Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
MicrosoftWindows Server 2008*

689 matches found

CVE
CVEadded 2010/02/10 6:30 p.m.101 views

CVE-2010-0021

Multiple race conditions in the SMB implementation in the Server service in Microsoft Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allow remote attackers to cause a denial of service (system hang) via a crafted (1) SMBv1 or (2) SMBv2 Negotiate packet, aka "...

7.1CVSS6.4AI score0.1244EPSS
CVE
CVEadded 2016/10/14 2:59 a.m.101 views

CVE-2016-0070

The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 allows local users to gain privileges via a crafted application that makes an API call to access sensitive ...

5.5CVSS5.3AI score0.04799EPSS
CVE
CVEadded 2016/06/16 1:59 a.m.101 views

CVE-2016-3225

The SMB server component in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to gain privileges via a crafted application that forwards an authentication requ...

7.8CVSS7.6AI score0.22288EPSS
CVE
CVEadded 2016/12/20 6:59 a.m.101 views

CVE-2016-7274

Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows remote attackers to execute arbitrary code via a crafted web site, aka "Windows ...

9.3CVSS8.8AI score0.44912EPSS
CVE
CVEadded 2017/04/12 2:59 p.m.101 views

CVE-2017-0182

A denial of service vulnerability exists when Microsoft Hyper-V Network Switch running on a Windows 10, Windows Server 2008 R2, Windows 8.1, Windows Server 2012 R2, or Windows Server 2016 host server fails to properly validate input from a privileged user on a guest operating system, aka "Hyper-V D...

6.3CVSS5.9AI score0.00584EPSS
CVE
CVEadded 2017/06/15 1:29 a.m.101 views

CVE-2017-0260

A remote code execution vulnerability exists in Microsoft Office when the software fails to properly handle objects in memory, aka "Office Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-8509, CVE-2017-8510, CVE-2017-8511, CVE-2017-8512, and CVE-2017-8506.

9.3CVSS6.8AI score0.36403EPSS
CVE
CVEadded 2009/10/14 10:30 a.m.100 views

CVE-2009-2532

Microsoft Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold and SP2, and Windows 7 RC do not properly process the command value in an SMB Multi-Protocol Negotiate Request packet, which allows remote attackers to execute arbitrary code via a crafted SMBv2 packet to the Server service, aka "...

10CVSS7.5AI score0.61784EPSS
CVE
CVEadded 2017/03/17 12:59 a.m.100 views

CVE-2017-0050

The kernel API in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7; Windows 8; Windows 10 Gold, 1511, and 1607; Windows RT 8.1; Windows Server 2012 Gold and R2; and Windows Server 2016 does not properly enforce permissions, which allows local users to spoof processes, spoo...

7.8CVSS5.7AI score0.03663EPSS
CVE
CVEadded 2017/04/12 2:59 p.m.100 views

CVE-2017-0184

A denial of service vulnerability exists when Microsoft Hyper-V running on a host server fails to properly validate input from a privileged user on a guest operating system, aka "Hyper-V Denial of Service Vulnerability." This CVE ID is unique from CVE-2017-0178, CVE-2017-0179, CVE-2017-0182, CVE-20...

5.4CVSS5.7AI score0.00584EPSS
CVE
CVEadded 2017/09/13 1:29 a.m.100 views

CVE-2017-8696

Windows Uniscribe in Microsoft Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Office 2007 SP3; Office 2010 SP2; Word Viewer; Office for Mac 2011 and 2016; Skype for Business 2016; Lync 2013 SP1; Lync 2010; Lync 2010 Attendee; and Live Meeting 2007 Add-in and Console allows an attacker to execut...

7.6CVSS7AI score0.21457EPSS
CVE
CVEadded 2016/05/11 1:59 a.m.99 views

CVE-2016-0169

GDI in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows remote attackers to obtain sensitive information via a crafted document, aka "Windows Graphics Component Informati...

