Windows Server 2008@- Security Vulnerabilities and Issues — Page 33 of Windows Server 2008@- CVE List

The Common Language Runtime (CLR) in Microsoft .NET Framework 2.0, 2.0 SP1, 2.0 SP2, 3.5, and 3.5 SP1, and Silverlight 2, does not properly handle interfaces, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (XBAP), (2) a crafted Silverlight applica...

9.3CVSS7.2AI score0.34898EPSS

CVE•added 2017/09/13 1:29 a.m.•93 views

CVE-2017-8682

Windows graphics on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, Windows Server 2016, Microsoft Office Word Viewer, Microsoft Office 2007 Service Pack 3 , and Microsoft Office 2010 S...

9.3CVSS7.3AI score0.66013EPSS

CVE•added 2019/08/14 9:15 p.m.•93 views

CVE-2019-1187

A denial of service vulnerability exists when the XmlLite runtime (XmlLite.dll) improperly parses XML input. An attacker who successfully exploited this vulnerability could cause a denial of service against an XML application.A remote unauthenticated attacker could exploit this vulnerability by iss...

5.5CVSS7AI score0.03246EPSS

CVE•added 2020/01/14 11:15 p.m.•93 views

CVE-2020-0627

An elevation of privilege vulnerability exists in the way that the Windows Search Indexer handles objects in memory, aka 'Windows Search Indexer Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0613, CVE-2020-0614, CVE-2020-0623, CVE-2020-0625, CVE-2020-0626, CVE-2020-0628...

7.8CVSS7.7AI score0.00511EPSS

CVE•added 2020/09/11 5:15 p.m.•93 views

CVE-2020-0782

An elevation of privilege vulnerability exists when the Windows Cryptographic Catalog Services improperly handle objects in memory. An attacker who successfully exploited this vulnerability could modify the cryptographic catalog.To exploit this vulnerability, an attacker would first have to log on ...

7.8CVSS8.1AI score0.00726EPSS

CVE•added 2020/03/12 4:15 p.m.•93 views

CVE-2020-0849

An elevation of privilege vulnerability exists when Windows improperly handles hard links, aka 'Windows Hard Link Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0840, CVE-2020-0841, CVE-2020-0896.

7.8CVSS7.5AI score0.00397EPSS

CVE•added 2020/03/12 4:15 p.m.•93 views

CVE-2020-0883

A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory, aka 'GDI+ Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0881.

9.3CVSS8.8AI score0.5256EPSS

CVE•added 2020/04/15 3:15 p.m.•93 views

CVE-2020-0958

An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0956, CVE-2020-0957.

7.8CVSS8AI score0.00274EPSS

CVE•added 2020/04/15 3:15 p.m.•93 views

CVE-2020-1094

An elevation of privilege vulnerability exists when the Windows Work Folder Service improperly handles file operations, aka 'Windows Work Folder Service Elevation of Privilege Vulnerability'.

7.8CVSS8AI score0.00404EPSS

CVE•added 2020/05/21 11:15 p.m.•93 views

CVE-2020-1153

A remote code execution vulnerability exists in the way that Microsoft Graphics Components handle objects in memory, aka 'Microsoft Graphics Components Remote Code Execution Vulnerability'.

9.3CVSS8.8AI score0.35463EPSS

CVE•added 2020/07/14 11:15 p.m.•93 views

CVE-2020-1407

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1400, CVE-2020-1401.

