Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
MicrosoftWindows Server 2008-

2548 matches found

CVE
CVEadded 2018/08/15 5:29 p.m.70 views

CVE-2018-8396

An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka "Windows GDI Information Disclosure Vulnerability." This affects Windows Server 2008, Windows 7, Windows Server 2008 R2. This CVE ID is unique from CVE-2018-8394, CVE-2...

4.7CVSS5.7AI score0.14286EPSS
CVE
CVEadded 2018/08/15 5:29 p.m.70 views

CVE-2018-8397

A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory, aka "GDI+ Remote Code Execution Vulnerability." This affects Windows Server 2008, Windows 7, Windows Server 2008 R2.

9.3CVSS7.3AI score0.3533EPSS
CVE
CVEadded 2019/06/12 2:29 p.m.70 views

CVE-2019-1011

An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system.There are multiple ways an attacker could exploit ...

6.5CVSS5.9AI score0.07622EPSS
CVE
CVEadded 2019/06/12 2:29 p.m.70 views

CVE-2019-1049

An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system.There are multiple ways an attacker could exploit ...

6.5CVSS5.6AI score0.07622EPSS
CVE
CVEadded 2020/03/12 4:15 p.m.70 views

CVE-2020-0874

An information disclosure vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory, allowing an attacker to retrieve information from a targeted system, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-0774...

5.5CVSS6.1AI score0.29411EPSS
CVE
CVEadded 2020/03/12 4:15 p.m.70 views

CVE-2020-0882

An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-0774, CVE-2020-0874, CVE-2020-0879, CVE-2020-0880.

6.5CVSS6.2AI score0.29411EPSS
CVE
CVEadded 2024/10/08 6:15 p.m.70 views

CVE-2024-43453

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

8.8CVSS9.1AI score0.04691EPSS
CVE
CVEadded 2024/10/08 6:15 p.m.70 views

CVE-2024-43570

Windows Kernel Elevation of Privilege Vulnerability

7CVSS7.6AI score0.00157EPSS
CVE
CVEadded 2024/10/08 6:15 p.m.70 views

CVE-2024-43608

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

8.8CVSS9.1AI score0.04126EPSS
CVE
CVEadded 2025/01/14 6:15 p.m.70 views

CVE-2025-21258

Windows Digital Media Elevation of Privilege Vulnerability

6.6CVSS6.5AI score0.00133EPSS
CVE
CVEadded 2025/01/14 6:15 p.m.70 views

CVE-2025-21268

MapUrlToZone Security Feature Bypass Vulnerability

4.3CVSS4.6AI score0.00096EPSS
CVE
CVEadded 2025/01/14 6:15 p.m.70 views

CVE-2025-21306

Windows Telephony Service Remote Code Execution Vulnerability

8.8CVSS9AI score0.00626EPSS
CVE
CVEadded 2025/02/11 6:15 p.m.70 views

CVE-2025-21410

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

8.8CVSS8.8AI score0.00381EPSS
CVE
CVEadded 2010/02/10 6:30 p.m.69 views

CVE-2010-0241

The TCP/IP implementation in Microsoft Windows Vista Gold, SP1, and SP2 and Server 2008 Gold and SP2, when IPv6 is enabled, does not properly perform bounds checking on ICMPv6 Route Information packets, which allows remote attackers to execute arbitrary code via crafted packets, aka "ICMPv6 Route I...

10CVSS7.6AI score0.55484EPSS
CVE
CVEadded 2010/08/11 6:47 p.m.69 views

CVE-2010-2554

The Tracing Feature for Services in Microsoft Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 has incorrect ACLs on its registry keys, which allows local users to gain privileges via vectors involving a named pipe and impersonation, aka "Tracing Registry Key ACL Vuln...

7.8CVSS6.3AI score0.03437EPSS
CVE
CVEadded 2014/03/12 5:15 a.m.69 views

CVE-2014-0300

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a ...

7.2CVSS6.4AI score0.00612EPSS
CVE
CVEadded 2014/06/11 4:56 a.m.69 views

CVE-2014-1818

GDI+ in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, Office 2007 SP3 and 2010 SP1 and SP2, Live Meeting 2007 Console, Lync 2010 and 2013, Lync 2010 Attendee,...

