Windows Server 2008 Security Vulnerabilities and Issues — Page 50 of Windows Server 2008 CVE List

5CVSS5.1AI score0.24455EPSS

CVE-2017-0287

Graphics in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows improper disclosure of memory contents, aka "Graphics Uniscribe Information Disclosure Vulnerability". This ...

CVE•added 2017/10/13 1:29 p.m.•80 views

CVE-2017-11816

The Microsoft Windows Graphics Device Interface (GDI) on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an information disclosure vulnerability in the wa...

5.5CVSS6.6AI score0.00619EPSS

CVE•added 2017/11/15 3:29 a.m.•80 views

CVE-2017-11831

Windows kernel in Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016, and Windows Server, version 1709 allows an attacker to log on to an affected system, and run a specially crafted app...

4.7CVSS5.2AI score0.0122EPSS

5CVSS4.8AI score0.15731EPSS

CVE-2017-8479

The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an authenticated attacker to obtain information via a specially crafted application. aka "Window...

5CVSS4.8AI score0.15731EPSS

CVE-2017-8481

5CVSS4.8AI score0.15731EPSS

CVE-2017-8490

CVE•added 2019/06/12 2:29 p.m.•80 views

CVE-2019-1015

An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system.There are multiple ways an attacker could exploit ...

6.5CVSS5.6AI score0.07622EPSS

CVE•added 2020/02/11 10:15 p.m.•80 views

CVE-2020-0745

An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handles objects in memory, aka 'Windows Graphics Component Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0715, CVE-2020-0792.

7.8CVSS8.1AI score0.00549EPSS

CVE•added 2020/03/12 4:15 p.m.•80 views

CVE-2020-0783

An elevation of privilege vulnerability exists when the Windows Universal Plug and Play (UPnP) service improperly handles objects in memory, aka 'Windows UPnP Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0781.

7.8CVSS8.5AI score0.00538EPSS

CVE•added 2020/04/15 3:15 p.m.•80 views

CVE-2020-0821

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-1007.

5.5CVSS6.1AI score0.00409EPSS

CVE•added 2020/05/21 11:15 p.m.•80 views

CVE-2020-1010

An elevation of privilege vulnerability exists in Windows Block Level Backup Engine Service (wbengine) that allows file deletion in arbitrary locations.To exploit the vulnerability, an attacker would first have to log on to the system, aka 'Microsoft Windows Elevation of Privilege Vulnerability'. T...

7.8CVSS8.5AI score0.00397EPSS

CVE•added 2020/05/21 11:15 p.m.•80 views

CVE-2020-1154

An elevation of privilege vulnerability exists when the Windows Common Log File System (CLFS) driver improperly handles objects in memory, aka 'Windows Common Log File System Driver Elevation of Privilege Vulnerability'.

7.8CVSS8.5AI score0.00274EPSS

CVE•added 2020/09/11 5:15 p.m.•80 views

CVE-2020-1250

An information disclosure vulnerability exists when the win32k component improperly provides kernel information. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system.To exploit this vulnerability, an attacker would have to log on ...

5.5CVSS6.3AI score0.0112EPSS

CVE•added 2020/07/14 11:15 p.m.•80 views

CVE-2020-1354

An elevation of privilege vulnerability exists when the Windows UPnP Device Host improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows UPnP Device Host Elevation of Privilege Vulnerability'. This CVE ID is unique f...

7.8CVSS8.6AI score0.00827EPSS

CVE•added 2020/07/14 11:15 p.m.•80 views

CVE-2020-1374

A remote code execution vulnerability exists in the Windows Remote Desktop Client when a user connects to a malicious server, aka 'Remote Desktop Client Remote Code Execution Vulnerability'.

7.5CVSS8.7AI score0.09496EPSS

CVE•added 2020/07/14 11:15 p.m.•80 views

CVE-2020-1438

An elevation of privilege vulnerability exists in the way that the Windows Network Connections Service handles objects in memory, aka 'Windows Network Connections Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1373, CVE-2020-1390, CVE-2020-1427, CVE-2020-1428.

7.8CVSS8.1AI score0.00513EPSS

CVE•added 2022/10/11 7:15 p.m.•80 views

CVE-2022-37993

Windows Group Policy Preference Client Elevation of Privilege Vulnerability

7.8CVSS8.1AI score0.00272EPSS

CVE•added 2023/07/11 6:15 p.m.•80 views

CVE-2023-33168

Remote Procedure Call Runtime Denial of Service Vulnerability

7.5CVSS7.8AI score0.03672EPSS

CVE•added 2024/07/09 5:15 p.m.•80 views

CVE-2024-38050

Windows Workstation Service Elevation of Privilege Vulnerability

7.8CVSS8.6AI score0.00647EPSS

CVE•added 2024/07/09 5:15 p.m.•80 views

CVE-2024-38067

Windows Online Certificate Status Protocol (OCSP) Server Denial of Service Vulnerability

7.5CVSS8.4AI score0.23444EPSS

CVE•added 2024/10/08 6:15 p.m.•80 views

CVE-2024-43509

Windows Graphics Component Elevation of Privilege Vulnerability

7.8CVSS8.4AI score0.00588EPSS

CVE•added 2024/11/12 6:15 p.m.•80 views

CVE-2024-43620

Windows Telephony Service Remote Code Execution Vulnerability

8.8CVSS8.8AI score0.01558EPSS

CVE•added 2024/11/12 6:15 p.m.•80 views

CVE-2024-43643

Windows USB Video Class System Driver Elevation of Privilege Vulnerability

6.8CVSS6.7AI score0.00307EPSS

CVE•added 2025/04/08 6:15 p.m.•80 views

CVE-2025-21197

Improper access control in Windows NTFS allows an authorized attacker to disclose file path information under a folder where the attacker doesn't have permission to list content.

