Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
MicrosoftWindows Server 2008-

2587 matches found

CVE
CVEadded 2019/06/12 2:29 p.m.85 views

CVE-2019-0968

An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system.There are multiple ways an attacker could exploit ...

6.5CVSS5.9AI score0.29578EPSS
CVE
CVEadded 2020/02/11 10:15 p.m.85 views

CVE-2020-0675

An information disclosure vulnerability exists in the Cryptography Next Generation (CNG) service when it fails to properly handle objects in memory.To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application.The security update addre...

5.5CVSS5.2AI score0.00996EPSS
CVE
CVEadded 2020/03/12 4:15 p.m.85 views

CVE-2020-0845

An elevation of privilege vulnerability exists in the way that the Windows Network Connections Service handles objects in memory, aka 'Windows Network Connections Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0778, CVE-2020-0802, CVE-2020-0803, CVE-2020-0804.

7.8CVSS8.1AI score0.00549EPSS
CVE
CVEadded 2020/05/21 11:15 p.m.85 views

CVE-2020-0909

A denial of service vulnerability exists when Hyper-V on a Windows Server fails to properly handle specially crafted network packets.To exploit the vulnerability, an attacker would send specially crafted network packets to the Hyper-V Server.The security update addresses the vulnerability by resolv...

7.5CVSS8.1AI score0.12525EPSS
CVE
CVEadded 2020/04/15 3:15 p.m.85 views

CVE-2020-1005

An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory, aka 'Microsoft Graphics Component Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-0982, CVE-2020-0987.

5.5CVSS6.2AI score0.0176EPSS
CVE
CVEadded 2020/09/11 5:15 p.m.85 views

CVE-2020-1030

An elevation of privilege vulnerability exists when the Windows Print Spooler service improperly allows arbitrary writing to the file system. An attacker who successfully exploited this vulnerability could run arbitrary code with elevated system privileges. An attacker could then install programs; ...

7.8CVSS8.1AI score0.02396EPSS
CVE
CVEadded 2020/07/14 11:15 p.m.85 views

CVE-2020-1399

An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka 'Windows Runtime Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1249, CVE-2020-1353, CVE-2020-1370, CVE-2020-1404, CVE-2020-1413, CVE-2020-1414, CVE-2020-141...

7.8CVSS7.7AI score0.00378EPSS
CVE
CVEadded 2021/12/15 3:15 p.m.85 views

CVE-2021-43238

Windows Remote Access Elevation of Privilege Vulnerability

7.8CVSS8.6AI score0.00305EPSS
CVE
CVEadded 2022/09/13 7:15 p.m.85 views

CVE-2022-37964

Windows Kernel Elevation of Privilege Vulnerability

7.8CVSS8.1AI score0.00349EPSS
CVE
CVEadded 2023/02/14 8:15 p.m.85 views

CVE-2023-21702

Windows iSCSI Service Denial of Service Vulnerability

7.5CVSS7.5AI score0.03441EPSS
CVE
CVEadded 2023/07/11 6:15 p.m.85 views

CVE-2023-32035

Remote Procedure Call Runtime Denial of Service Vulnerability

7.5CVSS7.8AI score0.03672EPSS
CVE
CVEadded 2023/07/11 6:15 p.m.85 views

CVE-2023-32043

Windows Remote Desktop Security Feature Bypass Vulnerability

6.8CVSS8AI score0.00065EPSS
CVE
CVEadded 2023/07/11 6:15 p.m.85 views

CVE-2023-35309

Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability

7.5CVSS8.7AI score0.00691EPSS
CVE
CVEadded 2023/07/11 6:15 p.m.85 views

CVE-2023-35314

Remote Procedure Call Runtime Denial of Service Vulnerability

6.5CVSS7.8AI score0.03672EPSS
CVE
CVEadded 2024/07/09 5:15 p.m.85 views

CVE-2024-38048

Windows Network Driver Interface Specification (NDIS) Denial of Service Vulnerability

6.5CVSS7.8AI score0.0017EPSS
CVE
CVEadded 2024/09/10 5:15 p.m.85 views

CVE-2024-38236

DHCP Server Service Denial of Service Vulnerability

7.5CVSS8.4AI score0.23784EPSS
CVE
CVEadded 2024/09/10 5:15 p.m.85 views

CVE-2024-38258

Windows Remote Desktop Licensing Service Information Disclosure Vulnerability

7.5CVSS7.6AI score0.01408EPSS
CVE
CVEadded 2025/04/08 6:15 p.m.85 views

CVE-2025-27484

Sensitive data storage in improperly locked memory in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges over a network.

