Windows Server 2008 Security Vulnerabilities and Issues — Windows Server 2008 CVE List

Lucene search

MicrosoftWindows Server 2008

173 matches found

CVE•added 2024/02/13 6:15 p.m.•409 views

CVE-2024-21340

Windows Kernel Information Disclosure Vulnerability

4.6CVSS5.3AI score0.00131EPSS

CVE•added 2023/10/10 6:15 p.m.•400 views

CVE-2023-36722

Active Directory Domain Services Information Disclosure Vulnerability

4.4CVSS6.5AI score0.00068EPSS

CVE•added 2023/08/08 6:15 p.m.•388 views

CVE-2023-20569

A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. This may result in speculative execution at an attacker-controlled address, potentially leading to information disclosure.

4.7CVSS6.6AI score0.00633EPSS

CVE•added 2025/01/14 6:15 p.m.•319 views

CVE-2025-21189

MapUrlToZone Security Feature Bypass Vulnerability

4.3CVSS4.6AI score0.00174EPSS

CVE•added 2024/04/09 5:15 p.m.•232 views

CVE-2024-29056

Windows Authentication Elevation of Privilege Vulnerability

4.3CVSS6.3AI score0.01412EPSS

CVE•added 2012/03/13 9:55 p.m.•216 views

CVE-2012-0152

The Remote Desktop Protocol (RDP) service in Microsoft Windows Server 2008 R2 and R2 SP1 and Windows 7 Gold and SP1 allows remote attackers to cause a denial of service (application hang) via a series of crafted packets, aka "Terminal Server Denial of Service Vulnerability."

4.3CVSS8.7AI score0.85393EPSS

Web

CVE•added 2022/10/11 7:15 p.m.•211 views

CVE-2022-37981

Windows Event Logging Service Denial of Service Vulnerability

4.3CVSS6.3AI score0.05031EPSS

CVE•added 2022/07/12 11:15 p.m.•205 views

CVE-2022-21845

Windows Kernel Information Disclosure Vulnerability

4.7CVSS6.1AI score0.00875EPSS

CVE•added 2024/01/09 6:15 p.m.•179 views

CVE-2024-20691

Windows Themes Information Disclosure Vulnerability

4.7CVSS5.3AI score0.00095EPSS

CVE•added 2015/03/06 5:59 p.m.•168 views

CVE-2015-1637

Schannel (aka Secure Channel) in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly restrict TLS state transitions, which makes it easier for ...

4.3CVSS6.2AI score0.91911EPSS

CVE•added 2024/01/09 6:15 p.m.•159 views

CVE-2024-20662

Windows Online Certificate Status Protocol (OCSP) Information Disclosure Vulnerability

4.9CVSS5.6AI score0.00817EPSS

CVE•added 2022/05/10 9:15 p.m.•153 views

CVE-2022-29127

BitLocker Security Feature Bypass Vulnerability

4.2CVSS6.5AI score0.00193EPSS

CVE•added 2018/01/04 2:29 p.m.•151 views

CVE-2018-0747

The Windows kernel in Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows an information disclosure vulnerability due to the way memory addresse...

4.7CVSS4.6AI score0.06726EPSS

CVE•added 2019/03/06 12:0 a.m.•147 views

CVE-2019-0601

An information disclosure vulnerability exists when the Human Interface Devices (HID) component improperly handles objects in memory, aka 'HID Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0600.

4.7CVSS6.2AI score0.00549EPSS

CVE•added 2021/11/10 1:18 a.m.•136 views

CVE-2021-38631

Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability

4.4CVSS6.3AI score0.00352EPSS

CVE•added 2018/02/15 2:29 a.m.•132 views

CVE-2018-0829

4.7CVSS4.9AI score0.11699EPSS

CVE•added 2018/09/13 12:29 a.m.•129 views

CVE-2018-8468

An elevation of privilege vulnerability exists when Windows, allowing a sandbox escape, aka "Windows Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008...

4.7CVSS5.8AI score0.06939EPSS

CVE•added 2019/04/09 9:29 p.m.•129 views

CVE-2019-0839

An information disclosure vulnerability exists when the Terminal Services component improperly discloses the contents of its memory, aka 'Windows Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0838.

4.4CVSS5.7AI score0.00695EPSS

CVE•added 2022/01/11 9:15 p.m.•128 views

CVE-2022-21900

Windows Hyper-V Security Feature Bypass Vulnerability

4.6CVSS6.7AI score0.00274EPSS

CVE•added 2021/11/10 1:19 a.m.•127 views

CVE-2021-41371

Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability

4.4CVSS6.3AI score0.00432EPSS

CVE•added 2018/08/15 5:29 p.m.•125 views

CVE-2018-8348

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Serv...

4.7CVSS5.6AI score0.01216EPSS

CVE•added 2019/04/09 3:29 a.m.•124 views

CVE-2019-0775

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0702, CVE-2019-0755, CVE-2019-0767, CVE-2019-0782.

4.7CVSS5.6AI score0.00908EPSS

CVE•added 2025/01/14 6:15 p.m.•123 views

CVE-2025-21329

MapUrlToZone Security Feature Bypass Vulnerability

4.3CVSS4.6AI score0.00111EPSS

CVE•added 2017/03/17 12:59 a.m.•122 views

CVE-2017-0073

The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607 allows remote attackers to obtain sensitive information from process memory via a ...

4.3CVSS4.3AI score0.14618EPSS

CVE•added 2019/03/06 12:0 a.m.•121 views

CVE-2019-0600

4.7CVSS6.2AI score0.00549EPSS

CVE•added 2018/08/15 5:29 p.m.•118 views

CVE-2018-8341

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Serv...

