Windows Server 2008@* Security Vulnerabilities and Issues — Windows Server 2008@* CVE List

CVE•added 2020/03/12 4:15 p.m.•1420 views

CVE-2020-0787

An elevation of privilege vulnerability exists when the Windows Background Intelligent Transfer Service (BITS) improperly handles symbolic links, aka 'Windows Background Intelligent Transfer Service Elevation of Privilege Vulnerability'.

7.8CVSS8.5AI score0.57196EPSS

In wildWeb

CVE•added 2020/04/15 3:15 p.m.•1208 views

CVE-2020-1020

A remote code execution vulnerability exists in Microsoft Windows when the Windows Adobe Type Manager Library improperly handles a specially-crafted multi-master font - Adobe Type 1 PostScript format.For all systems except Windows 10, an attacker who successfully exploited the vulnerability could e...

8.8CVSS8.2AI score0.8787EPSS

CVE•added 2020/02/11 10:15 p.m.•1204 views

CVE-2020-0683

An elevation of privilege vulnerability exists in the Windows Installer when MSI packages process symbolic links, aka 'Windows Installer Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0686.

7.8CVSS8AI score0.30475EPSS

CVE•added 2020/05/21 11:15 p.m.•1181 views

CVE-2020-1054

An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1143.

7.8CVSS7.8AI score0.76297EPSS

CVE•added 2020/07/14 11:15 p.m.•1110 views

CVE-2020-1040

A remote code execution vulnerability exists when Hyper-V RemoteFX vGPU on a host server fails to properly validate input from an authenticated user on a guest operating system, aka 'Hyper-V RemoteFX vGPU Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1032, CVE-2020-1036,...

CVE•added 2020/04/15 3:15 p.m.•1071 views

CVE-2020-0938

7.8CVSS8.2AI score0.8787EPSS

CVE•added 2020/04/15 3:15 p.m.•1064 views

CVE-2020-1027

An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0913, CVE-2020-1000, CVE-2020-1003.

7.8CVSS8AI score0.13961EPSS

CVE•added 2020/11/11 7:15 a.m.•970 views

CVE-2020-17049

A security feature bypass vulnerability exists in the way Key Distribution Center (KDC) determines if a service ticket can be used for delegation via Kerberos Constrained Delegation (KCD).To exploit the vulnerability, a compromised service that is configured to use KCD could tamper with a service t...

9CVSS6.8AI score0.21753EPSS

CVE•added 2020/03/12 4:15 p.m.•371 views

CVE-2020-0645

A tampering vulnerability exists when Microsoft IIS Server improperly handles malformed request headers, aka 'Microsoft IIS Server Tampering Vulnerability'.

7.5CVSS8.2AI score0.08197EPSS

CVE•added 2020/07/14 11:15 p.m.•275 views

CVE-2020-1036

CVE•added 2020/01/14 11:15 p.m.•271 views

CVE-2020-0611

A remote code execution vulnerability exists in the Windows Remote Desktop Client when a user connects to a malicious server, aka 'Remote Desktop Client Remote Code Execution Vulnerability'.

7.5CVSS8.8AI score0.14967EPSS

CVE•added 2020/05/21 11:15 p.m.•266 views

CVE-2020-1048

An elevation of privilege vulnerability exists when the Windows Print Spooler service improperly allows arbitrary writing to the file system, aka 'Windows Print Spooler Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1070.

7.8CVSS7.7AI score0.76161EPSS

CVE•added 2020/07/14 11:15 p.m.•263 views

CVE-2020-1032

CVE•added 2020/07/14 11:15 p.m.•256 views

CVE-2020-1042

CVE•added 2020/06/09 8:15 p.m.•241 views

CVE-2020-1246

An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0986, CVE-2020-1237, CVE-2020-1262, CVE-2020-1264, CVE-2020-1266, CVE-2020-1269, CVE-2020...

7.8CVSS7.7AI score0.17136EPSS

CVE•added 2020/06/09 8:15 p.m.•241 views

CVE-2020-1262

An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0986, CVE-2020-1237, CVE-2020-1246, CVE-2020-1264, CVE-2020-1266, CVE-2020-1269, CVE-2020...

7.8CVSS7.7AI score0.17136EPSS

CVE•added 2020/07/14 11:15 p.m.•236 views

CVE-2020-1043

CVE•added 2020/07/14 11:15 p.m.•231 views

CVE-2020-1041

CVE•added 2020/02/11 10:15 p.m.•229 views

CVE-2020-0686

7.8CVSS8AI score0.30475EPSS

CVE•added 2020/05/21 11:15 p.m.•225 views

CVE-2020-1143

7.8CVSS7.8AI score0.76297EPSS

CVE•added 2020/06/09 8:15 p.m.•225 views

CVE-2020-1299

A remote code execution vulnerability exists in Microsoft Windows that could allow remote code execution if a .LNK file is processed.An attacker who successfully exploited this vulnerability could gain the same user rights as the local user, aka 'LNK Remote Code Execution Vulnerability'.

9.3CVSS8.4AI score0.32912EPSS

CVE•added 2020/06/09 8:15 p.m.•224 views

CVE-2020-1301

A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 1.0 (SMBv1) server handles certain requests, aka 'Windows SMB Remote Code Execution Vulnerability'.

8.8CVSS8.5AI score0.34234EPSS

CVE•added 2020/06/09 8:15 p.m.•222 views

CVE-2020-1300

A remote code execution vulnerability exists when Microsoft Windows fails to properly handle cabinet files.To exploit the vulnerability, an attacker would have to convince a user to either open a specially crafted cabinet file or spoof a network printer and trick a user into installing a malicious ...

