Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
MicrosoftWindows Server 2008*

151 matches found

CVE
CVEadded 2017/03/17 12:59 a.m.325 views

CVE-2017-0055

Microsoft Internet Information Server (IIS) in Windows Vista SP2; Windows Server 2008 SP2 and R2; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to perform cross-site scripting and run scr...

6.1CVSS5.4AI score0.01387EPSS
CVE
CVEadded 2017/11/15 3:29 a.m.244 views

CVE-2017-11835

Microsoft graphics in Windows 7 SP1 and Windows Server 2008 SP2 and R2 SP1 allows an attacker to potentially read data that was not intended to be disclosed due to the way that the Microsoft Windows Embedded OpenType (EOT) font engine parses specially crafted embedded fonts, aka "Windows EOT Font E...

5.5CVSS4.7AI score0.02807EPSS
CVE
CVEadded 2017/05/12 2:29 p.m.224 views

CVE-2017-0214

Windows COM in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an elevation privilege vulnerability when Windows fails to properly validate input before l...

7CVSS5.9AI score0.91805EPSS
CVE
CVEadded 2017/07/11 9:29 p.m.224 views

CVE-2017-8563

Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an elevation of privilege vulnerability due to Kerberos falling back to NT LAN Manager (NTLM) Authentication Pro...

8.1CVSS7.1AI score0.17921EPSS
CVE
CVEadded 2017/03/17 12:59 a.m.209 views

CVE-2017-0025

The kernel-mode drivers in Microsoft Windows Vista; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allow local users to gain privileges via a crafted application, aka "Win32k E...

7.8CVSS6.2AI score0.12861EPSS
CVE
CVEadded 2017/03/17 12:59 a.m.207 views

CVE-2017-0047

The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607 allows local users to gain privileges via a crafted application, aka "Windows GDI ...

7.8CVSS6.2AI score0.12861EPSS
CVE
CVEadded 2017/07/11 9:29 p.m.181 views

CVE-2017-8582

HTTP.sys in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an information disclosure vulnerability when the component improperly handles objects in memor...

5.9CVSS5.7AI score0.12553EPSS
CVE
CVEadded 2017/08/08 9:29 p.m.170 views

CVE-2017-0174

Windows NetBIOS in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows a denial of service vulnerability when it improperly handles NetBIOS packets, aka "Windows NetBIOS De...

6.5CVSS6.9AI score0.00483EPSS
CVE
CVEadded 2017/05/12 2:29 p.m.168 views

CVE-2017-0272

The Microsoft Server Message Block 1.0 (SMBv1) server on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an attacker to execute remote code by the way it ...

9.3CVSS7.7AI score0.05522EPSS
CVE
CVEadded 2017/05/12 2:29 p.m.139 views

CVE-2017-0277

The Microsoft Server Message Block 1.0 (SMBv1) server on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an attacker to execute remote code by the way it ...

7CVSS7.7AI score0.05522EPSS
CVE
CVEadded 2017/07/11 9:29 p.m.131 views

CVE-2017-0170

Windows Performance Monitor in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an information disclosure vulnerability due to the way it parses XML input, aka "Windows ...

6.5CVSS6.1AI score0.18028EPSS
CVE
CVEadded 2017/10/13 1:29 p.m.130 views

CVE-2017-11780

The Server Message Block 1.0 (SMBv1) on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, allows a remote code execution vulnerability when it fails to properly h...

7CVSS8.4AI score0.09106EPSS
CVE
CVEadded 2017/09/13 1:29 a.m.128 views

CVE-2017-0161

The Windows NetBT Session Services component on Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows a remote code execution vulnerability when it fails to maintain ce...

8.1CVSS7.7AI score0.14352EPSS
CVE
CVEadded 2017/02/20 4:59 p.m.127 views

CVE-2017-0038

gdi32.dll in Graphics Device Interface (GDI) in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 allows remote attackers to obtain sensitive information from process heap...