4.7CVSS5.6AI score0.01216EPSS

CVE•added 2018/03/14 5:29 p.m.•116 views

CVE-2018-0898

The Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an information disclosure vulnerability due to the way memo...

4.7CVSS4.7AI score0.11699EPSS

CVE•added 2018/02/15 2:29 a.m.•114 views

CVE-2018-0830

4.7CVSS4.9AI score0.11699EPSS

CVE•added 2018/02/15 2:29 a.m.•113 views

CVE-2018-0757

4.7CVSS5AI score0.02056EPSS

CVE•added 2017/03/17 12:59 a.m.•112 views

CVE-2017-0114

Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Uniscribe Information Disclosure Vulnerability." CVE-2017-0085, CVE-2017-0091, CVE-2017-0092, CVE-...

4.3CVSS4.5AI score0.13744EPSS

CVE•added 2017/03/17 12:59 a.m.•110 views

CVE-2017-0062

4.7CVSS4.3AI score0.14618EPSS

CVE•added 2018/03/14 5:29 p.m.•109 views

CVE-2018-0897

4.7CVSS4.7AI score0.11699EPSS

CVE•added 2018/06/14 12:29 p.m.•107 views

CVE-2018-8207

4.7CVSS5.3AI score0.01934EPSS

CVE•added 2015/03/11 10:59 a.m.•106 views

CVE-2015-0005

The NETLOGON service in Microsoft Windows Server 2003 SP2, Windows Server 2008 SP2 and R2 SP1, and Windows Server 2012 Gold and R2, when a Domain Controller is configured, allows remote attackers to spoof the computer name of a secure channel's endpoint, and obtain sensitive session information, by...

4.3CVSS6.3AI score0.01793EPSS

Web

CVE•added 2018/10/10 1:29 p.m.•106 views

CVE-2018-8320

A security feature bypass vulnerability exists in DNS Global Blocklist feature, aka "Windows DNS Security Feature Bypass Vulnerability." This affects Windows Server 2012 R2, Windows Server 2008, Windows Server 2012, Windows Server 2019, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windo...

4.3CVSS5.6AI score0.01939EPSS

CVE•added 2018/03/14 5:29 p.m.•105 views

CVE-2018-0896

4.7CVSS4.7AI score0.11699EPSS

CVE•added 2018/03/14 5:29 p.m.•104 views

CVE-2018-0900

4.7CVSS4.7AI score0.11699EPSS

CVE•added 2018/03/14 5:29 p.m.•103 views

CVE-2018-0895

4.7CVSS4.7AI score0.11699EPSS

CVE•added 2018/09/13 12:29 a.m.•101 views

CVE-2018-8433

An information disclosure vulnerability exists when the Windows Graphics component improperly handles objects in memory, aka "Microsoft Graphics Component Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012,...

4.7CVSS5.2AI score0.01913EPSS

CVE•added 2017/05/12 2:29 p.m.•99 views

CVE-2017-0220

The Windows kernel in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, and Windows Server 2012 Gold allows authenticated attackers to obtain sensitive information via a specially crafted document, aka "Windows Kernel Information Disclosure Vulnerability," a different vulnerability than CVE-2017-0...

4.7CVSS4.2AI score0.04995EPSS

CVE•added 2017/05/12 2:29 p.m.•99 views

CVE-2017-0245

The kernel-mode drivers in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1 and Windows Server 2012 Gold allow a local authenticated attacker to execute a specially crafted application to obtain kernel information, aka "Win32k Information Disclosure Vulnerability."

4.7CVSS5.5AI score0.19638EPSS

CVE•added 2018/03/14 5:29 p.m.•99 views

CVE-2018-0901

4.7CVSS4.7AI score0.11699EPSS

CVE•added 2018/03/14 5:29 p.m.•99 views

CVE-2018-0904

The Windows kernel in Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows information disclosure vulnerability due to how memory addresses ar...

4.7CVSS5AI score0.03404EPSS

CVE•added 2017/05/12 2:29 p.m.•98 views

CVE-2017-0175

The Windows kernel in Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows authenticated attackers to obtain sensitive information via a specially crafted document, aka "Windows Kernel Information Disclosure Vulnerability," a different vulnerability than CVE-2017-0220, CVE-2017-0258, and CV...

4.7CVSS4.2AI score0.04995EPSS

CVE•added 2023/04/11 9:15 p.m.•98 views

CVE-2023-28276

Windows Group Policy Security Feature Bypass Vulnerability

4.4CVSS4.9AI score0.00196EPSS

CVE•added 2018/03/14 5:29 p.m.•95 views

CVE-2018-0894

4.7CVSS4.7AI score0.11699EPSS

CVE•added 2025/01/14 6:15 p.m.•95 views

CVE-2025-21215

Secure Boot Security Feature Bypass Vulnerability

4.6CVSS4.7AI score0.00118EPSS

CVE•added 2017/11/15 3:29 a.m.•93 views

CVE-2017-11880

Windows kernel in Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an attacker to run a specially crafted application and obtain information to further compromise the user's s...

4.7CVSS5.2AI score0.0122EPSS

CVE•added 2017/04/12 2:59 p.m.•92 views

CVE-2017-0058

A Win32k information disclosure vulnerability exists in Microsoft Windows when the win32k component improperly provides kernel information. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user's system, aka "Win32k Information Disclosure V...

4.7CVSS5AI score0.16494EPSS

Web

CVE•added 2017/03/17 12:59 a.m.•92 views

CVE-2017-0116

4.3CVSS4.5AI score0.13744EPSS

Total number of security vulnerabilities173