Windows Server 2008 Security Vulnerabilities and Issues — Windows Server 2008 CVE List

Lucene search

MicrosoftWindows Server 2008

408 matches found

CVE•added 2018/05/22 12:29 p.m.•724 views

CVE-2018-3639

Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store ...

5.5CVSS5.9AI score0.46737EPSS

CVE•added 2023/09/12 5:15 p.m.•653 views

CVE-2023-38160

Windows TCP/IP Information Disclosure Vulnerability

5.5CVSS6.6AI score0.00221EPSS

CVE•added 2023/10/10 6:15 p.m.•601 views

CVE-2023-36584

Windows Mark of the Web Security Feature Bypass Vulnerability

5.4CVSS7.3AI score0.20094EPSS

CVE•added 2019/09/03 6:15 p.m.•590 views

CVE-2019-1125

An information disclosure vulnerability exists when certain central processing units (CPU) speculatively access memory. An attacker who successfully exploited the vulnerability could read privileged data across trust boundaries.To exploit this vulnerability, an attacker would have to log on to an a...

5.6CVSS6.8AI score0.15102EPSS

CVE•added 2023/09/12 5:15 p.m.•492 views

CVE-2023-36801

DHCP Server Service Information Disclosure Vulnerability

5.3CVSS6AI score0.00248EPSS

CVE•added 2023/09/12 5:15 p.m.•443 views

CVE-2023-38152

DHCP Server Service Information Disclosure Vulnerability

5.3CVSS6AI score0.0239EPSS

CVE•added 2023/10/10 6:15 p.m.•366 views

CVE-2023-36713

Windows Common Log File System Driver Information Disclosure Vulnerability

5.5CVSS7AI score0.02083EPSS

CVE•added 2025/05/13 5:15 p.m.•362 views

CVE-2025-29974

Integer underflow (wrap or wraparound) in Windows Kernel allows an unauthorized attacker to disclose information over an adjacent network.

5.7CVSS5.6AI score0.00087EPSS

CVE•added 2022/03/09 5:15 p.m.•359 views

CVE-2022-24503

Remote Desktop Protocol Client Information Disclosure Vulnerability

5.4CVSS6.6AI score0.00575EPSS

CVE•added 2023/10/10 6:15 p.m.•357 views

CVE-2023-36724

Windows Power Management Service Information Disclosure Vulnerability

5.5CVSS7AI score0.00102EPSS

CVE•added 2023/08/08 6:15 p.m.•328 views

CVE-2023-20588

A division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality.

5.5CVSS6.9AI score0.03997EPSS

CVE•added 2019/06/12 2:29 p.m.•251 views

CVE-2019-1040

A tampering vulnerability exists in Microsoft Windows when a man-in-the-middle attacker is able to successfully bypass the NTLM MIC (Message Integrity Check) protection. An attacker who successfully exploited this vulnerability could gain the ability to downgrade NTLM security features.To exploit t...

5.9CVSS6.7AI score0.9061EPSS

CVE•added 2024/08/13 6:15 p.m.•249 views

CVE-2024-38118

Microsoft Local Security Authority (LSA) Server Information Disclosure Vulnerability

5.5CVSS5.2AI score0.00458EPSS

CVE•added 2023/04/11 9:15 p.m.•245 views

CVE-2023-21729

Remote Procedure Call Runtime Information Disclosure Vulnerability

5.3CVSS4.9AI score0.01489EPSS

CVE•added 2017/11/15 3:29 a.m.•244 views

CVE-2017-11835

Microsoft graphics in Windows 7 SP1 and Windows Server 2008 SP2 and R2 SP1 allows an attacker to potentially read data that was not intended to be disclosed due to the way that the Microsoft Windows Embedded OpenType (EOT) font engine parses specially crafted embedded fonts, aka "Windows EOT Font E...

5.5CVSS4.7AI score0.02807EPSS

CVE•added 2019/07/15 7:15 p.m.•241 views

CVE-2019-1073

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1071.

5.5CVSS5.8AI score0.00349EPSS

CVE•added 2019/04/09 9:29 p.m.•238 views

CVE-2019-0796

An elevation of privilege vulnerability exists when Windows improperly handles calls to the LUAFV driver (luafv.sys), aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0730, CVE-2019-0731, CVE-2019-0805, CVE-2019-0836, CVE-2019-0841.

5.5CVSS6.7AI score0.85917EPSS

CVE•added 2024/03/12 5:15 p.m.•234 views

CVE-2024-26174

Windows Kernel Information Disclosure Vulnerability

5.5CVSS6.6AI score0.00332EPSS

CVE•added 2020/11/11 7:15 a.m.•227 views

CVE-2020-1599

Windows Spoofing Vulnerability

5.5CVSS7.2AI score0.05733EPSS

CVE•added 2022/03/09 5:15 p.m.•222 views

CVE-2022-23281

Windows Common Log File System Driver Information Disclosure Vulnerability

5.5CVSS6.6AI score0.00475EPSS

CVE•added 2024/09/10 5:15 p.m.•222 views

CVE-2024-38217

Windows Mark of the Web Security Feature Bypass Vulnerability

5.4CVSS7.3AI score0.14086EPSS

CVE•added 2024/03/12 5:15 p.m.•218 views

CVE-2024-26177

Windows Kernel Information Disclosure Vulnerability

5.5CVSS6.6AI score0.00752EPSS

CVE•added 2024/03/12 5:15 p.m.•217 views

CVE-2024-26181

Windows Kernel Denial of Service Vulnerability

5.5CVSS6.7AI score0.00415EPSS

CVE•added 2025/03/11 5:16 p.m.•209 views

CVE-2025-24991

Out-of-bounds read in Windows NTFS allows an authorized attacker to disclose information locally.