6.5CVSS5.9AI score0.69648EPSS
CVE
CVEadded 2017/05/12 2:29 p.m.99 views

CVE-2017-0220

The Windows kernel in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, and Windows Server 2012 Gold allows authenticated attackers to obtain sensitive information via a specially crafted document, aka "Windows Kernel Information Disclosure Vulnerability," a different vulnerability than CVE-2017-0...

4.7CVSS4.2AI score0.04995EPSS
CVE
CVEadded 2017/05/12 2:29 p.m.99 views

CVE-2017-0245

The kernel-mode drivers in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1 and Windows Server 2012 Gold allow a local authenticated attacker to execute a specially crafted application to obtain kernel information, aka "Win32k Information Disclosure Vulnerability."

4.7CVSS5.5AI score0.19638EPSS
CVE
CVEadded 2017/06/15 1:29 a.m.99 views

CVE-2017-8534

Uniscribe in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, Windows Server 2016, Microsoft Office 2007 SP3, and Microsoft Office 2010 SP2 allows improper disclosure of memory contents, aka "Windows Uniscr...

6.5CVSS5AI score0.17084EPSS
CVE
CVEadded 2018/02/15 2:29 a.m.99 views

CVE-2018-0844

The Windows Common Log File System (CLFS) driver in Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege vulnerability ...

7.8CVSS6.8AI score0.00344EPSS
CVE
CVEadded 2009/10/14 10:30 a.m.98 views

CVE-2009-2502

Buffer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3, Office E...

9.3CVSS9.7AI score0.42434EPSS
CVE
CVEadded 2011/08/10 9:55 p.m.98 views

CVE-2011-1966

The DNS server in Microsoft Windows Server 2008 SP2, R2, and R2 SP1 does not properly handle NAPTR queries that trigger recursive processing, which allows remote attackers to execute arbitrary code via a crafted query, aka "DNS NAPTR Query Vulnerability."

10CVSS7.5AI score0.65816EPSS
CVE
CVEadded 2016/05/11 1:59 a.m.98 views

CVE-2016-0170

GDI in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows remote attackers to execute arbitrary code via a crafted document, aka "Windows Graphics Component RCE Vulnerabili...

9.3CVSS8.6AI score0.79897EPSS
CVE
CVEadded 2016/05/11 1:59 a.m.98 views

CVE-2016-0178

The RPC NDR Engine in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 mishandles free operations, which allows remote attackers to execute arbitrary code via malformed RPC requ...

9CVSS8.8AI score0.25703EPSS
CVE
CVEadded 2016/12/20 6:59 a.m.98 views

CVE-2016-7272

The Graphics component in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows remote attackers to execute arbitrary code via a crafted web site, ...

9.3CVSS8.8AI score0.44935EPSS
CVE
CVEadded 2017/03/17 12:59 a.m.98 views

CVE-2017-0045

Windows DVD Maker in Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, and Windows Vista SP2 does not properly parse crafted .msdvd files, which allows attackers to obtain information to compromise a target system, aka "Windows DVD Maker Cross-Site Request Forgery Vulnerability."

5.5CVSS5.1AI score0.05478EPSS
Web
CVE
CVEadded 2017/03/17 12:59 a.m.98 views

CVE-2017-0056

The kernel-mode drivers in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allow local users to gain privileges via a crafted application, aka "Win3...

7.8CVSS6AI score0.06734EPSS
CVE
CVEadded 2017/03/17 12:59 a.m.98 views

CVE-2017-0072

Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to execute arbitrary code via a crafted web site, aka "Uniscribe Remote Code Execution Vulnerability." This vulnerability is different from those described in CVE-2017-0083, CVE-2...

9.3CVSS7.4AI score0.62388EPSS
CVE
CVEadded 2017/06/15 1:29 a.m.98 views

CVE-2017-0299

The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an authenticated attacker to obtain information via a specially crafted application. aka "Window...

5CVSS4.9AI score0.14765EPSS
CVE
CVEadded 2017/11/15 3:29 a.m.98 views

CVE-2017-11847

Windows kernel in Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and RT1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016, and Windows Server, version 1709 allows an attacker to run arbitrary code in kernel mode, install programs, view, c...

9.3CVSS7.6AI score0.18237EPSS
CVE
CVEadded 2017/06/15 1:29 a.m.98 views

CVE-2017-8533

Graphics in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows improper disclosure of memory contents, aka "Graphics Uniscribe Information Disclosure Vulnerability". This ...

6.5CVSS5.1AI score0.24455EPSS
CVE
CVEadded 2022/04/15 7:15 p.m.98 views

CVE-2022-26797

Windows Print Spooler Elevation of Privilege Vulnerability

7.8CVSS8.6AI score0.0036EPSS
CVE
CVEadded 2012/05/09 12:55 a.m.97 views

CVE-2012-0180

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, and Windows 8 Consumer Preview does not properly handle user-mode input passed to kernel mode for (1) windows and (...

7.8CVSS6.2AI score0.01535EPSS
CVE
CVEadded 2016/09/14 10:59 a.m.97 views

CVE-2016-3373

The kernel API in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 does not properly implement registry access control, which allows local users to obtain sensitive accou...

5.5CVSS5.6AI score0.10967EPSS
Web
CVE
CVEadded 2009/08/12 5:30 p.m.96 views

CVE-2009-1133

Heap-based buffer overflow in Microsoft Remote Desktop Connection (formerly Terminal Services Client) running RDP 5.0 through 6.1 on Windows, and Remote Desktop Connection Client for Mac 2.0, allows remote attackers to execute arbitrary code via unspecified parameters, aka "Remote Desktop Connectio...

9.3CVSS8.2AI score0.66645EPSS
CVE
CVEadded 2012/05/09 12:55 a.m.96 views

CVE-2012-1848

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, and Windows 8 Consumer Preview does not properly handle user-mode input passed to kernel mode, which allows local u...

7.2CVSS6.2AI score0.01724EPSS
CVE
CVEadded 2017/09/13 1:29 a.m.96 views

CVE-2017-8681

The Windows kernel component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an information disclosure vulnerability when it improperly handles objects...

5.5CVSS5.4AI score0.26895EPSS
CVE
CVEadded 2014/07/08 10:55 p.m.95 views

CVE-2014-1767

Double free vulnerability in the Ancillary Function Driver (AFD) in afd.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 all...

7.2CVSS6.3AI score0.57587EPSS
CVE
CVEadded 2017/11/15 3:29 a.m.95 views

CVE-2017-11788

Windows Search in Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows server, version 1709 allows an unauthenticated attacker to remotely send specially crafted messages th...

7.5CVSS7.1AI score0.18853EPSS
CVE
CVEadded 2017/07/11 9:29 p.m.95 views

CVE-2017-8589

Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows a remote code execution vulnerability due to the way that Windows Search handles objects in memory, aka "Windows...

10CVSS7.3AI score0.28386EPSS
CVE
CVEadded 2009/10/14 10:30 a.m.94 views

CVE-2009-2497

The Common Language Runtime (CLR) in Microsoft .NET Framework 2.0, 2.0 SP1, 2.0 SP2, 3.5, and 3.5 SP1, and Silverlight 2, does not properly handle interfaces, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (XBAP), (2) a crafted Silverlight applica...

9.3CVSS7.2AI score0.34898EPSS
CVE
CVEadded 2016/05/11 1:59 a.m.94 views

CVE-2016-0174

The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allow local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vu...

7.8CVSS7.5AI score0.02289EPSS
CVE
CVEadded 2017/07/11 9:29 p.m.93 views

CVE-2017-8495

Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an attacker to bypass Extended Protection for Authentication when Kerberos fails to prevent tampering with t...