9.3CVSS8.5AI score0.42395EPSS
CVE
CVEadded 2015/10/14 1:59 a.m.69 views

CVE-2015-2553

The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 mishandles junctions during mountpoint creation, which makes it easier for local users to gain privileges by...

7.2CVSS6.4AI score0.11334EPSS
CVE
CVEadded 2015/12/09 11:59 a.m.69 views

CVE-2015-6173

The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 allows local users to gain privileges via a crafted application, aka "Windows Kernel Memory El...

7.2CVSS6.2AI score0.0345EPSS
CVE
CVEadded 2017/09/13 1:29 a.m.69 views

CVE-2017-8710

The Microsoft Common Console Document (.msc) in Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1 allows an attacker to read arbitrary files via an XML external entity (XXE) declaration, due to the way that the Microsoft Common Console Document (.msc) parses XML input containing a referen...

5.5CVSS5.5AI score0.33099EPSS
CVE
CVEadded 2019/04/09 12:29 a.m.69 views

CVE-2019-0683

An elevation of privilege vulnerability exists in Active Directory Forest trusts due to a default setting that lets an attacker in the trusting forest request delegation of a TGT for an identity from the trusted forest, aka 'Active Directory Elevation of Privilege Vulnerability'.

5.9CVSS6.4AI score0.06594EPSS
CVE
CVEadded 2023/07/11 6:15 p.m.69 views

CVE-2023-33172

Remote Procedure Call Runtime Denial of Service Vulnerability

7.5CVSS7.8AI score0.03672EPSS
CVE
CVEadded 2024/10/08 6:15 p.m.69 views

CVE-2024-38262

Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability

7.5CVSS8.5AI score0.00477EPSS
CVE
CVEadded 2025/01/14 6:15 p.m.69 views

CVE-2025-21287

Windows Installer Elevation of Privilege Vulnerability

7.8CVSS7.7AI score0.00159EPSS
CVE
CVEadded 2025/01/14 6:15 p.m.69 views

CVE-2025-21336

Windows Cryptographic Information Disclosure Vulnerability

5.6CVSS5.3AI score0.00069EPSS
CVE
CVEadded 2025/01/14 6:15 p.m.69 views

CVE-2025-21339

Windows Telephony Service Remote Code Execution Vulnerability

8.8CVSS9AI score0.02401EPSS
CVE
CVEadded 2025/02/11 6:15 p.m.69 views

CVE-2025-21350

Windows Kerberos Denial of Service Vulnerability

5.9CVSS6.9AI score0.00278EPSS
CVE
CVEadded 2011/01/31 8:0 p.m.68 views

CVE-2011-0096

The MHTML protocol handler in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly handle a MIME format in a request for content blocks in a document, which allows remote att...

6.1CVSS5.5AI score0.79917EPSS
CVE
CVEadded 2015/03/11 10:59 a.m.68 views

CVE-2015-0088

Adobe Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code via a crafted (1) web site or (2) file...

9.3CVSS7.8AI score0.28354EPSS
CVE
CVEadded 2015/08/15 12:59 a.m.68 views

CVE-2015-2430

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow attackers to bypass an application sandbox protection mechanism and perform unspecified filesystem actions via a crafted applica...

9.3CVSS6.5AI score0.05306EPSS
CVE
CVEadded 2015/08/15 12:59 a.m.68 views

CVE-2015-2459

ATMFD.DLL in the Windows Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows remote attackers to execute arbitrary code via a crafted Ope...

9.3CVSS7.3AI score0.54061EPSS
CVE
CVEadded 2015/08/15 12:59 a.m.68 views

CVE-2015-2462

ATMFD.DLL in the Windows Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, Windows 10, and .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, 4.5, 4.5.1, 4.5.2, and 4.6 ...

9.3CVSS7.4AI score0.43979EPSS
CVE
CVEadded 2015/11/11 12:59 p.m.68 views

CVE-2015-6101

The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 allows local users to gain privileges via a crafted application, aka "Windows Kernel Memory El...

6.9CVSS6.3AI score0.20184EPSS
CVE
CVEadded 2020/03/12 4:15 p.m.68 views

CVE-2020-0844

An elevation of privilege vulnerability exists when Connected User Experiences and Telemetry Service improperly handles file operations, aka 'Connected User Experiences and Telemetry Service Elevation of Privilege Vulnerability'.

