Windows Server 2008@r2 Security Vulnerabilities and Issues — Page 7 of Windows Server 2008@r2 CVE List

The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vu...

7.8CVSS6.8AI score0.11623EPSS

CVE•added 2020/10/16 11:15 p.m.•238 views

CVE-2020-16916

An elevation of privilege vulnerability exists when Windows improperly handles COM object creation. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges.To exploit this vulnerability, an attacker would first have to log on to the system. An atta...

7.8CVSS8.2AI score0.00744EPSS

CVE•added 2024/02/13 6:15 p.m.•238 views

CVE-2024-21359

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability

8.8CVSS9.2AI score0.01901EPSS

CVE•added 2024/02/13 6:16 p.m.•238 views

CVE-2024-21420

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability

8.8CVSS9.2AI score0.01343EPSS

CVE•added 2025/03/11 5:16 p.m.•237 views

CVE-2025-24993

Heap-based buffer overflow in Windows NTFS allows an unauthorized attacker to execute code locally.

7.8CVSS8AI score0.02707EPSS

CVE•added 2020/09/11 5:15 p.m.•236 views

CVE-2020-1013

An elevation of privilege vulnerability exists when Microsoft Windows processes group policy updates. An attacker who successfully exploited this vulnerability could potentially escalate permissions or perform additional privileged actions on the target machine.To exploit this vulnerability, an att...

9.3CVSS8.1AI score0.1795EPSS

CVE•added 2022/06/15 10:15 p.m.•236 views

CVE-2022-30160

Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability

7.8CVSS8.1AI score0.03305EPSS

CVE•added 2023/11/14 6:15 p.m.•236 views

CVE-2023-36397

Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability

9.8CVSS9.7AI score0.03225EPSS

CVE•added 2024/02/13 6:15 p.m.•236 views

CVE-2024-21369

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability

8.8CVSS9.2AI score0.00852EPSS

CVE•added 2021/12/15 3:15 p.m.•235 views

CVE-2021-43883

Windows Installer Elevation of Privilege Vulnerability

7.8CVSS8.7AI score0.08752EPSS

CVE•added 2020/06/09 8:15 p.m.•234 views

CVE-2020-1246

An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0986, CVE-2020-1237, CVE-2020-1262, CVE-2020-1264, CVE-2020-1266, CVE-2020-1269, CVE-2020...

7.8CVSS7.7AI score0.19295EPSS

CVE•added 2020/06/09 8:15 p.m.•234 views

CVE-2020-1262

An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0986, CVE-2020-1237, CVE-2020-1246, CVE-2020-1264, CVE-2020-1266, CVE-2020-1269, CVE-2020...

7.8CVSS7.7AI score0.19295EPSS

CVE•added 2021/01/12 8:15 p.m.•234 views

CVE-2021-1678

Windows Print Spooler Spoofing Vulnerability

8.8CVSS8AI score0.53619EPSS

CVE•added 2022/08/09 8:15 p.m.•234 views

CVE-2022-34691

Active Directory Domain Services Elevation of Privilege Vulnerability

8.8CVSS9.1AI score0.0122EPSS

CVE•added 2024/02/13 6:15 p.m.•234 views

CVE-2024-21361

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability

8.8CVSS9.2AI score0.01901EPSS

CVE•added 2024/03/12 5:15 p.m.•234 views

CVE-2024-26174

Windows Kernel Information Disclosure Vulnerability

5.5CVSS6.6AI score0.00346EPSS

CVE•added 2025/02/11 6:15 p.m.•234 views

CVE-2025-21181

Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability

7.5CVSS7.8AI score0.07722EPSS

CVE•added 2016/08/09 9:59 p.m.•233 views

CVE-2016-3308

The kernel-mode drivers in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607 allow local users to gain privileges via a crafted application, aka "Win32k Elevation of Privi...

7.8CVSS7.5AI score0.51566EPSS

CVE•added 2024/02/13 6:15 p.m.•233 views

CVE-2024-21365

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability

8.8CVSS9.2AI score0.0192EPSS

CVE•added 2025/03/11 5:16 p.m.•233 views

CVE-2025-24991

Out-of-bounds read in Windows NTFS allows an authorized attacker to disclose information locally.

5.5CVSS6.5AI score0.03771EPSS

CVE•added 2024/02/13 6:15 p.m.•232 views

CVE-2024-21352

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability

8.8CVSS9.2AI score0.02032EPSS

CVE•added 2024/03/12 5:15 p.m.•232 views

CVE-2024-26173

Windows Kernel Elevation of Privilege Vulnerability

7.8CVSS8.1AI score0.00276EPSS

CVE•added 2024/03/12 5:15 p.m.•231 views

CVE-2024-21446

NTFS Elevation of Privilege Vulnerability

7.8CVSS8.1AI score0.00088EPSS

CVE•added 2017/03/17 12:59 a.m.•230 views

CVE-2017-0025

The kernel-mode drivers in Microsoft Windows Vista; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allow local users to gain privileges via a crafted application, aka "Win32k E...