8.8CVSS8.3AI score0.40477EPSS

CVE•added 2020/02/11 10:15 p.m.•207 views

CVE-2020-0668

7.8CVSS7.7AI score0.81077EPSS

CVE•added 2020/01/14 11:15 p.m.•183 views

CVE-2020-0642

An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0624.

7.8CVSS8.5AI score0.15527EPSS

CVE•added 2020/02/11 10:15 p.m.•183 views

CVE-2020-0662

A remote code execution vulnerability exists in the way that Windows handles objects in memory, aka 'Windows Remote Code Execution Vulnerability'.

9CVSS8.4AI score0.34804EPSS

CVE•added 2020/07/14 11:15 p.m.•168 views

CVE-2020-1421

9.3CVSS9.1AI score0.47986EPSS

CVE•added 2020/06/09 8:15 p.m.•160 views

CVE-2020-1281

A remote code execution vulnerability exists when Microsoft Windows OLE fails to properly validate user input, aka 'Windows OLE Remote Code Execution Vulnerability'.

8.8CVSS8.5AI score0.30214EPSS

CVE•added 2020/01/14 11:15 p.m.•150 views

CVE-2020-0635

An elevation of privilege vulnerability exists in Microsoft Windows when Windows fails to properly handle certain symbolic links, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0644.

7.8CVSS8.4AI score0.00404EPSS

CVE•added 2020/04/15 3:15 p.m.•142 views

CVE-2020-1015

An elevation of privilege vulnerability exists in the way that the User-Mode Power Service (UMPS) handles objects in memory, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0934, CVE-2020-0983, CVE-2020-1009, CVE-2020-1011.

7.8CVSS7.8AI score0.08877EPSS

CVE•added 2020/01/14 11:15 p.m.•140 views

CVE-2020-0625

An elevation of privilege vulnerability exists in the way that the Windows Search Indexer handles objects in memory, aka 'Windows Search Indexer Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0613, CVE-2020-0614, CVE-2020-0623, CVE-2020-0626, CVE-2020-0627, CVE-2020-0628...

CVE•added 2020/02/11 10:15 p.m.•139 views

CVE-2020-0738

A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory, aka 'Media Foundation Memory Corruption Vulnerability'.

9.3CVSS8.6AI score0.21773EPSS

CVE•added 2020/12/10 12:15 a.m.•136 views

CVE-2020-17140

Windows SMB Information Disclosure Vulnerability

8.1CVSS6.8AI score0.20121EPSS

CVE•added 2020/01/14 11:15 p.m.•134 views

CVE-2020-0608

An information disclosure vulnerability exists when the win32k component improperly provides kernel information, aka 'Win32k Information Disclosure Vulnerability'.

5.5CVSS6.4AI score0.00978EPSS

CVE•added 2020/01/14 11:15 p.m.•133 views

CVE-2020-0607

An information disclosure vulnerability exists in the way that Microsoft Graphics Components handle objects in memory, aka 'Microsoft Graphics Components Information Disclosure Vulnerability'.

5.5CVSS6.5AI score0.175EPSS

CVE•added 2020/01/14 11:15 p.m.•132 views

CVE-2020-0630

CVE•added 2020/02/11 10:15 p.m.•132 views

CVE-2020-0729

8.8CVSS8.2AI score0.29862EPSS

CVE•added 2020/01/14 11:15 p.m.•131 views

CVE-2020-0639

An information disclosure vulnerability exists in the Windows Common Log File System (CLFS) driver when it fails to properly handle objects in memory, aka 'Windows Common Log File System Driver Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-0615.

5.5CVSS6.6AI score0.00681EPSS

CVE•added 2020/05/21 11:15 p.m.•127 views

CVE-2020-1113

A security feature bypass vulnerability exists in Microsoft Windows when the Task Scheduler service fails to properly verify client connections over RPC, aka 'Windows Task Scheduler Security Feature Bypass Vulnerability'.

9.3CVSS8.2AI score0.01508EPSS

CVE•added 2020/06/09 8:15 p.m.•126 views

CVE-2020-1239

A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory, aka 'Media Foundation Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-1238.

8.8CVSS8.3AI score0.30475EPSS

CVE•added 2020/01/14 11:15 p.m.•125 views

CVE-2020-0634

An elevation of privilege vulnerability exists when the Windows Common Log File System (CLFS) driver improperly handles objects in memory, aka 'Windows Common Log File System Driver Elevation of Privilege Vulnerability'.

7.8CVSS8.5AI score0.00513EPSS

CVE•added 2020/04/15 3:15 p.m.•125 views

CVE-2020-0687

A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts, aka 'Microsoft Graphics Remote Code Execution Vulnerability'.

9.3CVSS8.8AI score0.6501EPSS

CVE•added 2020/01/14 11:15 p.m.•123 views

CVE-2020-0626

CVE•added 2020/01/14 11:15 p.m.•123 views

CVE-2020-0632

CVE•added 2020/05/21 11:15 p.m.•122 views

CVE-2020-1112

An elevation of privilege vulnerability exists when the Windows Background Intelligent Transfer Service (BITS) IIS module improperly handles uploaded content, aka 'Windows Background Intelligent Transfer Service Elevation of Privilege Vulnerability'.

9.9CVSS8.5AI score0.01365EPSS

CVE•added 2020/02/11 10:15 p.m.•118 views

CVE-2020-0665

An elevation of privilege vulnerability exists in Active Directory Forest trusts due to a default setting that lets an attacker in the trusting forest request delegation of a TGT for an identity from the trusted forest, aka 'Active Directory Elevation of Privilege Vulnerability'.

8.1CVSS8.1AI score0.13129EPSS

CVE•added 2020/05/21 11:15 p.m.•118 views

CVE-2020-1070

7.8CVSS7.7AI score0.76161EPSS