7.8CVSS8.5AI score0.0037EPSS
CVE
CVEadded 2020/03/12 4:15 p.m.68 views

CVE-2020-0871

An information disclosure vulnerability exists when Windows Network Connections Service fails to properly handle objects in memory, aka 'Windows Network Connections Service Information Disclosure Vulnerability'.

5.5CVSS6.5AI score0.01687EPSS
CVE
CVEadded 2020/05/21 11:15 p.m.68 views

CVE-2020-1076

A denial of service vulnerability exists when Windows improperly handles objects in memory, aka 'Windows Denial of Service Vulnerability'.

5.5CVSS6.8AI score0.00266EPSS
CVE
CVEadded 2024/10/08 6:15 p.m.68 views

CVE-2024-38261

Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

7.8CVSS8.6AI score0.01039EPSS
CVE
CVEadded 2024/10/08 6:15 p.m.68 views

CVE-2024-43544

Microsoft Simple Certificate Enrollment Protocol Denial of Service Vulnerability

7.5CVSS8.2AI score0.1574EPSS
CVE
CVEadded 2025/01/14 6:15 p.m.68 views

CVE-2025-21250

Windows Telephony Service Remote Code Execution Vulnerability

8.8CVSS9AI score0.00626EPSS
CVE
CVEadded 2010/06/08 10:30 p.m.67 views

CVE-2010-0485

The Windows kernel-mode drivers in win32k.sys in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista SP1 and SP2, Server 2008 Gold and SP2, Windows 7, and Server 2008 R2 "do not properly validate all callback parameters when creating a new window," which allows local users to execute...

7.8CVSS6.7AI score0.00965EPSS
CVE
CVEadded 2014/06/11 4:56 a.m.67 views

CVE-2014-1817

usp10.dll in Uniscribe (aka the Unicode Script Processor) in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, Office 2007 SP3 and 2010 SP1 and SP2, Live Meeting ...

9.3CVSS8.6AI score0.44437EPSS
CVE
CVEadded 2015/03/11 10:59 a.m.67 views

CVE-2015-0073

The Windows Registry Virtualization feature in the kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly restrict changes to virtual stores, which allows local ...

7.2CVSS6.3AI score0.04632EPSS
CVE
CVEadded 2015/04/14 8:59 p.m.67 views

CVE-2015-1643

Microsoft Windows Server 2003 R2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 do not properly constrain impersonation levels, which allows local users to gain privileges via a crafted appl...

7.2CVSS6.4AI score0.02327EPSS
CVE
CVEadded 2015/06/10 1:59 a.m.67 views

CVE-2015-1756

Use-after-free vulnerability in Microsoft Common Controls in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows user-assisted remote attackers to execute arbitrary code via a cra...

9.3CVSS7.4AI score0.44309EPSS
CVE
CVEadded 2015/09/09 12:59 a.m.67 views

CVE-2015-2507

The Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows local users to gain privileges via a crafted application, aka "Font Driver Elevat...

7.2CVSS6.3AI score0.07689EPSS
CVE
CVEadded 2015/11/11 12:59 p.m.67 views

CVE-2015-6095

Kerberos in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 Gold and 1511 mishandles password changes, which allows physically proximate attackers to bypass authenticatio...

4.9CVSS6.6AI score0.06476EPSS
CVE
CVEadded 2019/07/29 1:47 p.m.67 views

CVE-2019-1099

An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1094, CVE-2019-1095, CVE-2019-1098, CVE-2019-1100, CVE-2019-1101, CVE-2019-1116.

6.5CVSS6.1AI score0.12437EPSS
CVE
CVEadded 2019/08/14 9:15 p.m.67 views

CVE-2019-1154

An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise a user’s system.There are multiple ways an attacker could exploit th...

5.5CVSS5.2AI score0.00725EPSS
CVE
CVEadded 2023/12/12 6:15 p.m.67 views

CVE-2023-36012

DHCP Server Service Information Disclosure Vulnerability

5.3CVSS6.5AI score0.00491EPSS
CVE
CVEadded 2025/05/13 5:15 p.m.67 views

CVE-2025-29837

Improper link resolution before file access ('link following') in Windows Installer allows an authorized attacker to disclose information locally.

5.5CVSS6.7AI score0.00074EPSS
Total number of security vulnerabilities2548