7.8CVSS6.2AI score0.1628EPSS

CVE•added 2017/06/15 1:29 a.m.•230 views

CVE-2017-8552

A kernel-mode driver in Microsoft Windows XP SP3, Windows XP x64 XP2, Windows Server 2003 SP2, Windows Vista, Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, and Windows 8 allows an elevation of privilege when it fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vuln...

7.8CVSS7.6AI score0.17937EPSS

CVE•added 2023/06/14 12:15 a.m.•230 views

CVE-2023-29363

Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability

9.8CVSS9.7AI score0.05856EPSS

CVE•added 2024/02/13 6:15 p.m.•230 views

CVE-2024-21375

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability

8.8CVSS9.2AI score0.01718EPSS

CVE•added 2024/03/12 5:15 p.m.•230 views

CVE-2024-21450

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability

8.8CVSS9.2AI score0.01583EPSS

CVE•added 2020/07/14 11:15 p.m.•229 views

CVE-2020-1043

A remote code execution vulnerability exists when Hyper-V RemoteFX vGPU on a host server fails to properly validate input from an authenticated user on a guest operating system, aka 'Hyper-V RemoteFX vGPU Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1032, CVE-2020-1036,...

9CVSS9.2AI score0.01059EPSS

CVE•added 2024/04/09 5:15 p.m.•229 views

CVE-2024-29050

Windows Cryptographic Services Remote Code Execution Vulnerability

8.4CVSS8.8AI score0.18715EPSS

CVE•added 2025/06/10 5:23 p.m.•229 views

CVE-2025-33073

Improper access control in Windows SMB allows an authorized attacker to elevate privileges over a network.

8.8CVSS8.7AI score0.00341EPSS

CVE•added 2019/10/10 2:15 p.m.•227 views

CVE-2019-1342

An elevation of privilege vulnerability exists when Windows Error Reporting manager improperly handles a process crash, aka 'Windows Error Reporting Manager Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1315, CVE-2019-1339.

7.8CVSS8.5AI score0.06219EPSS

CVE•added 2021/07/14 6:15 p.m.•227 views

CVE-2021-34494

Windows DNS Server Remote Code Execution Vulnerability

8.8CVSS8.4AI score0.01237EPSS

CVE•added 2022/09/13 7:15 p.m.•227 views

CVE-2022-33679

Windows Kerberos Elevation of Privilege Vulnerability

8.1CVSS8.8AI score0.78364EPSS

CVE•added 2024/12/12 2:4 a.m.•227 views

CVE-2024-49113

Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability

7.5CVSS7.5AI score0.87357EPSS

CVE•added 2017/03/17 12:59 a.m.•226 views

CVE-2017-0047

The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607 allows local users to gain privileges via a crafted application, aka "Windows GDI ...

7.8CVSS6.2AI score0.1628EPSS

CVE•added 2023/11/14 6:15 p.m.•226 views

CVE-2023-36402

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability

8.8CVSS9.5AI score0.00166EPSS

CVE•added 2024/03/12 5:15 p.m.•226 views

CVE-2024-21451

Microsoft ODBC Driver Remote Code Execution Vulnerability

8.8CVSS8.9AI score0.01047EPSS

CVE•added 2017/07/11 9:29 p.m.•225 views

CVE-2017-8563

Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an elevation of privilege vulnerability due to Kerberos falling back to NT LAN Manager (NTLM) Authentication Pro...

8.1CVSS7.1AI score0.17921EPSS

CVE•added 2022/03/09 5:15 p.m.•225 views

CVE-2022-24459

Windows Fax and Scan Service Elevation of Privilege Vulnerability

7.8CVSS8.2AI score0.00227EPSS

CVE•added 2024/02/13 6:15 p.m.•225 views

CVE-2024-21368

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability

8.8CVSS9.2AI score0.01901EPSS

CVE•added 2020/07/14 11:15 p.m.•224 views

CVE-2020-1041

9CVSS9.2AI score0.01059EPSS

CVE•added 2020/06/09 8:15 p.m.•224 views

CVE-2020-1299

A remote code execution vulnerability exists in Microsoft Windows that could allow remote code execution if a .LNK file is processed.An attacker who successfully exploited this vulnerability could gain the same user rights as the local user, aka 'LNK Remote Code Execution Vulnerability'.

9.3CVSS8.4AI score0.32912EPSS

CVE•added 2023/05/09 6:15 p.m.•224 views

CVE-2023-24903

Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability

8.1CVSS8.1AI score0.00645EPSS

CVE•added 2024/02/13 6:15 p.m.•224 views

CVE-2024-21349

Microsoft ActiveX Data Objects Remote Code Execution Vulnerability

8.8CVSS8.9AI score0.01901EPSS

CVE•added 2024/02/13 6:15 p.m.•224 views

CVE-2024-21360

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability