Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
MicrosoftWindows Server 2008*

2508 matches found

CVE
CVEadded 2017/10/13 1:29 p.m.70 views

CVE-2017-11785

The Microsoft Windows Kernel component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, allows an information disclosure vulnerability when it improperly hand...

5.5CVSS6.7AI score0.08EPSS
CVE
CVEadded 2017/07/11 9:29 p.m.70 views

CVE-2017-8588

Microsoft WordPad in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows a remote code execution vulnerability due to the way it parses specially crafted files, aka "WordPa...

7.6CVSS7.2AI score0.28882EPSS
CVE
CVEadded 2020/03/12 4:15 p.m.70 views

CVE-2020-0874

An information disclosure vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory, allowing an attacker to retrieve information from a targeted system, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-0774...

5.5CVSS6.1AI score0.29411EPSS
CVE
CVEadded 2020/03/12 4:15 p.m.70 views

CVE-2020-0882

An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-0774, CVE-2020-0874, CVE-2020-0879, CVE-2020-0880.

6.5CVSS6.2AI score0.29411EPSS
CVE
CVEadded 2024/07/09 5:15 p.m.70 views

CVE-2024-38044

DHCP Server Service Remote Code Execution Vulnerability

7.2CVSS8.3AI score0.15945EPSS
CVE
CVEadded 2024/10/08 6:15 p.m.70 views

CVE-2024-43453

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

8.8CVSS9.1AI score0.05059EPSS
CVE
CVEadded 2024/10/08 6:15 p.m.70 views

CVE-2024-43570

Windows Kernel Elevation of Privilege Vulnerability

7CVSS7.6AI score0.00168EPSS
CVE
CVEadded 2024/10/08 6:15 p.m.70 views

CVE-2024-43608

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

8.8CVSS9.1AI score0.04453EPSS
CVE
CVEadded 2025/01/14 6:15 p.m.70 views

CVE-2025-21258

Windows Digital Media Elevation of Privilege Vulnerability

6.6CVSS6.5AI score0.00133EPSS
CVE
CVEadded 2025/01/14 6:15 p.m.70 views

CVE-2025-21268

MapUrlToZone Security Feature Bypass Vulnerability

4.3CVSS4.6AI score0.00096EPSS
CVE
CVEadded 2025/01/14 6:15 p.m.70 views

CVE-2025-21306

Windows Telephony Service Remote Code Execution Vulnerability

8.8CVSS9AI score0.00626EPSS
CVE
CVEadded 2025/02/11 6:15 p.m.70 views

CVE-2025-21410

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

8.8CVSS8.8AI score0.00381EPSS
CVE
CVEadded 2010/02/10 6:30 p.m.69 views

CVE-2010-0241

The TCP/IP implementation in Microsoft Windows Vista Gold, SP1, and SP2 and Server 2008 Gold and SP2, when IPv6 is enabled, does not properly perform bounds checking on ICMPv6 Route Information packets, which allows remote attackers to execute arbitrary code via crafted packets, aka "ICMPv6 Route I...

10CVSS7.6AI score0.55484EPSS
CVE
CVEadded 2010/08/11 6:47 p.m.69 views

CVE-2010-2554

The Tracing Feature for Services in Microsoft Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 has incorrect ACLs on its registry keys, which allows local users to gain privileges via vectors involving a named pipe and impersonation, aka "Tracing Registry Key ACL Vuln...

7.8CVSS6.3AI score0.03437EPSS
CVE
CVEadded 2015/07/14 10:59 p.m.69 views

CVE-2015-2363

win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2 and R2 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application, aka "Win32k Eleva...

7.2CVSS6.5AI score0.01333EPSS
CVE
CVEadded 2016/05/11 1:59 a.m.69 views

CVE-2016-0197

dxgkrnl.sys in the DirectX Graphics kernel subsystem in the kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to gain privileges via a c...

7.8CVSS7.3AI score0.01498EPSS
CVE
CVEadded 2016/11/10 6:59 a.m.69 views

CVE-2016-3342

The Common Log File System (CLFS) driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows local users to gain privileges via a crafted appl...

9.3CVSS7.5AI score0.1385EPSS
CVE
CVEadded 2017/03/17 12:59 a.m.69 views

CVE-2017-0120

Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Windows Uniscribe Information Disclosure Vulnerability."

4.3CVSS4.2AI score0.1081EPSS
CVE
CVEadded 2017/03/17 12:59 a.m.69 views

CVE-2017-0124

Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Uniscribe Information Disclosure Vulnerability." CVE-2017-0085, CVE-2017-0091, CVE-2017-0092, CVE-...

