Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
MicrosoftWindows Server 2008-

2548 matches found

CVE
CVEadded 2023/07/11 6:15 p.m.84 views

CVE-2023-32043

Windows Remote Desktop Security Feature Bypass Vulnerability

6.8CVSS8AI score0.00065EPSS
CVE
CVEadded 2023/07/11 6:15 p.m.84 views

CVE-2023-35314

Remote Procedure Call Runtime Denial of Service Vulnerability

6.5CVSS7.8AI score0.03672EPSS
CVE
CVEadded 2024/07/09 5:15 p.m.84 views

CVE-2024-38048

Windows Network Driver Interface Specification (NDIS) Denial of Service Vulnerability

6.5CVSS7.8AI score0.00418EPSS
CVE
CVEadded 2024/09/10 5:15 p.m.84 views

CVE-2024-38236

DHCP Server Service Denial of Service Vulnerability

7.5CVSS8.4AI score0.21089EPSS
CVE
CVEadded 2024/09/10 5:15 p.m.84 views

CVE-2024-38258

Windows Remote Desktop Licensing Service Information Disclosure Vulnerability

7.5CVSS7.6AI score0.01264EPSS
CVE
CVEadded 2025/01/14 6:15 p.m.84 views

CVE-2025-21233

Windows Telephony Service Remote Code Execution Vulnerability

8.8CVSS9AI score0.00461EPSS
CVE
CVEadded 2025/01/14 6:15 p.m.84 views

CVE-2025-21338

GDI+ Remote Code Execution Vulnerability

7.8CVSS7.9AI score0.00266EPSS
CVE
CVEadded 2025/02/11 6:15 p.m.84 views

CVE-2025-21371

Windows Telephony Service Remote Code Execution Vulnerability

8.8CVSS8.8AI score0.00675EPSS
CVE
CVEadded 2009/10/14 10:30 a.m.83 views

CVE-2009-0091

Microsoft .NET Framework 2.0, 2.0 SP1, and 3.5 does not properly enforce a certain type-equality constraint in .NET verifiable code, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (XBAP), (2) a crafted ASP.NET application, or (3) a crafted .NET Fr...

9.3CVSS7.2AI score0.3731EPSS
CVE
CVEadded 2014/02/12 4:50 a.m.83 views

CVE-2014-0266

The XMLHTTP ActiveX controls in XML Core Services 3.0 in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow remote attackers to by...

7.1CVSS6.3AI score0.3746EPSS
CVE
CVEadded 2015/08/15 12:59 a.m.83 views

CVE-2015-2456

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, Windows 10, Office 2007 SP3 and 2010 SP2, Live Meeting 2007 Console, Lync 2010, Lync 2010 Attendee, Lync 2013 SP1, Lync Basic 2013 SP1, S...

9.3CVSS7.3AI score0.57455EPSS
CVE
CVEadded 2016/06/16 1:59 a.m.83 views

CVE-2016-3228

Microsoft Windows Server 2008 SP2 and R2 SP1 and Windows Server 2012 Gold and R2 allow remote authenticated users to execute arbitrary code via a crafted NetLogon request, aka "Windows Netlogon Memory Corruption Remote Code Execution Vulnerability."

9CVSS8.6AI score0.33275EPSS
CVE
CVEadded 2016/08/09 9:59 p.m.83 views

CVE-2016-3299

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allow remote attackers to hijack network traffic or bypass intended Enhanced Protected Mode (EPM) or application container prote...

5.3CVSS7AI score0.07344EPSS
CVE
CVEadded 2017/10/13 1:29 p.m.83 views

CVE-2017-11817

The Microsoft Windows Kernel component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, allows an information disclosure vulnerability when it improperly vali...

4.7CVSS6.1AI score0.03549EPSS
CVE
CVEadded 2019/06/12 2:29 p.m.83 views

CVE-2019-0960

An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; o...

7.8CVSS7.8AI score0.00167EPSS
CVE
CVEadded 2019/06/12 2:29 p.m.83 views

CVE-2019-1009

An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system.There are multiple ways an attacker could exploit ...

6.5CVSS5.9AI score0.19682EPSS
CVE
CVEadded 2020/02/11 10:15 p.m.83 views

CVE-2020-0680

An elevation of privilege vulnerability exists in the way that the Windows Function Discovery Service handles objects in memory, aka 'Windows Function Discovery Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0679, CVE-2020-0682.

