Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
MicrosoftWindows Server 2008

3407 matches found

CVE
CVEadded 2024/10/08 6:15 p.m.70 views

CVE-2024-43453

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

8.8CVSS9.1AI score0.04691EPSS
CVE
CVEadded 2024/10/08 6:15 p.m.70 views

CVE-2024-43570

Windows Kernel Elevation of Privilege Vulnerability

7CVSS7.6AI score0.00157EPSS
CVE
CVEadded 2024/10/08 6:15 p.m.70 views

CVE-2024-43608

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

8.8CVSS9.1AI score0.04126EPSS
CVE
CVEadded 2025/01/14 6:15 p.m.70 views

CVE-2025-21258

Windows Digital Media Elevation of Privilege Vulnerability

6.6CVSS6.5AI score0.00133EPSS
CVE
CVEadded 2025/01/14 6:15 p.m.70 views

CVE-2025-21268

MapUrlToZone Security Feature Bypass Vulnerability

4.3CVSS4.6AI score0.00096EPSS
CVE
CVEadded 2025/01/14 6:15 p.m.70 views

CVE-2025-21306

Windows Telephony Service Remote Code Execution Vulnerability

8.8CVSS9AI score0.00626EPSS
CVE
CVEadded 2025/02/11 6:15 p.m.70 views

CVE-2025-21410

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

8.8CVSS8.8AI score0.00381EPSS
CVE
CVEadded 2010/05/14 7:30 p.m.69 views

CVE-2009-3678

Integer overflow in cdd.dll in the Canonical Display Driver (CDD) in Microsoft Windows Server 2008 R2 and Windows 7 on 64-bit platforms, when the Windows Aero theme is installed, allows context-dependent attackers to cause a denial of service (reboot) or possibly execute arbitrary code via a crafte...

9.3CVSS7.9AI score0.52132EPSS
CVE
CVEadded 2010/02/10 6:30 p.m.69 views

CVE-2010-0241

The TCP/IP implementation in Microsoft Windows Vista Gold, SP1, and SP2 and Server 2008 Gold and SP2, when IPv6 is enabled, does not properly perform bounds checking on ICMPv6 Route Information packets, which allows remote attackers to execute arbitrary code via crafted packets, aka "ICMPv6 Route I...

10CVSS7.6AI score0.55484EPSS
CVE
CVEadded 2010/08/11 6:47 p.m.69 views

CVE-2010-2554

The Tracing Feature for Services in Microsoft Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 has incorrect ACLs on its registry keys, which allows local users to gain privileges via vectors involving a named pipe and impersonation, aka "Tracing Registry Key ACL Vuln...

7.8CVSS6.3AI score0.03437EPSS
CVE
CVEadded 2014/03/12 5:15 a.m.69 views

CVE-2014-0300

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a ...

7.2CVSS6.4AI score0.00612EPSS
CVE
CVEadded 2014/06/11 4:56 a.m.69 views

CVE-2014-1818

GDI+ in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, Office 2007 SP3 and 2010 SP1 and SP2, Live Meeting 2007 Console, Lync 2010 and 2013, Lync 2010 Attendee,...

9.3CVSS8.5AI score0.42395EPSS
CVE
CVEadded 2015/07/14 10:59 p.m.69 views

CVE-2015-2363

win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application, aka "Win32k Eleva...

7.2CVSS6.5AI score0.01333EPSS
CVE
CVEadded 2015/10/14 1:59 a.m.69 views

CVE-2015-2553

The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 mishandles junctions during mountpoint creation, which makes it easier for local users to gain privileges by...

7.2CVSS6.4AI score0.11334EPSS
CVE
CVEadded 2015/12/09 11:59 a.m.69 views

CVE-2015-6173

The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 allows local users to gain privileges via a crafted application, aka "Windows Kernel Memory El...

7.2CVSS6.2AI score0.0345EPSS
CVE
CVEadded 2016/05/11 1:59 a.m.69 views

CVE-2016-0197

dxgkrnl.sys in the DirectX Graphics kernel subsystem in the kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to gain privileges via a c...

7.8CVSS7.3AI score0.01498EPSS
CVE
CVEadded 2016/11/10 6:59 a.m.69 views

CVE-2016-3342

The Common Log File System (CLFS) driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows local users to gain privileges via a crafted appl...

9.3CVSS7.5AI score0.1385EPSS
CVE
CVEadded 2017/03/17 12:59 a.m.69 views

CVE-2017-0120

Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Windows Uniscribe Information Disclosure Vulnerability."