7.5CVSS6.8AI score0.08734EPSS
CVE
CVEadded 2009/04/15 8:0 a.m.92 views

CVE-2009-0550

Windows HTTP Services (aka WinHTTP) in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008; and WinINet in Microsoft Internet Explorer 5.01 SP4, 6 SP1, 6 and 7 on Windows XP SP2 and SP3, 6 and 7 on Windows Server 2003 SP1 and SP2, 7 on Windows Vi...

9.3CVSS6.9AI score0.34824EPSS
CVE
CVEadded 2011/06/16 8:55 p.m.92 views

CVE-2011-1249

The Ancillary Function Driver (AFD) in afd.sys in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly validate user-mode input, which allows local users to gain privileges v...

7.2CVSS6.3AI score0.39393EPSS
CVE
CVEadded 2016/08/09 9:59 p.m.92 views

CVE-2016-3303

The Windows font library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Office 2007 SP3, Office 2010 SP2, Word Viewer, Skype for Business 2016, Lync 2013 SP1, Lync 2010, Lync 2010 Attendee, and Live Meeting 2007 Console allows remote attackers to execute arbitrar...

9.3CVSS7.8AI score0.49756EPSS
CVE
CVEadded 2016/10/14 2:59 a.m.92 views

CVE-2016-7185

The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 allow local users to gain privileges via a crafted application, aka "Win32k Elevation of Privi...

7.8CVSS7AI score0.11906EPSS
CVE
CVEadded 2017/04/12 2:59 p.m.92 views

CVE-2017-0058

A Win32k information disclosure vulnerability exists in Microsoft Windows when the win32k component improperly provides kernel information. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user's system, aka "Win32k Information Disclosure V...

4.7CVSS5AI score0.16494EPSS
CVE
CVEadded 2017/03/17 12:59 a.m.92 views

CVE-2017-0084

Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows remote attackers to execute arbitrary code via a crafted web site, aka "Windows ...

9.3CVSS7.4AI score0.62388EPSS
CVE
CVEadded 2017/03/17 12:59 a.m.92 views

CVE-2017-0090

Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to execute arbitrary code via a crafted web site, aka "Uniscribe Remote Code Execution Vulnerability." This vulnerability is different from those described in CVE-2017-0072, CVE-2...

9.3CVSS7.4AI score0.62388EPSS
CVE
CVEadded 2017/03/17 12:59 a.m.92 views

CVE-2017-0116

Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Uniscribe Information Disclosure Vulnerability." CVE-2017-0085, CVE-2017-0091, CVE-2017-0092, CVE-...

4.3CVSS4.5AI score0.13744EPSS
CVE
CVEadded 2017/03/17 12:59 a.m.92 views

CVE-2017-0121

Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows remote attackers to obtain sensitive information from process memory via a craft...

4.3CVSS4.5AI score0.13744EPSS
CVE
CVEadded 2009/08/12 5:30 p.m.91 views

CVE-2009-2494

The Active Template Library (ATL) in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows remote attackers to execute arbitrary code via vectors related to erroneous free operations after reading a variant from a stream and delet...

10CVSS7.4AI score0.57185EPSS
CVE
CVEadded 2017/03/17 12:59 a.m.91 views

CVE-2017-0123

Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Uniscribe Information Disclosure Vulnerability." CVE-2017-0085, CVE-2017-0091, CVE-2017-0092, CVE-...

4.3CVSS4.5AI score0.13744EPSS
CVE
CVEadded 2017/04/12 2:59 p.m.91 views

CVE-2017-0163

A remote code execution vulnerability exists when Windows Hyper-V Network Switch running on a host server fails to properly validate input from an authenticated user on a guest operating system, aka "Hyper-V Remote Code Execution Vulnerability." This CVE ID is unique from CVE-2017-0162, CVE-2017-01...

7.6CVSS7.9AI score0.00421EPSS
Total number of security vulnerabilities689