5.5CVSS4.7AI score0.82234EPSS
CVE
CVEadded 2017/04/12 2:59 p.m.127 views

CVE-2017-0158

An elevation of privilege vulnerability exists when Microsoft Windows running on Windows 10, Windows 10 1511, Windows 8.1 Windows RT 8.1, and Windows Server 2012 R2 fails to properly sanitize handles in memory, aka "Scripting Engine Memory Corruption Vulnerability."

7.6CVSS7.5AI score0.20303EPSS
CVE
CVEadded 2017/07/11 9:29 p.m.123 views

CVE-2017-8565

Windows PowerShell in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows a remote code execution vulnerability when PSObject wraps a CIM Instance, aka "Windows PowerShell ...

9.3CVSS7.3AI score0.38264EPSS
CVE
CVEadded 2017/05/12 2:29 p.m.119 views

CVE-2017-0269

The Microsoft Server Message Block 1.0 (SMBv1) allows denial of service when an attacker sends specially crafted requests to the server, aka "Windows SMB Denial of Service Vulnerability". This CVE ID is unique from CVE-2017-0273 and CVE-2017-0280.

5.9CVSS6.2AI score0.09629EPSS
CVE
CVEadded 2017/04/12 2:59 p.m.118 views

CVE-2017-0181

A remote code execution vulnerability exists when Windows Hyper-V Network Switch running on a Windows 10 or Windows Server 2016 host server fails to properly validate input from an authenticated user on a guest operating system, aka "Hyper-V Remote Code Execution Vulnerability." This CVE ID is uniq...

7.6CVSS7.8AI score0.00421EPSS
CVE
CVEadded 2017/10/13 1:29 p.m.114 views

CVE-2017-11771

The Microsoft Windows Search component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows a remote code execution vulnerability when it fails to properly ...

10CVSS9.6AI score0.65606EPSS
CVE
CVEadded 2017/05/12 2:29 p.m.113 views

CVE-2017-0279

The Microsoft Server Message Block 1.0 (SMBv1) server on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an attacker to execute remote code by the way it ...

7CVSS7.7AI score0.05522EPSS
CVE
CVEadded 2017/03/17 12:59 a.m.112 views

CVE-2017-0099

Hyper-V in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and 2008 R2; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows guest OS users, running as virtual machines, to cause a denial of service via a crafted applicati...

5.4CVSS5.2AI score0.00651EPSS
CVE
CVEadded 2017/03/17 12:59 a.m.111 views

CVE-2017-0114

Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Uniscribe Information Disclosure Vulnerability." CVE-2017-0085, CVE-2017-0091, CVE-2017-0092, CVE-...

4.3CVSS4.5AI score0.13744EPSS
CVE
CVEadded 2017/03/17 12:59 a.m.109 views

CVE-2017-0062

The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607 allows remote attackers to obtain sensitive information from process memory via a ...

4.7CVSS4.3AI score0.14618EPSS
CVE
CVEadded 2017/04/12 2:59 p.m.108 views

CVE-2017-0180

A remote code execution vulnerability exists when Windows Hyper-V Network Switch running on a host server fails to properly validate input from an authenticated user on a guest operating system, aka "Hyper-V Remote Code Execution Vulnerability." This CVE ID is unique from CVE-2017-0162, CVE-2017-01...

7.6CVSS7.9AI score0.00421EPSS
CVE
CVEadded 2017/03/17 12:59 a.m.105 views

CVE-2017-0087

Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to execute arbitrary code via a crafted web site, aka "Uniscribe Remote Code Execution Vulnerability." This vulnerability is different from those described in CVE-2017-0072, CVE-2...

9.3CVSS7.4AI score0.67088EPSS
CVE
CVEadded 2017/05/12 2:29 p.m.105 views

CVE-2017-0275

Microsoft Server Message Block 1.0 (SMBv1) allows an information disclosure vulnerability in the way that Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 handles...

5.9CVSS6.1AI score0.27804EPSS
CVE
CVEadded 2017/04/12 2:59 p.m.103 views

CVE-2017-0166

An elevation of privilege vulnerability exists in Windows when LDAP request buffer lengths are improperly calculated. In a remote attack scenario, an attacker could exploit this vulnerability by running a specially crafted application to send malicious traffic to a Domain Controller, aka "LDAP Elev...