4.3CVSS4.2AI score0.1081EPSS
CVE
CVEadded 2017/03/17 12:59 a.m.69 views

CVE-2017-0124

Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Uniscribe Information Disclosure Vulnerability." CVE-2017-0085, CVE-2017-0091, CVE-2017-0092, CVE-...

4.3CVSS4.5AI score0.13744EPSS
CVE
CVEadded 2017/03/17 12:59 a.m.69 views

CVE-2017-0128

Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Uniscribe Information Disclosure Vulnerability." CVE-2017-0085, CVE-2017-0091, CVE-2017-0092, CVE-...

4.3CVSS4.5AI score0.13744EPSS
CVE
CVEadded 2017/09/13 1:29 a.m.69 views

CVE-2017-8710

The Microsoft Common Console Document (.msc) in Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1 allows an attacker to read arbitrary files via an XML external entity (XXE) declaration, due to the way that the Microsoft Common Console Document (.msc) parses XML input containing a referen...

5.5CVSS5.5AI score0.33099EPSS
CVE
CVEadded 2018/04/12 1:29 a.m.69 views

CVE-2018-1004

A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka "Windows VBScript Engine Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Internet Explorer 9, Windows RT 8.1, Windows Server 2012, Windows 8.1, Windo...

9.3CVSS7.3AI score0.15983EPSS
CVE
CVEadded 2019/04/09 12:29 a.m.69 views

CVE-2019-0683

An elevation of privilege vulnerability exists in Active Directory Forest trusts due to a default setting that lets an attacker in the trusting forest request delegation of a TGT for an identity from the trusted forest, aka 'Active Directory Elevation of Privilege Vulnerability'.

5.9CVSS6.4AI score0.06594EPSS
CVE
CVEadded 2023/07/11 6:15 p.m.69 views

CVE-2023-33172

Remote Procedure Call Runtime Denial of Service Vulnerability

7.5CVSS7.8AI score0.03672EPSS
CVE
CVEadded 2024/10/08 6:15 p.m.69 views

CVE-2024-38262

Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability

7.5CVSS8.5AI score0.00477EPSS
CVE
CVEadded 2025/01/14 6:15 p.m.69 views

CVE-2025-21287

Windows Installer Elevation of Privilege Vulnerability

7.8CVSS7.7AI score0.00159EPSS
CVE
CVEadded 2025/01/14 6:15 p.m.69 views

CVE-2025-21336

Windows Cryptographic Information Disclosure Vulnerability

5.6CVSS5.3AI score0.00069EPSS
CVE
CVEadded 2025/01/14 6:15 p.m.69 views

CVE-2025-21339

Windows Telephony Service Remote Code Execution Vulnerability

8.8CVSS9AI score0.02401EPSS
CVE
CVEadded 2025/02/11 6:15 p.m.69 views

CVE-2025-21350

Windows Kerberos Denial of Service Vulnerability

5.9CVSS6.9AI score0.00278EPSS
CVE
CVEadded 2009/03/11 2:19 p.m.68 views

CVE-2009-0234

The DNS Resolver Cache Service (aka DNSCache) in Windows DNS Server in Microsoft Windows 2000 SP4, Server 2003 SP1 and SP2, and Server 2008 does not properly cache crafted DNS responses, which makes it easier for remote attackers to predict transaction IDs and poison caches by sending many crafted ...

6.4CVSS6.3AI score0.62987EPSS
CVE
CVEadded 2010/01/22 10:0 p.m.68 views

CVE-2010-0027

The URL validation functionality in Microsoft Internet Explorer 5.01, 6, 6 SP1, 7 and 8, and the ShellExecute API function in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2, does not properly process input parameters, which allows remote attackers to execute arbitrary local programs via a cr...

9.3CVSS8.3AI score0.69488EPSS
CVE
CVEadded 2010/03/31 7:30 p.m.68 views

CVE-2010-0492

Use-after-free vulnerability in mstime.dll in Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code via vectors related to the TIME2 behavior, the CTimeAction object, and destruction of markup, leading to memory corruption, aka "HTML Object Memory Corruption Vulnerability....

9.3CVSS7.5AI score0.59559EPSS
CVE
CVEadded 2011/01/31 8:0 p.m.68 views

CVE-2011-0096

The MHTML protocol handler in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly handle a MIME format in a request for content blocks in a document, which allows remote att...

6.1CVSS5.5AI score0.79917EPSS
CVE
CVEadded 2013/10/09 2:53 p.m.68 views

CVE-2013-3195

The DSA_InsertItem function in Comctl32.dll in the Windows common control library in Microsoft Windows XP SP2, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT does not properly allocate memory, which allow...

