Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
MicrosoftWindows Server 2008

3407 matches found

CVE
CVEadded 2016/03/09 11:59 a.m.65 views

CVE-2016-0093

The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vu...

7.8CVSS7.5AI score0.16673EPSS
CVE
CVEadded 2016/03/09 11:59 a.m.65 views

CVE-2016-0098

Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 allow remote attackers to execute arbitrary code via crafted media content, aka "Windows Media Parsing Remote Code Execution Vulnerability."

9.3CVSS9AI score0.48268EPSS
CVE
CVEadded 2016/06/16 1:59 a.m.65 views

CVE-2016-3221

The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allow local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vu...

7.8CVSS7.5AI score0.02136EPSS
CVE
CVEadded 2016/09/14 10:59 a.m.65 views

CVE-2016-3306

The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 mishandles session objects, which allows local users to hijack sessions, and consequently gain privileges, ...

7.8CVSS7.2AI score0.00539EPSS
CVE
CVEadded 2017/08/08 9:29 p.m.65 views

CVE-2017-0293

Microsoft Windows PDF Library in Windows Server 2008 R2 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows a remote code execution vulnerability when it improperly handles objects in memory, aka "Windows PDF Remote Co...

7.6CVSS8.2AI score0.2824EPSS
CVE
CVEadded 2017/10/13 1:29 p.m.65 views

CVE-2017-11814

The Microsoft Windows Kernel component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, allows an information disclosure vulnerability when it improperly hand...

5.5CVSS6.7AI score0.08EPSS
CVE
CVEadded 2017/07/11 9:29 p.m.65 views

CVE-2017-8578

Win32k in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an elevation of privilege vulnerability when it fails to properly handle objects in memory, aka ...

9.3CVSS6.9AI score0.12071EPSS
CVE
CVEadded 2017/08/08 9:29 p.m.65 views

CVE-2017-8691

Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allow an attacker to execute code remotely on a target system when the Windows font library fails to properly handle specially crafted embedded fonts, aka "Express Compressed Fonts Remote Code Execution Vulnerability."

9.3CVSS8.8AI score0.41218EPSS
CVE
CVEadded 2021/03/11 4:15 p.m.65 views

CVE-2021-26861

Windows Graphics Component Remote Code Execution Vulnerability

7.8CVSS8.8AI score0.04005EPSS
CVE
CVEadded 2025/01/14 6:15 p.m.65 views

CVE-2025-21220

Microsoft Message Queuing Information Disclosure Vulnerability

7.5CVSS7.3AI score0.00599EPSS
CVE
CVEadded 2025/01/14 6:15 p.m.65 views

CVE-2025-21249

Windows Digital Media Elevation of Privilege Vulnerability

6.6CVSS6.5AI score0.00133EPSS
CVE
CVEadded 2025/01/14 6:16 p.m.65 views

CVE-2025-21411

Windows Telephony Service Remote Code Execution Vulnerability

8.8CVSS9AI score0.02401EPSS
CVE
CVEadded 2009/03/10 8:30 p.m.64 views

CVE-2009-0085

The Secure Channel (aka SChannel) authentication component in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008, when certificate authentication is used, does not properly validate the client's key exchange data in Transport Layer Security (TLS...

7.1CVSS6.6AI score0.21096EPSS
CVE
CVEadded 2010/02/10 6:30 p.m.64 views

CVE-2010-0233

Double free vulnerability in the kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows local users to gain privileges via a crafted application, aka "Windows Kernel Double Free Vulnerability."

7.2CVSS6.2AI score0.00512EPSS
CVE
CVEadded 2010/02/10 6:30 p.m.64 views

CVE-2010-0242

The TCP/IP implementation in Microsoft Windows Vista Gold, SP1, and SP2 and Server 2008 Gold and SP2 allows remote attackers to cause a denial of service (system hang) via crafted packets with malformed TCP selective acknowledgement (SACK) values, aka "TCP/IP Selective Acknowledgement Vulnerability...

7.8CVSS6.5AI score0.80211EPSS
CVE
CVEadded 2010/03/31 7:30 p.m.64 views

CVE-2010-0267

Microsoft Internet Explorer 6, 6 SP1, and 7 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerab...

9.3CVSS7.6AI score0.63927EPSS
CVE
CVEadded 2010/08/11 6:47 p.m.64 views

CVE-2010-1890

The kernel in Microsoft Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly validate ACLs on kernel objects, which allows local users to cause a denial of service (reboot) via a crafted application, aka "Windows Kernel Improper Validation Vulnerability....