9.3CVSS7.9AI score0.01531EPSS
CVE
CVEadded 2017/05/12 2:29 p.m.103 views

CVE-2017-0280

The Microsoft Server Message Block 1.0 (SMBv1) allows denial of service when an attacker sends specially crafted requests to the server, aka "Windows SMB Denial of Service Vulnerability". This CVE ID is unique from CVE-2017-0269 and CVE-2017-0273.

7.1CVSS6.2AI score0.09629EPSS
CVE
CVEadded 2017/09/13 1:29 a.m.103 views

CVE-2017-8676

The Windows Graphics Device Interface (GDI) in Microsoft Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, 1607, 1703, and Server 2016; Office 2007 SP3; Office 2010 SP2; Word Viewer; Office for Mac 2011 and 2016; ...

3.3CVSS4.9AI score0.02784EPSS
CVE
CVEadded 2017/05/12 2:29 p.m.102 views

CVE-2017-0276

Microsoft Server Message Block 1.0 (SMBv1) allows an information disclosure vulnerability in the way that Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 handles...

5.9CVSS6.1AI score0.27804EPSS
CVE
CVEadded 2017/07/11 9:29 p.m.101 views

CVE-2017-8577

Win32k in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an elevation of privilege vulnerability when it fails to properly handle objects in memory, aka ...

7CVSS6.9AI score0.12071EPSS
CVE
CVEadded 2017/05/12 2:29 p.m.100 views

CVE-2017-0077

The kernel-mode drivers in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allow a local authenticated attacker to execute a specially crafted application to obtain informatio...

7.8CVSS7.4AI score0.04643EPSS
CVE
CVEadded 2017/04/12 2:59 p.m.100 views

CVE-2017-0182

A denial of service vulnerability exists when Microsoft Hyper-V Network Switch running on a Windows 10, Windows Server 2008 R2, Windows 8.1, Windows Server 2012 R2, or Windows Server 2016 host server fails to properly validate input from a privileged user on a guest operating system, aka "Hyper-V D...

6.3CVSS5.9AI score0.00584EPSS
CVE
CVEadded 2017/05/12 2:29 p.m.100 views

CVE-2017-0278

The Microsoft Server Message Block 1.0 (SMBv1) server on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an attacker to execute remote code by the way it ...

7CVSS7.7AI score0.05522EPSS
CVE
CVEadded 2017/04/12 2:59 p.m.99 views

CVE-2017-0184

A denial of service vulnerability exists when Microsoft Hyper-V running on a host server fails to properly validate input from a privileged user on a guest operating system, aka "Hyper-V Denial of Service Vulnerability." This CVE ID is unique from CVE-2017-0178, CVE-2017-0179, CVE-2017-0182, CVE-20...

5.4CVSS5.7AI score0.00584EPSS
CVE
CVEadded 2017/06/15 1:29 a.m.99 views

CVE-2017-0260

A remote code execution vulnerability exists in Microsoft Office when the software fails to properly handle objects in memory, aka "Office Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-8509, CVE-2017-8510, CVE-2017-8511, CVE-2017-8512, and CVE-2017-8506.

9.3CVSS6.8AI score0.36403EPSS
CVE
CVEadded 2017/06/15 1:29 a.m.99 views

CVE-2017-8528

Uniscribe in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, Windows Server 2016, Microsoft Office 2007 SP3, and Microsoft Office 2010 SP2 allows a remote code execution vulnerability due to the way it han...

9.3CVSS5.9AI score0.55105EPSS
CVE
CVEadded 2017/05/12 2:29 p.m.98 views

CVE-2017-0245

The kernel-mode drivers in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1 and Windows Server 2012 Gold allow a local authenticated attacker to execute a specially crafted application to obtain kernel information, aka "Win32k Information Disclosure Vulnerability."