10CVSS7.6AI score0.52548EPSS
CVE
CVEadded 2015/03/11 10:59 a.m.68 views

CVE-2015-0088

Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code via a crafted (1) web site or (2) file...

9.3CVSS7.8AI score0.28354EPSS
CVE
CVEadded 2015/08/15 12:59 a.m.68 views

CVE-2015-2430

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow attackers to bypass an application sandbox protection mechanism and perform unspecified filesystem actions via a crafted applica...

9.3CVSS6.5AI score0.05306EPSS
CVE
CVEadded 2015/08/15 12:59 a.m.68 views

CVE-2015-2459

ATMFD.DLL in the Windows Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows remote attackers to execute arbitrary code via a crafted Ope...

9.3CVSS7.3AI score0.54061EPSS
CVE
CVEadded 2015/08/15 12:59 a.m.68 views

CVE-2015-2462

ATMFD.DLL in the Windows Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, Windows 10, and .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, 4.5.2, and 4.6 ...

9.3CVSS7.4AI score0.43979EPSS
CVE
CVEadded 2015/11/11 12:59 p.m.68 views

CVE-2015-6101

The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 allows local users to gain privileges via a crafted application, aka "Windows Kernel Memory El...

6.9CVSS6.3AI score0.20184EPSS
CVE
CVEadded 2016/12/20 6:59 a.m.68 views

CVE-2016-7257

The GDI component in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Office for Mac 2011, and Office 2016 for Mac allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "GDI Information Disclosure Vulnerability."

6.5CVSS6.5AI score0.21472EPSS
CVE
CVEadded 2017/11/15 3:29 a.m.68 views

CVE-2017-11832

The Microsoft Windows embedded OpenType (EOT) font engine in Windows 7 SP1, Windows Server 2008 SP2 and 2008 R2 SP1, and Windows Server 2012 allows an attacker to potentially read data that was not intended to be disclosed, due to the way that the Microsoft Windows EOT font engine parses specially ...

4.7CVSS5AI score0.02807EPSS
CVE
CVEadded 2017/08/08 9:29 p.m.68 views

CVE-2017-8624

CLFS in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an elevation of privilege vulnerability due to the way it handles objects in memory, aka "Windows CLFS Elevation...

7.8CVSS8.1AI score0.01092EPSS
CVE
CVEadded 2017/08/08 9:29 p.m.68 views

CVE-2017-8666

Microsoft Win32k in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an information disclosure vulnerability when it fails to properly handle objects in memory, aka ...

5.5CVSS6.2AI score0.08EPSS
CVE
CVEadded 2018/12/12 12:29 a.m.68 views

CVE-2018-8621

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows Server 2012, Windows 7, Windows Server 2008 R2. This CVE ID is unique from CVE-2018-8477, CVE-2018-8622.

5.5CVSS6.5AI score0.01202EPSS
CVE
CVEadded 2020/03/12 4:15 p.m.68 views

CVE-2020-0844

An elevation of privilege vulnerability exists when Connected User Experiences and Telemetry Service improperly handles file operations, aka 'Connected User Experiences and Telemetry Service Elevation of Privilege Vulnerability'.

7.8CVSS8.5AI score0.0037EPSS
CVE
CVEadded 2020/03/12 4:15 p.m.68 views

CVE-2020-0871

An information disclosure vulnerability exists when Windows Network Connections Service fails to properly handle objects in memory, aka 'Windows Network Connections Service Information Disclosure Vulnerability'.

5.5CVSS6.5AI score0.01687EPSS
CVE
CVEadded 2020/05/21 11:15 p.m.68 views

CVE-2020-1076

A denial of service vulnerability exists when Windows improperly handles objects in memory, aka 'Windows Denial of Service Vulnerability'.

5.5CVSS6.8AI score0.00266EPSS
CVE
CVEadded 2024/10/08 6:15 p.m.68 views

CVE-2024-38261

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

7.8CVSS8.6AI score0.01039EPSS
CVE
CVEadded 2024/10/08 6:15 p.m.68 views

CVE-2024-43544

Microsoft Simple Certificate Enrollment Protocol Denial of Service Vulnerability

7.5CVSS8.2AI score0.1574EPSS
CVE
CVEadded 2025/01/14 6:15 p.m.68 views

CVE-2025-21250

Windows Telephony Service Remote Code Execution Vulnerability

8.8CVSS9AI score0.00626EPSS
Total number of security vulnerabilities3407