4.6CVSS5.9AI score0.00484EPSS
CVE
CVEadded 2011/07/13 11:55 p.m.64 views

CVE-2011-1885

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that triggers a NULL pointer deref...

7.2CVSS6.4AI score0.00914EPSS
CVE
CVEadded 2012/06/12 10:55 p.m.64 views

CVE-2012-1864

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly handle user-mode input passed to kernel mode for driver objects, which allows local users to g...

7.2CVSS6.2AI score0.0135EPSS
CVE
CVEadded 2012/10/09 9:55 p.m.64 views

CVE-2012-2529

Integer overflow in the kernel in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that leverages improper handling of objects in memory, ...

7.2CVSS6.6AI score0.00455EPSS
CVE
CVEadded 2015/02/11 3:1 a.m.64 views

CVE-2015-0059

win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a crafted TrueType font, aka "TrueType Font Parsing Remote Code Execution Vuln...

6.9CVSS6.9AI score0.4257EPSS
CVE
CVEadded 2015/03/11 10:59 a.m.64 views

CVE-2015-0081

Windows Text Services (WTS) in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code via a crafted (1) web site o...

9.3CVSS7.9AI score0.65263EPSS
CVE
CVEadded 2015/03/11 10:59 a.m.64 views

CVE-2015-0094

The kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 do not properly restrict the availability of address information during a function...

2.1CVSS5.8AI score0.02669EPSS
CVE
CVEadded 2015/09/09 12:59 a.m.64 views

CVE-2015-2535

Active Directory in Microsoft Windows Server 2008 SP2 and R2 SP1 and Server 2012 Gold and R2 allows remote authenticated users to cause a denial of service (service outage) by creating multiple machine accounts, aka "Active Directory Denial of Service Vulnerability."

4CVSS6.9AI score0.17292EPSS
CVE
CVEadded 2017/11/15 3:29 a.m.64 views

CVE-2017-11852

Microsoft GDI Component in Windows 7 SP1 and Windows Server 2008 SP2 and R2 SP1 allows an attacker to log on to an affected system and run a specially crafted application to compromise the user's system, due improperly disclosing kernel memory addresses, aka "Windows GDI Information Disclosure Vuln...

4.7CVSS5.1AI score0.01334EPSS
CVE
CVEadded 2017/06/15 1:29 a.m.64 views

CVE-2017-8553

An information disclosure vulnerability exists in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows Server 2016 when the Windows kernel improperly handles objects in memory, aka "GDI Information Disclosure Vulnerability".

4.7CVSS4.5AI score0.02644EPSS
CVE
CVEadded 2017/07/11 9:29 p.m.64 views

CVE-2017-8556

Graphics in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an elevation of privilege vulnerability when it fails to properly handle objects in memory, ak...

7CVSS6.9AI score0.00972EPSS
CVE
CVEadded 2017/08/08 9:29 p.m.64 views

CVE-2017-8668

The Volume Manager Extension Driver in Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2 allows an attacker to run a specially crafted application and obtain kernel information, aka "Volume Manager Extension Driver Information Di...

5.5CVSS6.1AI score0.08125EPSS
CVE
CVEadded 2020/05/21 11:15 p.m.64 views

CVE-2020-1179

An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-0963, CVE-2020-1141, CVE-2020-1145.

6.5CVSS6.5AI score0.2819EPSS
CVE
CVEadded 2009/12/09 6:30 p.m.63 views

CVE-2009-3671

Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) is deleted, leading to memory corruption, aka "Uninitialized Memory Corruption Vulnerability," a diff...

9.3CVSS7.2AI score0.61042EPSS
CVE
CVEadded 2010/02/10 6:30 p.m.63 views

CVE-2010-0035

The Key Distribution Center (KDC) in Kerberos in Microsoft Windows 2000 SP4, Server 2003 SP2, and Server 2008 Gold and SP2, when a trust relationship with a non-Windows Kerberos realm exists, allows remote authenticated users to cause a denial of service (NULL pointer dereference and domain control...

6.3CVSS6.1AI score0.49276EPSS
CVE
CVEadded 2011/04/13 6:55 p.m.63 views

CVE-2011-0034

Stack-based buffer overflow in the OpenType Compact Font Format (aka OTF or CFF) driver in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary cod...

9.3CVSS8AI score0.46866EPSS
CVE
CVEadded 2011/12/30 1:55 a.m.63 views

CVE-2011-3415

Open redirect vulnerability in the Forms Authentication feature in the ASP.NET subsystem in Microsoft .NET Framework 2.0 SP2, 3.5 SP1, 3.5.1, and 4.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a crafted return URL, aka "Insecure Redirect in .NE...