7.8CVSS8.1AI score0.00511EPSS
CVE
CVEadded 2020/03/12 4:15 p.m.83 views

CVE-2020-0781

An elevation of privilege vulnerability exists when the Windows Universal Plug and Play (UPnP) service improperly handles objects in memory, aka 'Windows UPnP Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0783.

7.8CVSS8.5AI score0.00538EPSS
CVE
CVEadded 2020/05/21 11:15 p.m.83 views

CVE-2020-0909

A denial of service vulnerability exists when Hyper-V on a Windows Server fails to properly handle specially crafted network packets.To exploit the vulnerability, an attacker would send specially crafted network packets to the Hyper-V Server.The security update addresses the vulnerability by resolv...

7.5CVSS8.1AI score0.12525EPSS
CVE
CVEadded 2020/04/15 3:15 p.m.83 views

CVE-2020-1005

An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory, aka 'Microsoft Graphics Component Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-0982, CVE-2020-0987.

5.5CVSS6.2AI score0.0176EPSS
CVE
CVEadded 2020/04/15 3:15 p.m.83 views

CVE-2020-1014

An elevation of privilege vulnerability exists in the Microsoft Windows Update Client when it does not properly handle privileges, aka 'Microsoft Windows Update Client Elevation of Privilege Vulnerability'.

7.8CVSS8AI score0.0047EPSS
CVE
CVEadded 2020/05/21 11:15 p.m.83 views

CVE-2020-1116

An information disclosure vulnerability exists when the Windows Client Server Run-Time Subsystem (CSRSS) fails to properly handle objects in memory, aka 'Windows CSRSS Information Disclosure Vulnerability'.

5.5CVSS6.5AI score0.00505EPSS
CVE
CVEadded 2020/07/14 11:15 p.m.83 views

CVE-2020-1397

An information disclosure vulnerability exists in Windows when the Windows Imaging Component fails to properly handle objects in memory, aka 'Windows Imaging Component Information Disclosure Vulnerability'.

6.5CVSS7.1AI score0.2819EPSS
CVE
CVEadded 2021/12/15 3:15 p.m.83 views

CVE-2021-43238

Windows Remote Access Elevation of Privilege Vulnerability

7.8CVSS8.6AI score0.00305EPSS
CVE
CVEadded 2023/07/11 6:15 p.m.83 views

CVE-2023-32033

Microsoft Failover Cluster Remote Code Execution Vulnerability

7.2CVSS8AI score0.00348EPSS
CVE
CVEadded 2023/07/11 6:15 p.m.83 views

CVE-2023-32035

Remote Procedure Call Runtime Denial of Service Vulnerability

7.5CVSS7.8AI score0.03672EPSS
CVE
CVEadded 2023/07/11 6:15 p.m.83 views

CVE-2023-35309

Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability

7.5CVSS8.7AI score0.00691EPSS
CVE
CVEadded 2024/10/08 6:15 p.m.83 views

CVE-2024-43589

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

8.8CVSS9.1AI score0.04453EPSS
CVE
CVEadded 2025/03/11 5:16 p.m.83 views

CVE-2025-24988

Out-of-bounds read in Windows USB Video Driver allows an authorized attacker to elevate privileges with a physical attack.

6.8CVSS6.2AI score0.00118EPSS
CVE
CVEadded 2025/04/08 6:15 p.m.83 views

CVE-2025-27484

Sensitive data storage in improperly locked memory in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges over a network.

7.5CVSS7.1AI score0.00056EPSS
CVE
CVEadded 2010/12/16 7:33 p.m.82 views

CVE-2010-3338

The Windows Task Scheduler in Microsoft Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly determine the security context of scheduled tasks, which allows local users to gain privileges via a crafted application, aka "Task Scheduler Vulnerability." NOT...

7.2CVSS6.2AI score0.44756EPSS
CVE
CVEadded 2011/04/13 6:55 p.m.82 views

CVE-2011-0661

The SMB Server service in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly validate fields in SMB requests, which allows remote attackers to execute arbitrary code via a ...

10CVSS7.6AI score0.63002EPSS
CVE
CVEadded 2011/12/30 1:55 a.m.82 views

CVE-2011-3417

The Forms Authentication feature in the ASP.NET subsystem in Microsoft .NET Framework 1.1 SP1, 2.0 SP2, 3.5 SP1, 3.5.1, and 4.0, when sliding expiry is enabled, does not properly handle cached content, which allows remote attackers to obtain access to arbitrary user accounts via a crafted URL, aka ...

