subsystem (CSRSS) fails to properly handle objects in memory, aka 'Windows CSRSS Information Disclosure Vulnerability'.

5.5CVSS6.5AI score0.00505EPSS
CVE
CVEadded 2020/07/14 11:15 p.m.83 views

CVE-2020-1397

An information disclosure vulnerability exists in Windows when the Windows Imaging Component fails to properly handle objects in memory, aka 'Windows Imaging Component Information Disclosure Vulnerability'.

6.5CVSS7.1AI score0.2819EPSS
CVE
CVEadded 2021/03/11 4:15 p.m.83 views

CVE-2021-26898

Windows Event Tracing Elevation of Privilege Vulnerability

7.8CVSS8.6AI score0.0045EPSS
CVE
CVEadded 2021/12/15 3:15 p.m.83 views

CVE-2021-43216

Microsoft Local Security Authority (LSA) Server Information Disclosure Vulnerability

6.8CVSS7.5AI score0.11928EPSS
CVE
CVEadded 2021/12/15 3:15 p.m.83 views

CVE-2021-43238

Windows Remote Access Elevation of Privilege Vulnerability

7.8CVSS8.6AI score0.00305EPSS
CVE
CVEadded 2023/07/11 6:15 p.m.83 views

CVE-2023-32033

Microsoft Failover Cluster Remote Code Execution Vulnerability

7.2CVSS8AI score0.00348EPSS
CVE
CVEadded 2023/07/11 6:15 p.m.83 views

CVE-2023-32035

Remote Procedure Call Runtime Denial of Service Vulnerability

7.5CVSS7.8AI score0.03672EPSS
CVE
CVEadded 2023/07/11 6:15 p.m.83 views

CVE-2023-35309

Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability

7.5CVSS8.7AI score0.00691EPSS
CVE
CVEadded 2024/11/12 6:15 p.m.83 views

CVE-2024-43449

Windows USB Video Class System Driver Elevation of Privilege Vulnerability

6.8CVSS6.7AI score0.00259EPSS
CVE
CVEadded 2024/10/08 6:15 p.m.83 views

CVE-2024-43589

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

8.8CVSS9.1AI score0.04453EPSS
CVE
CVEadded 2025/03/11 5:16 p.m.83 views

CVE-2025-24988

Out-of-bounds read in Windows USB Video Driver allows an authorized attacker to elevate privileges with a physical attack.

6.8CVSS6.2AI score0.00118EPSS
CVE
CVEadded 2025/04/08 6:15 p.m.83 views

CVE-2025-27484

Sensitive data storage in improperly locked memory in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges over a network.

7.5CVSS7.1AI score0.00056EPSS
CVE
CVEadded 2025/05/13 5:15 p.m.83 views

CVE-2025-29831

Use after free in Remote Desktop Gateway Service allows an unauthorized attacker to execute code over a network.

7.5CVSS8AI score0.00118EPSS
CVE
CVEadded 2010/12/16 7:33 p.m.82 views

CVE-2010-3338

The Windows Task Scheduler in Microsoft Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly determine the security context of scheduled tasks, which allows local users to gain privileges via a crafted application, aka "Task Scheduler Vulnerability." NOT...

7.2CVSS6.2AI score0.44756EPSS
CVE
CVEadded 2011/04/13 6:55 p.m.82 views

CVE-2011-0661

The SMB Server service in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly validate fields in SMB requests, which allows remote attackers to execute arbitrary code via a ...

10CVSS7.6AI score0.63002EPSS
CVE
CVEadded 2011/12/30 1:55 a.m.82 views

CVE-2011-3417

The Forms Authentication feature in the ASP.NET subsystem in Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5 SP1, 3.5.1, and 4.0, when sliding expiry is enabled, does not properly handle cached content, which allows remote attackers to obtain access to arbitrary user accounts via a crafted URL, aka ...

9.3CVSS6.5AI score0.64978EPSS
CVE
CVEadded 2014/03/12 5:15 a.m.82 views

CVE-2014-0317

The Security Account Manager Remote (SAMR) protocol implementation in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows Server 2012 Gold and R2 does not properly determine the user-lockout state, which makes it easier for r...

