Windows Server 2008 Security Vulnerabilities and Issues — Windows Server 2008 CVE List

Lucene search

MicrosoftWindows Server 2008

40 matches found

CVE•added 2020/03/12 4:15 p.m.•1384 views

CVE-2020-0787

An elevation of privilege vulnerability exists when the Windows Background Intelligent Transfer Service (BITS) improperly handles symbolic links, aka 'Windows Background Intelligent Transfer Service Elevation of Privilege Vulnerability'.

7.8CVSS8.5AI score0.59671EPSS

CVE•added 2020/03/12 4:15 p.m.•369 views

CVE-2020-0645

A tampering vulnerability exists when Microsoft IIS Server improperly handles malformed request headers, aka 'Microsoft IIS Server Tampering Vulnerability'.

7.5CVSS8.2AI score0.08197EPSS

CVE•added 2020/03/12 4:15 p.m.•112 views

CVE-2020-0887

An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0788, CVE-2020-0877.

7.8CVSS7.6AI score0.13359EPSS

CVE•added 2020/03/12 4:15 p.m.•110 views

CVE-2020-0822

An elevation of privilege vulnerability exists when the Windows Language Pack Installer improperly handles file operations, aka 'Windows Language Pack Installer Elevation of Privilege Vulnerability'.

7.8CVSS8.5AI score0.00511EPSS

CVE•added 2020/03/12 4:15 p.m.•107 views

CVE-2020-0788

7.8CVSS7.6AI score0.13359EPSS

CVE•added 2020/03/12 4:15 p.m.•107 views

CVE-2020-0814

An elevation of privilege vulnerability exists in Windows Installer because of the way Windows Installer handles certain filesystem operations.To exploit the vulnerability, an attacker would require unprivileged execution on the victim system, aka 'Windows Installer Elevation of Privilege Vulnerabi...

7.8CVSS6.5AI score0.00646EPSS

CVE•added 2020/03/12 4:15 p.m.•104 views

CVE-2020-0791

An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handles objects in memory, aka 'Windows Graphics Component Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0898.

7.8CVSS8.1AI score0.00526EPSS

CVE•added 2020/03/12 4:15 p.m.•98 views

CVE-2020-0684

A remote code execution vulnerability exists in Microsoft Windows that could allow remote code execution if a .LNK file is processed.An attacker who successfully exploited this vulnerability could gain the same user rights as the local user, aka 'LNK Remote Code Execution Vulnerability'.

8.8CVSS8.2AI score0.33494EPSS

CVE•added 2020/03/12 4:15 p.m.•96 views

CVE-2020-0803

An elevation of privilege vulnerability exists in the way that the Windows Network Connections Service handles objects in memory, aka 'Windows Network Connections Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0778, CVE-2020-0802, CVE-2020-0804, CVE-2020-0845.

7.8CVSS8.1AI score0.00549EPSS

CVE•added 2020/03/12 4:15 p.m.•95 views

CVE-2020-0802

7.8CVSS8.1AI score0.00549EPSS

CVE•added 2020/03/12 4:15 p.m.•93 views

CVE-2020-0849

An elevation of privilege vulnerability exists when Windows improperly handles hard links, aka 'Windows Hard Link Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0840, CVE-2020-0841, CVE-2020-0896.

7.8CVSS7.5AI score0.00397EPSS

CVE•added 2020/03/12 4:15 p.m.•93 views

CVE-2020-0883

A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory, aka 'GDI+ Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0881.

9.3CVSS8.8AI score0.5256EPSS

CVE•added 2020/03/12 4:15 p.m.•92 views

CVE-2020-0771

An elevation of privilege vulnerability exists when the Windows CSC Service improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows CSC Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-20...

7.8CVSS8.7AI score0.00656EPSS

CVE•added 2020/03/12 4:15 p.m.•91 views

CVE-2020-0769

7.8CVSS8.7AI score0.00656EPSS

CVE•added 2020/03/12 4:15 p.m.•90 views

CVE-2020-0843

7.8CVSS6.5AI score0.00646EPSS

CVE•added 2020/03/12 4:15 p.m.•90 views

CVE-2020-0881

9.3CVSS8.8AI score0.5256EPSS

CVE•added 2020/03/12 4:15 p.m.•88 views

CVE-2020-0772

An elevation of privilege vulnerability exists when Windows Error Reporting improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows Error Reporting Elevation of Privilege Vulnerability'. This CVE ID is unique from CV...

7.8CVSS8.7AI score0.0038EPSS

CVE•added 2020/03/12 4:15 p.m.•87 views

CVE-2020-0785

An elevation of privilege vulnerability exists when the Windows User Profile Service (ProfSvc) improperly handles symlinks, aka 'Windows User Profile Service Elevation of Privilege Vulnerability'.