4.3CVSS4.5AI score0.13744EPSS
CVE
CVEadded 2017/03/17 12:59 a.m.69 views

CVE-2017-0128

Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Uniscribe Information Disclosure Vulnerability." CVE-2017-0085, CVE-2017-0091, CVE-2017-0092, CVE-...

4.3CVSS4.5AI score0.13744EPSS
CVE
CVEadded 2019/04/09 12:29 a.m.69 views

CVE-2019-0683

An elevation of privilege vulnerability exists in Active Directory Forest trusts due to a default setting that lets an attacker in the trusting forest request delegation of a TGT for an identity from the trusted forest, aka 'Active Directory Elevation of Privilege Vulnerability'.

5.9CVSS6.4AI score0.06594EPSS
CVE
CVEadded 2023/07/11 6:15 p.m.69 views

CVE-2023-33172

Remote Procedure Call Runtime Denial of Service Vulnerability

7.5CVSS7.8AI score0.03672EPSS
CVE
CVEadded 2024/10/08 6:15 p.m.69 views

CVE-2024-38262

Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability

7.5CVSS8.5AI score0.00517EPSS
CVE
CVEadded 2025/01/14 6:15 p.m.69 views

CVE-2025-21287

Windows Installer Elevation of Privilege Vulnerability

7.8CVSS7.7AI score0.00159EPSS
CVE
CVEadded 2025/01/14 6:15 p.m.69 views

CVE-2025-21336

Windows Cryptographic Information Disclosure Vulnerability

5.6CVSS5.3AI score0.00069EPSS
CVE
CVEadded 2025/01/14 6:15 p.m.69 views

CVE-2025-21339

Windows Telephony Service Remote Code Execution Vulnerability

8.8CVSS9AI score0.02401EPSS
CVE
CVEadded 2025/02/11 6:15 p.m.69 views

CVE-2025-21350

Windows Kerberos Denial of Service Vulnerability

5.9CVSS6.9AI score0.00278EPSS
CVE
CVEadded 2009/03/11 2:19 p.m.68 views

CVE-2009-0234

The DNS Resolver Cache Service (aka DNSCache) in Windows DNS Server in Microsoft Windows 2000 SP4, Server 2003 SP1 and SP2, and Server 2008 does not properly cache crafted DNS responses, which makes it easier for remote attackers to predict transaction IDs and poison caches by sending many crafted ...

6.4CVSS6.3AI score0.62987EPSS
CVE
CVEadded 2010/01/22 10:0 p.m.68 views

CVE-2010-0027

The URL validation functionality in Microsoft Internet Explorer 5.01, 6, 6 SP1, 7 and 8, and the ShellExecute API function in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2, does not properly process input parameters, which allows remote attackers to execute arbitrary local programs via a cr...

9.3CVSS8.3AI score0.69488EPSS
CVE
CVEadded 2010/03/31 7:30 p.m.68 views

CVE-2010-0492

Use-after-free vulnerability in mstime.dll in Microsoft Internet Explorer 8 allows remote attackers to execute arbitrary code via vectors related to the TIME2 behavior, the CTimeAction object, and destruction of markup, leading to memory corruption, aka "HTML Object Memory Corruption Vulnerability....

9.3CVSS7.5AI score0.59559EPSS
CVE
CVEadded 2011/01/31 8:0 p.m.68 views

CVE-2011-0096

The MHTML protocol handler in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly handle a MIME format in a request for content blocks in a document, which allows remote att...

6.1CVSS5.5AI score0.79917EPSS
CVE
CVEadded 2013/10/09 2:53 p.m.68 views

CVE-2013-3195

The DSA_InsertItem function in Comctl32.dll in the Windows common control library in Microsoft Windows XP SP2, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT does not properly allocate memory, which allow...

10CVSS7.6AI score0.59625EPSS
CVE
CVEadded 2016/12/20 6:59 a.m.68 views

CVE-2016-7257

The GDI component in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Office for Mac 2011, and Office 2016 for Mac allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "GDI Information Disclosure Vulnerability."

6.5CVSS6.5AI score0.21472EPSS
CVE
CVEadded 2017/11/15 3:29 a.m.68 views

CVE-2017-11832

The Microsoft Windows embedded OpenType (EOT) font engine in Windows 7 SP1, Windows Server 2008 SP2 and 2008 R2 SP1, and Windows Server 2012 allows an attacker to potentially read data that was not intended to be disclosed, due to the way that the Microsoft Windows EOT font engine parses specially ...