7.5CVSS7.1AI score0.00044EPSS
CVE
CVEadded 2009/10/14 10:30 a.m.84 views

CVE-2009-0091

Microsoft .NET Framework 2.0, 2.0 SP1, and 3.5 does not properly enforce a certain type-equality constraint in .NET verifiable code, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (XBAP), (2) a crafted ASP.NET application, or (3) a crafted .NET Fr...

9.3CVSS7.2AI score0.3731EPSS
CVE
CVEadded 2011/04/13 6:55 p.m.84 views

CVE-2011-0661

The SMB Server service in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly validate fields in SMB requests, which allows remote attackers to execute arbitrary code via a ...

10CVSS7.6AI score0.63002EPSS
CVE
CVEadded 2016/06/16 1:59 a.m.84 views

CVE-2016-3228

Microsoft Windows Server 2008 SP2 and R2 SP1 and Windows Server 2012 Gold and R2 allow remote authenticated users to execute arbitrary code via a crafted NetLogon request, aka "Windows Netlogon Memory Corruption Remote Code Execution Vulnerability."

9CVSS8.6AI score0.33825EPSS
CVE
CVEadded 2016/08/09 9:59 p.m.84 views

CVE-2016-3299

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allow remote attackers to hijack network traffic or bypass intended Enhanced Protected Mode (EPM) or application container prote...

5.3CVSS7AI score0.07344EPSS
CVE
CVEadded 2017/10/13 1:29 p.m.84 views

CVE-2017-11817

The Microsoft Windows Kernel component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, allows an information disclosure vulnerability when it improperly vali...

4.7CVSS6.1AI score0.03549EPSS
CVE
CVEadded 2019/06/12 2:29 p.m.84 views

CVE-2019-1009

An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system.There are multiple ways an attacker could exploit ...

6.5CVSS5.9AI score0.19682EPSS
CVE
CVEadded 2020/02/11 10:15 p.m.84 views

CVE-2020-0680

An elevation of privilege vulnerability exists in the way that the Windows Function Discovery Service handles objects in memory, aka 'Windows Function Discovery Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0679, CVE-2020-0682.

7.8CVSS8.1AI score0.00511EPSS
CVE
CVEadded 2020/03/12 4:15 p.m.84 views

CVE-2020-0781

An elevation of privilege vulnerability exists when the Windows Universal Plug and Play (UPnP) service improperly handles objects in memory, aka 'Windows UPnP Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0783.

7.8CVSS8.5AI score0.00538EPSS
CVE
CVEadded 2020/03/12 4:15 p.m.84 views

CVE-2020-0853

An information disclosure vulnerability exists in Windows when the Windows Imaging Component fails to properly handle objects in memory, aka 'Windows Imaging Component Information Disclosure Vulnerability'.

6.5CVSS7.1AI score0.27243EPSS
CVE
CVEadded 2020/04/15 3:15 p.m.84 views

CVE-2020-1014

An elevation of privilege vulnerability exists in the Microsoft Windows Update Client when it does not properly handle privileges, aka 'Microsoft Windows Update Client Elevation of Privilege Vulnerability'.

7.8CVSS8AI score0.0047EPSS
CVE
CVEadded 2020/05/21 11:15 p.m.84 views

CVE-2020-1116

An information disclosure vulnerability exists when the Windows Client Server Run-Time Subsystem (CSRSS) fails to properly handle objects in memory, aka 'Windows CSRSS Information Disclosure Vulnerability'.

5.5CVSS6.5AI score0.00505EPSS
CVE
CVEadded 2020/07/14 11:15 p.m.84 views

CVE-2020-1397

An information disclosure vulnerability exists in Windows when the Windows Imaging Component fails to properly handle objects in memory, aka 'Windows Imaging Component Information Disclosure Vulnerability'.

6.5CVSS7.1AI score0.2819EPSS
CVE
CVEadded 2023/07/11 6:15 p.m.84 views

CVE-2023-32033

Microsoft Failover Cluster Remote Code Execution Vulnerability

7.2CVSS8AI score0.00348EPSS
CVE
CVEadded 2024/10/08 6:15 p.m.84 views

CVE-2024-43589

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

8.8CVSS9.1AI score0.05181EPSS
CVE
CVEadded 2025/04/08 6:15 p.m.84 views

CVE-2025-21203

Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.