9.3CVSS8.4AI score0.35463EPSS

CVE•added 2021/01/12 8:15 p.m.•93 views

CVE-2021-1661

Windows Installer Elevation of Privilege Vulnerability

7.8CVSS8.1AI score0.0044EPSS

CVE•added 2021/02/25 11:15 p.m.•93 views

CVE-2021-1734

Windows Remote Procedure Call Information Disclosure Vulnerability

7.5CVSS8.3AI score0.12209EPSS

CVE•added 2023/05/31 7:15 p.m.•93 views

CVE-2022-35751

Windows Hyper-V Elevation of Privilege Vulnerability

7.8CVSS8.6AI score0.05498EPSS

CVE•added 2022/10/11 7:15 p.m.•93 views

CVE-2022-37997

Windows Graphics Component Elevation of Privilege Vulnerability

7.8CVSS8.1AI score0.00255EPSS

CVE•added 2023/04/11 9:15 p.m.•93 views

CVE-2023-28278

Windows DNS Server Remote Code Execution Vulnerability

6.6CVSS6.8AI score0.00246EPSS

CVE•added 2023/07/11 6:15 p.m.•93 views

CVE-2023-33167

Remote Procedure Call Runtime Denial of Service Vulnerability

7.5CVSS7.8AI score0.03672EPSS

CVE•added 2024/06/11 5:15 p.m.•93 views

CVE-2024-30082

Win32k Elevation of Privilege Vulnerability

7.8CVSS8.7AI score0.00288EPSS

CVE•added 2024/06/11 5:15 p.m.•93 views

CVE-2024-30094

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

7.8CVSS8.8AI score0.00982EPSS

CVE•added 2024/07/09 5:15 p.m.•93 views

CVE-2024-38054

Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability

7.8CVSS8.6AI score0.20179EPSS

CVE•added 2024/08/13 6:15 p.m.•93 views

CVE-2024-38116

Windows IP Routing Management Snapin Remote Code Execution Vulnerability

8.8CVSS9AI score0.12398EPSS

CVE•added 2024/08/13 6:15 p.m.•93 views

CVE-2024-38130

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

8.8CVSS9AI score0.05008EPSS

CVE•added 2024/11/12 6:15 p.m.•93 views

CVE-2024-43452

Windows Registry Elevation of Privilege Vulnerability

7.5CVSS7.5AI score0.02205EPSS

CVE•added 2025/01/14 6:15 p.m.•93 views

CVE-2025-21215

Secure Boot Security Feature Bypass Vulnerability

4.6CVSS4.7AI score0.00104EPSS

CVE•added 2016/12/20 6:59 a.m.•92 views

CVE-2016-7295

The Common Log File System (CLFS) driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows local users to obtain sensitive information from ...

5.5CVSS4.8AI score0.00708EPSS

CVE•added 2017/06/15 1:29 a.m.•92 views

CVE-2017-0282

Uniscribe in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, Windows Server 2016, Microsoft Office 2007 SP3, and Microsoft Office 2010 SP2 allows improper disclosure of memory contents, aka "Windows ...

5CVSS4.9AI score0.17084EPSS

CVE•added 2017/06/15 1:29 a.m.•92 views

CVE-2017-0284

5CVSS4.9AI score0.17084EPSS

CVE•added 2017/11/15 3:29 a.m.•92 views

CVE-2017-11880

Windows kernel in Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an attacker to run a specially crafted application and obtain information to further compromise the user's s...

4.7CVSS5.2AI score0.01334EPSS

CVE•added 2019/03/06 12:0 a.m.•92 views

CVE-2019-0664

An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0602, CVE-2019-0615, CVE-2019-0616, CVE-2019-0619, CVE-2019-0660.

6.5CVSS7.2AI score0.2251EPSS

CVE•added 2019/09/11 10:15 p.m.•92 views

CVE-2019-1247

9.3CVSS8.5AI score0.35463EPSS

CVE•added 2020/03/12 4:15 p.m.•92 views

CVE-2020-0771

An elevation of privilege vulnerability exists when the Windows CSC Service improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows CSC Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-20...

7.8CVSS8.7AI score0.00656EPSS

CVE•added 2020/09/11 5:15 p.m.•92 views

CVE-2020-0838

An elevation of privilege vulnerability exists when NTFS improperly checks access. An attacker who successfully exploited this vulnerability could run processes in an elevated context.To exploit the vulnerability, an attacker would first have to log on to the system, and then run a specially crafte...

7.8CVSS8AI score0.00726EPSS

CVE•added 2020/04/15 3:15 p.m.•92 views

CVE-2020-0952

An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'.

6.5CVSS6.7AI score0.24614EPSS

CVE•added 2020/05/21 11:15 p.m.•92 views

CVE-2020-1176

9.3CVSS8AI score0.35463EPSS

CVE•added 2020/06/09 8:15 p.m.•92 views

CVE-2020-1302

An elevation of privilege vulnerability exists in Windows Installer because of the way Windows Installer handles certain filesystem operations.To exploit the vulnerability, an attacker would require unprivileged execution on the victim system, aka 'Windows Installer Elevation of Privilege Vulnerabi...

7.8CVSS8.1AI score0.00889EPSS

CVE•added 2020/06/09 8:15 p.m.•92 views

CVE-2020-1348

An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'.

6.5CVSS6.7AI score0.22806EPSS

CVE•added 2020/09/11 5:15 p.m.•92 views

CVE-2020-1598

An elevation of privilege vulnerability exists when the Windows Universal Plug and Play (UPnP) service improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code with elevated system privileges. An attacker could then install programs; v...

7.8CVSS7.4AI score0.01512EPSS

CVE•added 2021/01/12 8:15 p.m.•92 views

CVE-2021-1652

Windows CSC Service Elevation of Privilege Vulnerability

7.8CVSS8.1AI score0.00313EPSS

CVE•added 2021/01/12 8:15 p.m.•92 views

CVE-2021-1688

Windows CSC Service Elevation of Privilege Vulnerability

7.8CVSS8.1AI score0.00256EPSS

CVE•added 2021/01/12 8:15 p.m.•92 views

CVE-2021-1708

Windows GDI+ Information Disclosure Vulnerability