5.4CVSS6.5AI score0.09151EPSS
CVE
CVEadded 2015/12/09 11:59 a.m.82 views

CVE-2015-6107

The Windows font library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, Windows 10 Gold and 1511, Office 2007 SP3, Office 2010 SP2, Word Viewer, Skype for Business 2016, Lync 2010, ...

9.3CVSS7.5AI score0.52287EPSS
CVE
CVEadded 2016/05/11 1:59 a.m.82 views

CVE-2016-0152

Internet Information Services (IIS) in Microsoft Windows Vista SP2 and Server 2008 SP2 mishandles library loading, which allows local users to gain privileges via a crafted application, aka "Windows DLL Loading Remote Code Execution Vulnerability."

7.8CVSS7.8AI score0.05015EPSS
CVE
CVEadded 2016/05/11 1:59 a.m.82 views

CVE-2016-0180

The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 mishandles symbolic links, which allows local users to gain privileges via a crafted application, aka "Windows Ker...

7.8CVSS7.3AI score0.01498EPSS
CVE
CVEadded 2017/03/17 12:59 a.m.82 views

CVE-2017-0089

Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to execute arbitrary code via a crafted web site, aka "Uniscribe Remote Code Execution Vulnerability." This vulnerability is different from those described in CVE-2017-0072, CVE-2...

9.3CVSS7.4AI score0.67088EPSS
CVE
CVEadded 2017/11/15 3:29 a.m.82 views

CVE-2017-11849

Windows kernel in Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and RT 8.1, Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016, and Windows Server, version 1709 allows an attacker to log in and run a specially crafted application due to the Windows...

4.7CVSS5.2AI score0.06375EPSS
CVE
CVEadded 2017/11/15 3:29 a.m.82 views

CVE-2017-11851

The Windows kernel component on Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016, and Windows Server, version 1709, allows an information disclosure vulnerability when it improperl...

4.7CVSS5.3AI score0.06375EPSS
CVE
CVEadded 2017/07/11 9:29 p.m.82 views

CVE-2017-8581

Win32k in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an elevation of privilege vulnerability when it fails to properly handle objects in memory, aka ...

7CVSS6.9AI score0.12071EPSS
CVE
CVEadded 2019/11/12 7:15 p.m.82 views

CVE-2019-1411

An information disclosure vulnerability exists when DirectWrite improperly discloses the contents of its memory, aka 'DirectWrite Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1432.

6.5CVSS7.1AI score0.26055EPSS
CVE
CVEadded 2020/02/11 10:15 p.m.82 views

CVE-2020-0698

An information disclosure vulnerability exists when the Telephony Service improperly discloses the contents of its memory, aka 'Windows Information Disclosure Vulnerability'.

5.5CVSS6.1AI score0.00996EPSS
CVE
CVEadded 2020/03/12 4:15 p.m.82 views

CVE-2020-0806

An elevation of privilege vulnerability exists in Windows Error Reporting (WER) when WER handles and executes files, aka 'Windows Error Reporting Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0772.

7.8CVSS8.5AI score0.0038EPSS
CVE
CVEadded 2020/03/12 4:15 p.m.82 views

CVE-2020-0853

An information disclosure vulnerability exists in Windows when the Windows Imaging Component fails to properly handle objects in memory, aka 'Windows Imaging Component Information Disclosure Vulnerability'.

6.5CVSS7.1AI score0.27243EPSS
CVE
CVEadded 2020/04/15 3:15 p.m.82 views

CVE-2020-1007

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-0821.

5.5CVSS6.1AI score0.00409EPSS
CVE
CVEadded 2020/09/11 5:15 p.m.82 views

CVE-2020-1097

An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise a user’s system.There are multiple ways an attacker could exploit th...

6.5CVSS6.9AI score0.18021EPSS
CVE
CVEadded 2020/09/11 5:15 p.m.82 views

CVE-2020-1589

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.To exploit this vulnerability, an attacker would have to log on to ...

5.5CVSS5.8AI score0.00435EPSS
CVE
CVEadded 2021/03/11 4:15 p.m.82 views

CVE-2021-24107

Windows Event Tracing Information Disclosure Vulnerability

5.5CVSS7AI score0.00488EPSS
CVE
CVEadded 2021/03/11 4:15 p.m.82 views

CVE-2021-26896

Windows DNS Server Denial of Service Vulnerability

7.5CVSS8.4AI score0.20423EPSS
Total number of security vulnerabilities3407