Windows Server 2008@* Security Vulnerabilities and Issues — Page 23 of Windows Server 2008@* CVE List

SMB in the Server service in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows remote attackers to execute arbitrary code via malformed values of unspecified "fields inside the SMB packets" in an NT Trans2 request, related to "insufficie...

10CVSS8.2AI score0.63471EPSS

CVE•added 2019/09/11 10:15 p.m.•110 views

CVE-2019-1243

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1240, CVE-2019-1241, CVE-2019-1242, CVE-2019-1246, CVE-2019-1247, CVE-2019-1248,...

9.3CVSS8.5AI score0.35463EPSS

CVE•added 2019/09/11 10:15 p.m.•110 views

CVE-2019-1290

A remote code execution vulnerability exists in the Windows Remote Desktop Client when a user connects to a malicious server, aka 'Remote Desktop Client Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0787, CVE-2019-0788, CVE-2019-1291.

9.3CVSS8.8AI score0.32912EPSS

CVE•added 2020/02/11 10:15 p.m.•110 views

CVE-2020-0731

An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0691, CVE-2020-0719, CVE-2020-0720, CVE-2020-0721, CVE-2020-0722, CVE-2020-0723, CVE...

7.8CVSS7.7AI score0.00549EPSS

CVE•added 2020/03/12 4:15 p.m.•110 views

CVE-2020-0822

An elevation of privilege vulnerability exists when the Windows Language Pack Installer improperly handles file operations, aka 'Windows Language Pack Installer Elevation of Privilege Vulnerability'.

7.8CVSS8.5AI score0.00511EPSS

CVE•added 2020/04/15 3:15 p.m.•110 views

CVE-2020-0889

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0953, CVE-2020-0959, CVE-2020-0960, CVE-2020-0988, CVE-2020-0992, CVE-2020-0994,...

9.3CVSS8AI score0.33652EPSS

CVE•added 2020/06/09 8:15 p.m.•110 views

CVE-2020-1317

An elevation of privilege vulnerability exists when Group Policy improperly checks access, aka 'Group Policy Elevation of Privilege Vulnerability'.

9CVSS8.2AI score0.13405EPSS

CVE•added 2021/09/15 12:15 p.m.•110 views

CVE-2021-36962

Windows Installer Information Disclosure Vulnerability

5.5CVSS6.6AI score0.00478EPSS

CVE•added 2022/11/09 10:15 p.m.•110 views

CVE-2022-41044

Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability

8.1CVSS8.5AI score0.00147EPSS

CVE•added 2022/12/13 7:15 p.m.•110 views

CVE-2022-41121

Windows Graphics Component Elevation of Privilege Vulnerability

7.8CVSS7.9AI score0.00179EPSS

CVE•added 2023/04/11 9:15 p.m.•110 views

CVE-2023-28254

Windows DNS Server Remote Code Execution Vulnerability

7.2CVSS7.2AI score0.01EPSS

CVE•added 2023/07/11 6:15 p.m.•110 views

CVE-2023-32038

Microsoft ODBC Driver Remote Code Execution Vulnerability

8.8CVSS9.3AI score0.00379EPSS

CVE•added 2024/11/12 6:15 p.m.•110 views

CVE-2024-43634

Windows USB Video Class System Driver Elevation of Privilege Vulnerability

6.8CVSS6.7AI score0.00259EPSS

CVE•added 2009/10/14 10:30 a.m.•109 views

CVE-2009-2526

Microsoft Windows Vista Gold, SP1, and SP2 and Server 2008 Gold and SP2 do not properly validate fields in SMBv2 packets, which allows remote attackers to cause a denial of service (infinite loop and system hang) via a crafted packet to the Server service, aka "SMBv2 Infinite Loop Vulnerability."

7.8CVSS6.3AI score0.80775EPSS

CVE•added 2016/02/10 11:59 a.m.•109 views

CVE-2016-0042

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 mishandle DLL loading, which allows local users to gain privileges via a crafted application, aka "Windows DLL Loading Remote Co...

7.8CVSS7.8AI score0.01232EPSS

CVE•added 2017/03/17 12:59 a.m.•109 views

CVE-2017-0062

The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607 allows remote attackers to obtain sensitive information from process memory via a ...

4.7CVSS4.3AI score0.14618EPSS

CVE•added 2019/05/16 7:29 p.m.•109 views

CVE-2019-0898

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0889, CVE-2019-0890, CVE-2019-0891, CVE-2019-0893, CVE-2019-0894, CVE-2019-0895,...

9.3CVSS8.1AI score0.29592EPSS

CVE•added 2019/12/10 10:15 p.m.•109 views

CVE-2019-1484

A remote code execution vulnerability exists when Microsoft Windows OLE fails to properly validate user input, aka 'Windows OLE Remote Code Execution Vulnerability'.