6.5CVSS6.8AI score0.00057EPSS
CVE
CVEadded 2025/01/14 6:15 p.m.84 views

CVE-2025-21210

Windows BitLocker Information Disclosure Vulnerability

4.2CVSS4.3AI score0.00077EPSS
CVE
CVEadded 2025/01/14 6:15 p.m.84 views

CVE-2025-21228

Windows Digital Media Elevation of Privilege Vulnerability

6.6CVSS6.5AI score0.00151EPSS
CVE
CVEadded 2025/01/14 6:15 p.m.84 views

CVE-2025-21231

IP Helper Denial of Service Vulnerability

7.5CVSS7.5AI score0.01098EPSS
CVE
CVEadded 2025/03/11 5:16 p.m.84 views

CVE-2025-24988

Out-of-bounds read in Windows USB Video Driver allows an authorized attacker to elevate privileges with a physical attack.

6.8CVSS6.2AI score0.00139EPSS
CVE
CVEadded 2025/04/08 6:15 p.m.84 views

CVE-2025-26686

Sensitive data storage in improperly locked memory in Windows TCP/IP allows an unauthorized attacker to execute code over a network.

7.5CVSS7.5AI score0.00174EPSS
CVE
CVEadded 2010/12/16 7:33 p.m.83 views

CVE-2010-3338

The Windows Task Scheduler in Microsoft Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly determine the security context of scheduled tasks, which allows local users to gain privileges via a crafted application, aka "Task Scheduler Vulnerability." NOT...

7.2CVSS6.2AI score0.48801EPSS
CVE
CVEadded 2015/12/09 11:59 a.m.83 views

CVE-2015-6107

The Windows font library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, Windows 10 Gold and 1511, Office 2007 SP3, Office 2010 SP2, Word Viewer, Skype for Business 2016, Lync 2010, ...

9.3CVSS7.5AI score0.52287EPSS
CVE
CVEadded 2017/11/15 3:29 a.m.83 views

CVE-2017-11851

The Windows kernel component on Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016, and Windows Server, version 1709, allows an information disclosure vulnerability when it improperl...

4.7CVSS5.3AI score0.08412EPSS
CVE
CVEadded 2019/11/12 7:15 p.m.83 views

CVE-2019-1411

An information disclosure vulnerability exists when DirectWrite improperly discloses the contents of its memory, aka 'DirectWrite Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1432.

6.5CVSS7.1AI score0.26055EPSS
CVE
CVEadded 2020/02/11 10:15 p.m.83 views

CVE-2020-0682

An elevation of privilege vulnerability exists in the way that the Windows Function Discovery Service handles objects in memory, aka 'Windows Function Discovery Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0679, CVE-2020-0680.

7.8CVSS8.1AI score0.00511EPSS
CVE
CVEadded 2020/02/11 10:15 p.m.83 views

CVE-2020-0698

An information disclosure vulnerability exists when the Telephony Service improperly discloses the contents of its memory, aka 'Windows Information Disclosure Vulnerability'.

5.5CVSS6.1AI score0.00996EPSS
CVE
CVEadded 2020/02/11 10:15 p.m.83 views

CVE-2020-0730

An elevation of privilege vulnerability exists when the Windows User Profile Service (ProfSvc) improperly handles symlinks, aka 'Windows User Profile Service Elevation of Privilege Vulnerability'.

7.1CVSS7.6AI score0.00538EPSS
CVE
CVEadded 2020/04/15 3:15 p.m.83 views

CVE-2020-1007

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-0821.

5.5CVSS6.1AI score0.00409EPSS
CVE
CVEadded 2020/09/11 5:15 p.m.83 views

CVE-2020-1097

An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise a user’s system.There are multiple ways an attacker could exploit th...

6.5CVSS6.9AI score0.18021EPSS
CVE
CVEadded 2020/09/11 5:15 p.m.83 views

CVE-2020-1589

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.To exploit this vulnerability, an attacker would have to log on to ...

5.5CVSS5.8AI score0.00435EPSS
CVE
CVEadded 2021/03/11 4:15 p.m.83 views

CVE-2021-24107

Windows Event Tracing Information Disclosure Vulnerability

5.5CVSS7AI score0.00488EPSS
CVE
CVEadded 2021/03/11 4:15 p.m.83 views

CVE-2021-26882

Remote Access API Elevation of Privilege Vulnerability

7.8CVSS8.6AI score0.06481EPSS
Total number of security vulnerabilities2587