6.5CVSS6.7AI score0.00192EPSS

CVE•added 2025/01/14 6:15 p.m.•80 views

CVE-2025-21290

Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability

7.5CVSS7.4AI score0.01098EPSS

CVE•added 2025/02/11 6:15 p.m.•80 views

CVE-2025-21359

Windows Kernel Security Feature Bypass Vulnerability

7.8CVSS8AI score0.00097EPSS

CVE•added 2025/04/08 6:15 p.m.•80 views

CVE-2025-26663

Use after free in Windows LDAP - Lightweight Directory Access Protocol allows an unauthorized attacker to execute code over a network.

8.1CVSS7.9AI score0.00172EPSS

CVE•added 2025/05/13 5:15 p.m.•80 views

CVE-2025-29966

Heap-based buffer overflow in Windows Remote Desktop allows an unauthorized attacker to execute code over a network.

8.8CVSS8.1AI score0.0017EPSS

CVE•added 2025/06/10 5:22 p.m.•80 views

CVE-2025-33070

Use of uninitialized resource in Windows Netlogon allows an unauthorized attacker to elevate privileges over a network.

8.1CVSS8AI score0.00203EPSS

CVE•added 2009/09/08 10:30 p.m.•79 views

CVE-2009-2499

Microsoft Windows Media Format Runtime 9.0, 9.5, and 11; and Microsoft Media Foundation on Windows Vista Gold, SP1, and SP2 and Server 2008; allows remote attackers to execute arbitrary code via an MP3 file with crafted metadata that triggers memory corruption, aka "Windows Media Playback Memory Co...

8.5CVSS7.5AI score0.39788EPSS

CVE•added 2012/01/10 9:55 p.m.•79 views

CVE-2012-0003

Unspecified vulnerability in winmm.dll in Windows Multimedia Library in Windows Media Player (WMP) in Microsoft Windows XP SP2 and SP3, Server 2003 SP2, Vista SP2, and Server 2008 SP2 allows remote attackers to execute arbitrary code via a crafted MIDI file, aka "MIDI Remote Code Execution Vulnerab...

9.3CVSS7.8AI score0.88426EPSS

CVE•added 2014/11/11 10:55 p.m.•79 views

CVE-2014-4118

XML Core Services (aka MSXML) 3.0 in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code or cause a denial of s...

9.3CVSS8.3AI score0.3441EPSS

CVE•added 2014/12/11 12:59 a.m.•79 views

CVE-2014-6355

The Graphics Component in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly process JPEG images, which makes it easier for remote attackers t...

5CVSS6.2AI score0.13294EPSS

CVE•added 2016/06/16 1:59 a.m.•79 views

CVE-2016-3218

The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allow local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vu...

7.8CVSS7.5AI score0.02136EPSS

CVE•added 2016/07/13 1:59 a.m.•79 views

CVE-2016-3238

The Print Spooler service in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows man-in-the-middle attackers to execute arbitrary code by providing a crafted print driver du...

9.3CVSS8.1AI score0.16048EPSS

CVE•added 2016/07/13 1:59 a.m.•79 views

CVE-2016-3239

The Print Spooler service in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to gain privileges via vectors involving filesystem write operations, aka "Windo...

7.8CVSS7.6AI score0.00807EPSS

CVE•added 2016/07/13 1:59 a.m.•79 views

CVE-2016-3286

7.3CVSS7AI score0.02653EPSS

CVE•added 2016/11/10 6:59 a.m.•79 views

CVE-2016-3332

The Common Log File System (CLFS) driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows local users to gain privileges via a crafted appl...

9.3CVSS7.5AI score0.1385EPSS

CVE•added 2016/11/10 6:59 a.m.•79 views

CVE-2016-7210

atmfd.dll in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows remote attackers to obtain sensitive information from process memory via a craft...

6.5CVSS6.5AI score0.35475EPSS

CVE•added 2016/11/10 6:59 a.m.•79 views

CVE-2016-7214

The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allow local users to bypass the ASLR protection mechanism via a crafted a...

3.3CVSS4.7AI score0.01956EPSS

CVE-2017-0085

Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Uniscribe Information Disclosure Vulnerability." CVE-2017-0091, CVE-2017-0092, CVE-2017-0111, CVE-...

CVE-2017-0092

CVE-2017-0111

CVE-2017-0127