Windows Server 2008 Security Vulnerabilities and Issues — Windows Server 2008 CVE List

Lucene search

MicrosoftWindows Server 2008

173 matches found

CVE•added 2024/02/13 6:15 p.m.•407 views

CVE-2024-21340

Windows Kernel Information Disclosure Vulnerability

4.6CVSS5.3AI score0.00131EPSS

CVE•added 2023/10/10 6:15 p.m.•399 views

CVE-2023-36722

Active Directory Domain Services Information Disclosure Vulnerability

4.4CVSS6.5AI score0.00068EPSS

CVE•added 2023/08/08 6:15 p.m.•359 views

CVE-2023-20569

A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. This may result in speculative execution at an attacker-controlled address, potentially leading to information disclosure.

4.7CVSS6.6AI score0.0065EPSS

CVE•added 2025/01/14 6:15 p.m.•318 views

CVE-2025-21189

MapUrlToZone Security Feature Bypass Vulnerability

4.3CVSS4.6AI score0.00162EPSS

CVE•added 2024/04/09 5:15 p.m.•230 views

CVE-2024-29056

Windows Authentication Elevation of Privilege Vulnerability

4.3CVSS6.3AI score0.01044EPSS

CVE•added 2012/03/13 9:55 p.m.•212 views

CVE-2012-0152

The Remote Desktop Protocol (RDP) service in Microsoft Windows Server 2008 R2 and R2 SP1 and Windows 7 Gold and SP1 allows remote attackers to cause a denial of service (application hang) via a series of crafted packets, aka "Terminal Server Denial of Service Vulnerability."

4.3CVSS8.7AI score0.85393EPSS

CVE•added 2022/10/11 7:15 p.m.•210 views

CVE-2022-37981

Windows Event Logging Service Denial of Service Vulnerability

4.3CVSS6.3AI score0.04734EPSS

CVE•added 2022/07/12 11:15 p.m.•202 views

CVE-2022-21845

Windows Kernel Information Disclosure Vulnerability

4.7CVSS6.1AI score0.00891EPSS

CVE•added 2024/01/09 6:15 p.m.•178 views

CVE-2024-20691

Windows Themes Information Disclosure Vulnerability

4.7CVSS5.3AI score0.00095EPSS

CVE•added 2015/03/06 5:59 p.m.•166 views

CVE-2015-1637

Schannel (aka Secure Channel) in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly restrict TLS state transitions, which makes it easier for ...

4.3CVSS6.2AI score0.92473EPSS

CVE•added 2024/01/09 6:15 p.m.•158 views

CVE-2024-20662

Windows Online Certificate Status Protocol (OCSP) Information Disclosure Vulnerability

4.9CVSS5.6AI score0.00817EPSS

CVE•added 2022/05/10 9:15 p.m.•152 views

CVE-2022-29127

BitLocker Security Feature Bypass Vulnerability

4.2CVSS6.5AI score0.00193EPSS

CVE•added 2018/01/04 2:29 p.m.•150 views

CVE-2018-0747

The Windows kernel in Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows an information disclosure vulnerability due to the way memory addresse...

4.7CVSS4.6AI score0.06726EPSS

CVE•added 2019/03/06 12:0 a.m.•146 views

CVE-2019-0601

An information disclosure vulnerability exists when the Human Interface Devices (HID) component improperly handles objects in memory, aka 'HID Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0600.

4.7CVSS6.2AI score0.00549EPSS

CVE•added 2021/11/10 1:18 a.m.•134 views

CVE-2021-38631

Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability

4.4CVSS6.3AI score0.00332EPSS

CVE•added 2018/02/15 2:29 a.m.•131 views

CVE-2018-0829

4.7CVSS4.9AI score0.11699EPSS

CVE•added 2018/09/13 12:29 a.m.•128 views

CVE-2018-8468

An elevation of privilege vulnerability exists when Windows, allowing a sandbox escape, aka "Windows Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008...

4.7CVSS5.8AI score0.05739EPSS

CVE•added 2019/04/09 9:29 p.m.•128 views

CVE-2019-0839

An information disclosure vulnerability exists when the Terminal Services component improperly discloses the contents of its memory, aka 'Windows Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0838.

4.4CVSS5.7AI score0.00695EPSS

CVE•added 2022/01/11 9:15 p.m.•127 views

CVE-2022-21900

Windows Hyper-V Security Feature Bypass Vulnerability

4.6CVSS6.7AI score0.00274EPSS

CVE•added 2021/11/10 1:19 a.m.•126 views

CVE-2021-41371

Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability

4.4CVSS6.3AI score0.00408EPSS

CVE•added 2018/08/15 5:29 p.m.•123 views

CVE-2018-8348

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Serv...

4.7CVSS5.6AI score0.01452EPSS

CVE•added 2019/04/09 3:29 a.m.•123 views

CVE-2019-0775

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0702, CVE-2019-0755, CVE-2019-0767, CVE-2019-0782.

4.7CVSS5.6AI score0.00908EPSS

CVE•added 2025/01/14 6:15 p.m.•122 views

CVE-2025-21329

MapUrlToZone Security Feature Bypass Vulnerability

4.3CVSS4.6AI score0.00103EPSS

CVE•added 2017/03/17 12:59 a.m.•121 views

CVE-2017-0073

The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607 allows remote attackers to obtain sensitive information from process memory via a ...

4.3CVSS4.3AI score0.14618EPSS

CVE•added 2019/03/06 12:0 a.m.•120 views

CVE-2019-0600

4.7CVSS6.2AI score0.00549EPSS

CVE•added 2018/08/15 5:29 p.m.•117 views

CVE-2018-8341

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Serv...

4.7CVSS5.6AI score0.01452EPSS

CVE•added 2018/03/14 5:29 p.m.•115 views

CVE-2018-0898

The Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an information disclosure vulnerability due to the way memo...

4.7CVSS4.7AI score0.06807EPSS

CVE•added 2018/02/15 2:29 a.m.•113 views

CVE-2018-0830

4.7CVSS4.9AI score0.11699EPSS

CVE•added 2017/03/17 12:59 a.m.•111 views

CVE-2017-0114

Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to obtain sensitive information from process memory via a crafted web site, aka "Uniscribe Information Disclosure Vulnerability." CVE-2017-0085, CVE-2017-0091, CVE-2017-0092, CVE-...

4.3CVSS4.5AI score0.13744EPSS

CVE•added 2018/02/15 2:29 a.m.•111 views

CVE-2018-0757

4.7CVSS5AI score0.01776EPSS

CVE•added 2017/03/17 12:59 a.m.•109 views

CVE-2017-0062

4.7CVSS4.3AI score0.14618EPSS

CVE•added 2018/03/14 5:29 p.m.•107 views

CVE-2018-0897

4.7CVSS4.7AI score0.06807EPSS

CVE•added 2015/03/11 10:59 a.m.•105 views

CVE-2015-0005

The NETLOGON service in Microsoft Windows Server 2003 SP2, Windows Server 2008 SP2 and R2 SP1, and Windows Server 2012 Gold and R2, when a Domain Controller is configured, allows remote attackers to spoof the computer name of a secure channel's endpoint, and obtain sensitive session information, by...

4.3CVSS6.3AI score0.01085EPSS

CVE•added 2018/06/14 12:29 p.m.•105 views

CVE-2018-8207

4.7CVSS5.3AI score0.01934EPSS

CVE•added 2018/10/10 1:29 p.m.•105 views

CVE-2018-8320

A security feature bypass vulnerability exists in DNS Global Blocklist feature, aka "Windows DNS Security Feature Bypass Vulnerability." This affects Windows Server 2012 R2, Windows Server 2008, Windows Server 2012, Windows Server 2019, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windo...

4.3CVSS5.6AI score0.01976EPSS

CVE•added 2018/03/14 5:29 p.m.•104 views

CVE-2018-0896

4.7CVSS4.7AI score0.06807EPSS

CVE•added 2018/03/14 5:29 p.m.•103 views

CVE-2018-0900

4.7CVSS4.7AI score0.06807EPSS

CVE•added 2018/03/14 5:29 p.m.•102 views

CVE-2018-0895

4.7CVSS4.7AI score0.06807EPSS

CVE•added 2018/09/13 12:29 a.m.•100 views

CVE-2018-8433

An information disclosure vulnerability exists when the Windows Graphics component improperly handles objects in memory, aka "Microsoft Graphics Component Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012,...

4.7CVSS5.2AI score0.01419EPSS

CVE•added 2017/05/12 2:29 p.m.•98 views

CVE-2017-0245

The kernel-mode drivers in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1 and Windows Server 2012 Gold allow a local authenticated attacker to execute a specially crafted application to obtain kernel information, aka "Win32k Information Disclosure Vulnerability."

4.7CVSS5.5AI score0.19638EPSS

CVE•added 2018/03/14 5:29 p.m.•98 views

CVE-2018-0901

4.7CVSS4.7AI score0.06807EPSS

CVE•added 2018/03/14 5:29 p.m.•98 views

CVE-2018-0904

The Windows kernel in Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows information disclosure vulnerability due to how memory addresses ar...

4.7CVSS5AI score0.01631EPSS

CVE•added 2017/05/12 2:29 p.m.•97 views

CVE-2017-0175

The Windows kernel in Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows authenticated attackers to obtain sensitive information via a specially crafted document, aka "Windows Kernel Information Disclosure Vulnerability," a different vulnerability than CVE-2017-0220, CVE-2017-0258, and CV...

4.7CVSS4.2AI score0.04995EPSS

CVE•added 2017/05/12 2:29 p.m.•97 views

CVE-2017-0220

The Windows kernel in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, and Windows Server 2012 Gold allows authenticated attackers to obtain sensitive information via a specially crafted document, aka "Windows Kernel Information Disclosure Vulnerability," a different vulnerability than CVE-2017-0...

4.7CVSS4.2AI score0.04995EPSS

CVE•added 2023/04/11 9:15 p.m.•97 views

CVE-2023-28276

Windows Group Policy Security Feature Bypass Vulnerability

4.4CVSS4.9AI score0.00196EPSS

CVE•added 2018/03/14 5:29 p.m.•94 views

CVE-2018-0894

4.7CVSS4.7AI score0.06807EPSS

CVE•added 2025/01/14 6:15 p.m.•93 views

CVE-2025-21215

Secure Boot Security Feature Bypass Vulnerability

4.6CVSS4.7AI score0.00104EPSS

CVE•added 2017/11/15 3:29 a.m.•92 views

CVE-2017-11880

Windows kernel in Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an attacker to run a specially crafted application and obtain information to further compromise the user's s...

4.7CVSS5.2AI score0.01334EPSS

CVE•added 2017/03/17 12:59 a.m.•91 views

CVE-2017-0116

4.3CVSS4.5AI score0.13744EPSS

CVE•added 2017/03/17 12:59 a.m.•91 views

CVE-2017-0121

Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allows remote attackers to obtain sensitive information from process memory via a craft...

4.3CVSS4.5AI score0.13744EPSS

Total number of security vulnerabilities173