6.8CVSS6.5AI score0.48863EPSS
CVE
CVEadded 2012/05/09 12:55 a.m.63 views

CVE-2012-0178

Race condition in partmgr.sys in Windows Partition Manager in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that makes multiple simultaneous Plug and Play (PnP) Configuration Manager f...

7.2CVSS6.4AI score0.00479EPSS
CVE
CVEadded 2012/08/15 1:55 a.m.63 views

CVE-2012-1850

The Remote Administration Protocol (RAP) implementation in the LanmanWorkstation service in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly handle RAP responses, which allows remote a...

5CVSS6.6AI score0.60252EPSS
CVE
CVEadded 2013/08/14 11:10 a.m.63 views

CVE-2013-3198

The NT Virtual DOS Machine (NTVDM) subsystem in the kernel in Microsoft Windows XP SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, Windows 7 SP1, and Windows 8 on 32-bit platforms does not properly validate kernel-memory addresses, which allows local users to gain privileg...

7.2CVSS6.2AI score0.01283EPSS
CVE
CVEadded 2013/09/11 2:3 p.m.63 views

CVE-2013-3864

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application, aka "Win32k Multi...

7.2CVSS6.2AI score0.01084EPSS
CVE
CVEadded 2015/01/13 10:59 p.m.63 views

CVE-2015-0006

The Network Location Awareness (NLA) service in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 does not perform mutual authentication to determine a domain connection, which allows ...

6.1CVSS6.6AI score0.12799EPSS
CVE
CVEadded 2015/03/11 10:59 a.m.63 views

CVE-2015-0090

Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code via a crafted (1) web site or (2) file...

9.3CVSS7.8AI score0.28354EPSS
CVE
CVEadded 2015/03/11 10:59 a.m.63 views

CVE-2015-0092

Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code via a crafted (1) web site or (2) file...

9.3CVSS7.8AI score0.28354EPSS
CVE
CVEadded 2015/06/10 1:59 a.m.63 views

CVE-2015-1721

The kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow local users to gain privileges or cause a denial of service (NULL...

7.2CVSS6.5AI score0.08141EPSS
CVE
CVEadded 2015/08/15 12:59 a.m.63 views

CVE-2015-2453

The Client/Server Run-time Subsystem (CSRSS) in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to obtain sensitive information via a crafted application that cont...

4.7CVSS6AI score0.0545EPSS
CVE
CVEadded 2015/11/11 12:59 p.m.63 views

CVE-2015-6112

SChannel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 lacks the required extended master-secret binding support to ensure that a server's X.509 certificate is the same during r...

5.8CVSS5.8AI score0.07352EPSS
CVE
CVEadded 2015/12/09 11:59 a.m.63 views

CVE-2015-6125

Use-after-free vulnerability in the DNS server in Microsoft Windows Server 2008 SP2 and R2 SP1 and Server 2012 Gold and R2 allows remote attackers to execute arbitrary code via crafted requests, aka "Windows DNS Use After Free Vulnerability."

9.3CVSS7.7AI score0.59229EPSS
CVE
CVEadded 2016/01/13 5:59 a.m.63 views

CVE-2016-0016

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 mishandle DLL loading, which allows local users to gain privileges via a crafted application, aka "DLL Loadi...

7.8CVSS7.8AI score0.05799EPSS
CVE
CVEadded 2016/02/10 11:59 a.m.63 views

CVE-2016-0041

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold and 1511, and Internet Explorer 10 and 11 mishandle DLL loading, which allows local users to gain privileges via a crafted application, aka "...

7.8CVSS7.7AI score0.60439EPSS
CVE
CVEadded 2019/08/14 9:15 p.m.63 views

CVE-2019-1228

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.To exploit this vulnerability, an attacker would have to log on to ...

5.5CVSS5.3AI score0.00902EPSS
CVE
CVEadded 2024/10/08 6:15 p.m.63 views

CVE-2024-43593

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

8.8CVSS9.1AI score0.1027EPSS
CVE
CVEadded 2025/05/13 5:16 p.m.63 views

CVE-2025-32707

Out-of-bounds read in Windows NTFS allows an unauthorized attacker to elevate privileges locally.

7.8CVSS7.5AI score0.00079EPSS
CVE
CVEadded 2025/06/10 5:21 p.m.63 views

CVE-2025-32715

Out-of-bounds read in Remote Desktop Client allows an unauthorized attacker to disclose information over a network.

6.5CVSS6.2AI score0.00064EPSS
Total number of security vulnerabilities3407