7.8CVSS8.3AI score0.26234EPSS

CVE•added 2020/02/11 10:15 p.m.•109 views

CVE-2020-0657

An elevation of privilege vulnerability exists when the Windows Common Log File System (CLFS) driver improperly handles objects in memory, aka 'Windows Common Log File System Driver Elevation of Privilege Vulnerability'.

7.8CVSS8AI score0.00511EPSS

CVE•added 2021/10/13 1:15 a.m.•109 views

CVE-2021-38663

Windows exFAT File System Information Disclosure Vulnerability

5.5CVSS6.6AI score0.00418EPSS

CVE•added 2021/10/13 1:15 a.m.•109 views

CVE-2021-40443

Windows Common Log File System Driver Elevation of Privilege Vulnerability

7.8CVSS7.9AI score0.00465EPSS

CVE•added 2022/04/15 7:15 p.m.•109 views

CVE-2022-26794

Windows Print Spooler Elevation of Privilege Vulnerability

7.8CVSS8.6AI score0.0036EPSS

CVE•added 2023/05/31 7:15 p.m.•109 views

CVE-2022-35750

Win32k Elevation of Privilege Vulnerability

7.8CVSS8.6AI score0.05669EPSS

CVE•added 2022/10/11 7:15 p.m.•109 views

CVE-2022-37975

Windows Group Policy Elevation of Privilege Vulnerability

8.8CVSS8.6AI score0.05047EPSS

CVE•added 2022/09/13 7:15 p.m.•109 views

CVE-2022-38006

Windows Graphics Component Information Disclosure Vulnerability

6.5CVSS7.6AI score0.04116EPSS

CVE•added 2023/02/14 8:15 p.m.•109 views

CVE-2023-21688

NT OS Kernel Elevation of Privilege Vulnerability

7.8CVSS7.7AI score0.02645EPSS

CVE•added 2023/04/11 9:15 p.m.•109 views

CVE-2023-28268

Netlogon RPC Elevation of Privilege Vulnerability

8.1CVSS8AI score0.00942EPSS

CVE•added 2023/06/14 12:15 a.m.•109 views

CVE-2023-29346

NTFS Elevation of Privilege Vulnerability

7.8CVSS8.6AI score0.00211EPSS

CVE•added 2024/08/13 6:15 p.m.•109 views

CVE-2024-38198

Windows Print Spooler Elevation of Privilege Vulnerability

7.5CVSS7.6AI score0.0123EPSS

CVE•added 2025/02/11 6:15 p.m.•109 views

CVE-2025-21376

Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability

8.1CVSS8.5AI score0.00458EPSS

CVE•added 2011/11/04 9:55 p.m.•108 views

CVE-2011-3402

Unspecified vulnerability in the TrueType font parsing engine in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows remote attackers to execute arbitrary co...

9.3CVSS7.4AI score0.92304EPSS

CVE•added 2017/04/12 2:59 p.m.•108 views

CVE-2017-0180

A remote code execution vulnerability exists when Windows Hyper-V Network Switch running on a host server fails to properly validate input from an authenticated user on a guest operating system, aka "Hyper-V Remote Code Execution Vulnerability." This CVE ID is unique from CVE-2017-0162, CVE-2017-01...

7.6CVSS7.9AI score0.00421EPSS

CVE•added 2019/09/11 10:15 p.m.•108 views

CVE-2019-1285

7.8CVSS8AI score0.01395EPSS

CVE•added 2020/01/14 11:15 p.m.•108 views

CVE-2020-0631

An elevation of privilege vulnerability exists in the way that the Windows Search Indexer handles objects in memory, aka 'Windows Search Indexer Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0613, CVE-2020-0614, CVE-2020-0623, CVE-2020-0625, CVE-2020-0626, CVE-2020-0627...

7.8CVSS7.7AI score0.00511EPSS

CVE•added 2020/02/11 10:15 p.m.•108 views

CVE-2020-0677

An information disclosure vulnerability exists in the Cryptography Next Generation (CNG) service when it fails to properly handle objects in memory.To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application.The security update addre...

5.5CVSS5.2AI score0.00996EPSS

CVE•added 2020/02/11 10:15 p.m.•108 views

CVE-2020-0681

7.6CVSS8.2AI score0.26532EPSS

CVE•added 2020/07/14 11:15 p.m.•108 views

CVE-2020-1408

A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts, aka 'Microsoft Graphics Remote Code Execution Vulnerability'.

9.3CVSS7.3AI score0.12696EPSS

CVE•added 2021/07/14 6:15 p.m.•108 views

CVE-2021-33782

Windows Authenticode Spoofing Vulnerability

5.5CVSS6.7AI score0.01232EPSS

CVE•added 2021/07/14 6:15 p.m.•108 views

CVE-2021-34507

Windows Remote Assistance Information Disclosure Vulnerability

6.5CVSS7.2AI score0.04042EPSS

CVE•added 2022/04/15 7:15 p.m.•108 views

CVE-2022-26792

Windows Print Spooler Elevation of Privilege Vulnerability