4.7CVSS5.5AI score0.19638EPSS
CVE
CVEadded 2017/05/12 2:29 p.m.98 views

CVE-2017-0273

The Microsoft Server Message Block 1.0 (SMBv1) allows denial of service when an attacker sends specially crafted requests to the server, aka "Windows SMB Denial of Service Vulnerability". This CVE ID is unique from CVE-2017-0269 and CVE-2017-0280.

5.9CVSS6.2AI score0.09629EPSS
CVE
CVEadded 2017/06/15 1:29 a.m.98 views

CVE-2017-8534

Uniscribe in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, Windows Server 2016, Microsoft Office 2007 SP3, and Microsoft Office 2010 SP2 allows improper disclosure of memory contents, aka "Windows Uniscr...

6.5CVSS5AI score0.17084EPSS
CVE
CVEadded 2017/09/13 1:29 a.m.98 views

CVE-2017-8696

Windows Uniscribe in Microsoft Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Office 2007 SP3; Office 2010 SP2; Word Viewer; Office for Mac 2011 and 2016; Skype for Business 2016; Lync 2013 SP1; Lync 2010; Lync 2010 Attendee; and Live Meeting 2007 Add-in and Console allows an attacker to execut...

7.6CVSS7AI score0.21457EPSS
CVE
CVEadded 2017/03/17 12:59 a.m.97 views

CVE-2017-0045

Windows DVD Maker in Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, and Windows Vista SP2 does not properly parse crafted .msdvd files, which allows attackers to obtain information to compromise a target system, aka "Windows DVD Maker Cross-Site Request Forgery Vulnerability."

5.5CVSS5.1AI score0.05478EPSS
CVE
CVEadded 2017/03/17 12:59 a.m.97 views

CVE-2017-0050

The kernel API in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7; Windows 8; Windows 10 Gold, 1511, and 1607; Windows RT 8.1; Windows Server 2012 Gold and R2; and Windows Server 2016 does not properly enforce permissions, which allows local users to spoof processes, spoo...

7.8CVSS5.7AI score0.03663EPSS
CVE
CVEadded 2017/05/12 2:29 p.m.97 views

CVE-2017-0220

The Windows kernel in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, and Windows Server 2012 Gold allows authenticated attackers to obtain sensitive information via a specially crafted document, aka "Windows Kernel Information Disclosure Vulnerability," a different vulnerability than CVE-2017-0...

4.7CVSS4.2AI score0.04995EPSS
CVE
CVEadded 2017/06/15 1:29 a.m.97 views

CVE-2017-0299

The kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an authenticated attacker to obtain information via a specially crafted application. aka "Window...

5CVSS4.9AI score0.15731EPSS
CVE
CVEadded 2017/11/15 3:29 a.m.97 views

CVE-2017-11847

Windows kernel in Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and RT1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016, and Windows Server, version 1709 allows an attacker to run arbitrary code in kernel mode, install programs, view, c...

9.3CVSS7.6AI score0.14281EPSS
CVE
CVEadded 2017/06/15 1:29 a.m.97 views

CVE-2017-8533

Graphics in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows improper disclosure of memory contents, aka "Graphics Uniscribe Information Disclosure Vulnerability". This ...

6.5CVSS5.1AI score0.24455EPSS
CVE
CVEadded 2017/03/17 12:59 a.m.96 views

CVE-2017-0056

The kernel-mode drivers in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allow local users to gain privileges via a crafted application, aka "Win3...

7.8CVSS6AI score0.06734EPSS
CVE
CVEadded 2017/03/17 12:59 a.m.95 views

CVE-2017-0072

Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to execute arbitrary code via a crafted web site, aka "Uniscribe Remote Code Execution Vulnerability." This vulnerability is different from those described in CVE-2017-0083, CVE-2...

9.3CVSS7.4AI score0.67088EPSS
CVE
CVEadded 2017/09/13 1:29 a.m.95 views

CVE-2017-8681

The Windows kernel component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an information disclosure vulnerability when it improperly handles objects...

5.5CVSS5.4AI score0.26895EPSS
Total number of security vulnerabilities151