7.1CVSS8AI score0.00432EPSS

CVE•added 2020/03/12 4:15 p.m.•87 views

CVE-2020-0860

An elevation of privilege vulnerability exists when the Windows ActiveX Installer Service improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows ActiveX Installer Service Elevation of Privilege Vulnerability'. This ...

7.8CVSS8.2AI score0.00656EPSS

CVE•added 2020/03/12 4:15 p.m.•87 views

CVE-2020-0877

7.8CVSS7.6AI score0.13359EPSS

CVE•added 2020/03/12 4:15 p.m.•85 views

CVE-2020-0777

An elevation of privilege vulnerability exists when the Windows Work Folder Service improperly handles file operations, aka 'Windows Work Folder Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0797, CVE-2020-0800, CVE-2020-0864, CVE-2020-0865, CVE-2020-0866, CVE-2...

7.8CVSS7.6AI score0.00538EPSS

CVE•added 2020/03/12 4:15 p.m.•85 views

CVE-2020-0804

7.8CVSS8.1AI score0.00549EPSS

CVE•added 2020/03/12 4:15 p.m.•84 views

CVE-2020-0773

7.8CVSS8.2AI score0.00656EPSS

CVE•added 2020/03/12 4:15 p.m.•84 views

CVE-2020-0778

7.8CVSS8.1AI score0.00549EPSS

CVE•added 2020/03/12 4:15 p.m.•84 views

CVE-2020-0845

7.8CVSS8.1AI score0.00549EPSS

CVE•added 2020/03/12 4:15 p.m.•83 views

CVE-2020-0781

An elevation of privilege vulnerability exists when the Windows Universal Plug and Play (UPnP) service improperly handles objects in memory, aka 'Windows UPnP Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0783.

7.8CVSS8.5AI score0.00538EPSS

CVE•added 2020/03/12 4:15 p.m.•82 views

CVE-2020-0806

An elevation of privilege vulnerability exists in Windows Error Reporting (WER) when WER handles and executes files, aka 'Windows Error Reporting Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0772.

7.8CVSS8.5AI score0.0038EPSS

CVE•added 2020/03/12 4:15 p.m.•82 views

CVE-2020-0853

An information disclosure vulnerability exists in Windows when the Windows Imaging Component fails to properly handle objects in memory, aka 'Windows Imaging Component Information Disclosure Vulnerability'.

6.5CVSS7.1AI score0.27243EPSS

CVE•added 2020/03/12 4:15 p.m.•81 views

CVE-2020-0770

7.8CVSS8.2AI score0.00656EPSS

CVE•added 2020/03/12 4:15 p.m.•80 views

CVE-2020-0783

7.8CVSS8.5AI score0.00538EPSS

CVE•added 2020/03/12 4:15 p.m.•79 views

CVE-2020-0842

7.8CVSS6.5AI score0.00646EPSS

CVE•added 2020/03/12 4:15 p.m.•77 views

CVE-2020-0879

An information disclosure vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory, allowing an attacker to retrieve information from a targeted system, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-0774...

5.5CVSS6.1AI score0.29411EPSS

CVE•added 2020/03/12 4:15 p.m.•76 views

CVE-2020-0774

An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-0874, CVE-2020-0879, CVE-2020-0880, CVE-2020-0882.

6.5CVSS6.2AI score0.29411EPSS

CVE•added 2020/03/12 4:15 p.m.•75 views

CVE-2020-0880

6.5CVSS6.2AI score0.29411EPSS

CVE•added 2020/03/12 4:15 p.m.•75 views

CVE-2020-0885

An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows Graphics Component Information Disclosure Vulnerability'.

4.3CVSS5.9AI score0.08498EPSS

CVE•added 2020/03/12 4:15 p.m.•72 views

CVE-2020-0779

An elevation of privilege vulnerability exists in the Windows Installer when MSI packages process symbolic links, aka 'Windows Installer Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0798, CVE-2020-0814, CVE-2020-0842, CVE-2020-0843.

5.5CVSS6.4AI score0.00646EPSS

CVE•added 2020/03/12 4:15 p.m.•70 views

CVE-2020-0874

5.5CVSS6.1AI score0.29411EPSS

CVE•added 2020/03/12 4:15 p.m.•70 views

CVE-2020-0882

6.5CVSS6.2AI score0.29411EPSS

CVE•added 2020/03/12 4:15 p.m.•68 views

CVE-2020-0844

An elevation of privilege vulnerability exists when Connected User Experiences and Telemetry Service improperly handles file operations, aka 'Connected User Experiences and Telemetry Service Elevation of Privilege Vulnerability'.

7.8CVSS8.5AI score0.0037EPSS

CVE•added 2020/03/12 4:15 p.m.•68 views

CVE-2020-0871

An information disclosure vulnerability exists when Windows Network Connections Service fails to properly handle objects in memory, aka 'Windows Network Connections Service Information Disclosure Vulnerability'.

5.5CVSS6.5AI score0.01687EPSS