4.7CVSS5AI score0.02807EPSS
CVE
CVEadded 2017/08/08 9:29 p.m.68 views

CVE-2017-8624

CLFS in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an elevation of privilege vulnerability due to the way it handles objects in memory, aka "Windows CLFS Elevation...

7.8CVSS8.1AI score0.01092EPSS
CVE
CVEadded 2017/08/08 9:29 p.m.68 views

CVE-2017-8666

Microsoft Win32k in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an information disclosure vulnerability when it fails to properly handle objects in memory, aka ...

5.5CVSS6.2AI score0.08EPSS
CVE
CVEadded 2020/03/12 4:15 p.m.68 views

CVE-2020-0844

An elevation of privilege vulnerability exists when Connected User Experiences and Telemetry Service improperly handles file operations, aka 'Connected User Experiences and Telemetry Service Elevation of Privilege Vulnerability'.

7.8CVSS8.5AI score0.0037EPSS
CVE
CVEadded 2020/03/12 4:15 p.m.68 views

CVE-2020-0871

An information disclosure vulnerability exists when Windows Network Connections Service fails to properly handle objects in memory, aka 'Windows Network Connections Service Information Disclosure Vulnerability'.

5.5CVSS6.5AI score0.01687EPSS
CVE
CVEadded 2024/10/08 6:15 p.m.68 views

CVE-2024-38261

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

7.8CVSS8.6AI score0.01205EPSS
CVE
CVEadded 2024/10/08 6:15 p.m.68 views

CVE-2024-43544

Microsoft Simple Certificate Enrollment Protocol Denial of Service Vulnerability

7.5CVSS8.2AI score0.16787EPSS
CVE
CVEadded 2025/01/14 6:15 p.m.68 views

CVE-2025-21250

Windows Telephony Service Remote Code Execution Vulnerability

8.8CVSS9AI score0.00626EPSS
CVE
CVEadded 2010/06/08 10:30 p.m.67 views

CVE-2010-0485

The Windows kernel-mode drivers in win32k.sys in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista SP1 and SP2, Server 2008 Gold and SP2, Windows 7, and Server 2008 R2 "do not properly validate all callback parameters when creating a new window," which allows local users to execute...

7.8CVSS6.7AI score0.00965EPSS
CVE
CVEadded 2013/04/09 10:55 p.m.67 views

CVE-2013-1292

Race condition in win32k.sys in the kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain privileges via a crafted application that leverages improper handling of...

7.4CVSS6.4AI score0.00215EPSS
CVE
CVEadded 2017/03/17 12:59 a.m.67 views

CVE-2017-0126

Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Uniscribe Information Disclosure Vulnerability." CVE-2017-0085, CVE-2017-0091, CVE-2017-0092, CVE-...

4.3CVSS4.5AI score0.13744EPSS
CVE
CVEadded 2017/07/11 9:29 p.m.67 views

CVE-2017-8486

Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an information disclosure due to the way it handles objects in memory, aka "Win32k Information Disclosure Vulner...

4.7CVSS5AI score0.01433EPSS
CVE
CVEadded 2017/06/29 1:29 p.m.67 views

CVE-2017-8554

The kernel in Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an authenticated attacker to obtain memory contents via a specially crafted application.

4.7CVSS4.5AI score0.0127EPSS
CVE
CVEadded 2017/10/13 1:29 p.m.67 views

CVE-2017-8694

The Microsoft Windows Kernel Mode Driver on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an elevation of privilege vulnerability when it fails to prope...

7CVSS8AI score0.01133EPSS
CVE
CVEadded 2018/01/04 2:29 p.m.67 views

CVE-2018-0741

The Color Management Module (Icm32.dll) in Windows 7 SP1 and Windows Server 2008 SP2 and R2 SP1 allows an information disclosure vulnerability due to the way objects are handled in memory, aka "Microsoft Color Management Information Disclosure Vulnerability".

5.3CVSS5AI score0.17734EPSS
CVE
CVEadded 2019/07/29 1:47 p.m.67 views

CVE-2019-1099

An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1094, CVE-2019-1095, CVE-2019-1098, CVE-2019-1100, CVE-2019-1101, CVE-2019-1116.

6.5CVSS6.1AI score0.12437EPSS
CVE
CVEadded 2021/12/15 3:15 p.m.67 views

CVE-2021-43245

Windows Digital TV Tuner Elevation of Privilege Vulnerability

7.8CVSS8.6AI score0.0015EPSS
Total number of security vulnerabilities2508