9.3CVSS6.5AI score0.64978EPSS
CVE
CVEadded 2015/12/09 11:59 a.m.82 views

CVE-2015-6107

The Windows font library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, Windows 10 Gold and 1511, Office 2007 SP3, Office 2010 SP2, Word Viewer, Skype for Business 2016, Lync 2010, ...

9.3CVSS7.5AI score0.52287EPSS
CVE
CVEadded 2017/11/15 3:29 a.m.82 views

CVE-2017-11851

The Windows kernel component on Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016, and Windows Server, version 1709, allows an information disclosure vulnerability when it improperl...

4.7CVSS5.3AI score0.06375EPSS
CVE
CVEadded 2019/11/12 7:15 p.m.82 views

CVE-2019-1411

An information disclosure vulnerability exists when DirectWrite improperly discloses the contents of its memory, aka 'DirectWrite Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1432.

6.5CVSS7.1AI score0.26055EPSS
CVE
CVEadded 2020/02/11 10:15 p.m.82 views

CVE-2020-0698

An information disclosure vulnerability exists when the Telephony Service improperly discloses the contents of its memory, aka 'Windows Information Disclosure Vulnerability'.

5.5CVSS6.1AI score0.00996EPSS
CVE
CVEadded 2020/03/12 4:15 p.m.82 views

CVE-2020-0853

An information disclosure vulnerability exists in Windows when the Windows Imaging Component fails to properly handle objects in memory, aka 'Windows Imaging Component Information Disclosure Vulnerability'.

6.5CVSS7.1AI score0.27243EPSS
CVE
CVEadded 2020/04/15 3:15 p.m.82 views

CVE-2020-1007

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-0821.

5.5CVSS6.1AI score0.00409EPSS
CVE
CVEadded 2020/09/11 5:15 p.m.82 views

CVE-2020-1097

An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise a user’s system.There are multiple ways an attacker could exploit th...

6.5CVSS6.9AI score0.18021EPSS
CVE
CVEadded 2020/09/11 5:15 p.m.82 views

CVE-2020-1589

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system.To exploit this vulnerability, an attacker would have to log on to ...

5.5CVSS5.8AI score0.00435EPSS
CVE
CVEadded 2021/03/11 4:15 p.m.82 views

CVE-2021-24107

Windows Event Tracing Information Disclosure Vulnerability

5.5CVSS7AI score0.00488EPSS
CVE
CVEadded 2023/07/11 6:15 p.m.82 views

CVE-2023-35299

Windows Common Log File System Driver Elevation of Privilege Vulnerability

7.8CVSS8.6AI score0.00167EPSS
CVE
CVEadded 2023/07/11 6:15 p.m.82 views

CVE-2023-35310

Windows DNS Server Remote Code Execution Vulnerability

6.6CVSS8.1AI score0.00224EPSS
CVE
CVEadded 2023/07/11 6:15 p.m.82 views

CVE-2023-35350

Windows Active Directory Certificate Services (AD CS) Remote Code Execution Vulnerability

7.2CVSS8.3AI score0.01242EPSS
CVE
CVEadded 2025/01/14 6:15 p.m.82 views

CVE-2025-21210

Windows BitLocker Information Disclosure Vulnerability

4.2CVSS4.3AI score0.00068EPSS
CVE
CVEadded 2025/01/14 6:15 p.m.82 views

CVE-2025-21228

Windows Digital Media Elevation of Privilege Vulnerability

6.6CVSS6.5AI score0.00133EPSS
CVE
CVEadded 2025/01/14 6:15 p.m.82 views

CVE-2025-21231

IP Helper Denial of Service Vulnerability

7.5CVSS7.5AI score0.01023EPSS
CVE
CVEadded 2017/10/13 1:29 p.m.81 views

CVE-2017-11815

The Microsoft Server Block Message (SMB) on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, allows an information disclosure vulnerability in the way that it ha...

5.3CVSS6.4AI score0.22607EPSS
CVE
CVEadded 2017/07/11 9:29 p.m.81 views

CVE-2017-8564

Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an information disclosure vulnerability when it fails to properly initialize a memory ad...

5.5CVSS5.3AI score0.22928EPSS
Total number of security vulnerabilities2548