5.5CVSS6.5AI score0.03535EPSS

CVE•added 2022/07/12 11:15 p.m.•208 views

CVE-2022-30223

Windows Hyper-V Information Disclosure Vulnerability

5.7CVSS6.6AI score0.03907EPSS

CVE•added 2022/03/09 5:15 p.m.•195 views

CVE-2022-23297

Windows NT Lan Manager Datagram Receiver Driver Information Disclosure Vulnerability

5.5CVSS6.6AI score0.00325EPSS

CVE•added 2024/01/09 6:15 p.m.•184 views

CVE-2024-21311

Windows Cryptographic Services Information Disclosure Vulnerability

5.5CVSS5.9AI score0.0016EPSS

CVE•added 2017/07/11 9:29 p.m.•181 views

CVE-2017-8582

HTTP.sys in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an information disclosure vulnerability when the component improperly handles objects in memor...

5.9CVSS5.7AI score0.12553EPSS

CVE•added 2023/11/14 6:15 p.m.•181 views

CVE-2023-36428

Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability

5.5CVSS7AI score0.00127EPSS

CVE•added 2019/07/15 7:15 p.m.•176 views

CVE-2019-1096

An information disclosure vulnerability exists when the win32k component improperly provides kernel information, aka 'Win32k Information Disclosure Vulnerability'.

5.5CVSS5.6AI score0.23126EPSS

CVE•added 2022/10/11 7:15 p.m.•172 views

CVE-2022-38043

Windows Security Support Provider Interface Information Disclosure Vulnerability

5.5CVSS6.6AI score0.00447EPSS

CVE•added 2023/01/10 10:15 p.m.•169 views

CVE-2023-21776

Windows Kernel Information Disclosure Vulnerability

5.5CVSS5.5AI score0.00669EPSS

CVE•added 2018/11/14 1:29 a.m.•166 views

CVE-2018-8407

An information disclosure vulnerability exists when "Kernel Remote Procedure Call Provider" driver improperly initializes objects in memory, aka "MSRPC Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Wi...

5.5CVSS6.7AI score0.00704EPSS

CVE•added 2021/07/14 6:15 p.m.•165 views

CVE-2021-33764

Windows Key Distribution Center Information Disclosure Vulnerability

5.9CVSS6.7AI score0.01673EPSS

CVE•added 2012/03/13 9:55 p.m.•164 views

CVE-2012-0006

The DNS server in Microsoft Windows Server 2003 SP2 and Server 2008 SP2, R2, and R2 SP1 does not properly handle objects in memory during record lookup, which allows remote attackers to cause a denial of service (daemon restart) via a crafted query, aka "DNS Denial of Service Vulnerability."

5CVSS6.3AI score0.73659EPSS

CVE•added 2024/01/09 6:15 p.m.•164 views

CVE-2024-20692

Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability

5.7CVSS5.9AI score0.0107EPSS

CVE•added 2022/04/15 7:15 p.m.•161 views

CVE-2022-24493

Microsoft Local Security Authority (LSA) Server Information Disclosure Vulnerability

5.5CVSS6.9AI score0.00435EPSS

CVE•added 2019/07/15 7:15 p.m.•160 views

CVE-2019-1071

5.5CVSS5.8AI score0.00349EPSS

CVE•added 2017/05/12 2:29 p.m.•154 views

CVE-2017-0267

Microsoft Server Message Block 1.0 (SMBv1) allows an information disclosure vulnerability in the way that Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 handles...

5.9CVSS6.1AI score0.27804EPSS

CVE•added 2022/08/09 8:15 p.m.•154 views

CVE-2022-34708

Windows Kernel Information Disclosure Vulnerability

5.5CVSS7AI score0.01087EPSS

CVE•added 2024/01/09 6:15 p.m.•154 views

CVE-2024-21313

Windows TCP/IP Information Disclosure Vulnerability

5.3CVSS5.8AI score0.00125EPSS

CVE•added 2023/04/11 9:15 p.m.•153 views

CVE-2023-28253

Windows Kernel Information Disclosure Vulnerability

5.5CVSS5.5AI score0.00198EPSS

CVE•added 2023/01/10 10:15 p.m.•152 views

CVE-2023-21682

Windows Point-to-Point Protocol (PPP) Information Disclosure Vulnerability

5.3CVSS5.3AI score0.01967EPSS

CVE•added 2023/05/09 6:15 p.m.•152 views

CVE-2023-28251

Windows Driver Revocation List Security Feature Bypass Vulnerability

5.5CVSS5.7AI score0.00165EPSS

CVE•added 2013/09/11 2:3 p.m.•151 views

CVE-2013-3868

Microsoft Active Directory Lightweight Directory Service (AD LDS) on Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, and Windows 8 and Active Directory Services on Windows Server 2008 SP2 and R2 SP1 and Server 2012 allow remote attackers to cause a denial of service (LDAP dire...

5CVSS6.5AI score0.39159EPSS

CVE•added 2023/05/09 6:15 p.m.•151 views

CVE-2023-24900

Windows NTLM Security Support Provider Information Disclosure Vulnerability

5.9CVSS5.7AI score0.0044EPSS

CVE•added 2022/05/10 9:15 p.m.•150 views

CVE-2022-22011

Windows Graphics Component Information Disclosure Vulnerability

5.5CVSS7AI score0.00618EPSS

CVE•added 2023/05/09 6:15 p.m.•149 views

CVE-2023-24945

Windows iSCSI Target Service Information Disclosure Vulnerability

5.5CVSS5.5AI score0.00388EPSS

CVE•added 2021/07/16 9:15 p.m.•148 views

CVE-2021-34457

Windows Remote Access Connection Manager Information Disclosure Vulnerability

5.5CVSS6.6AI score0.0052EPSS

CVE•added 2013/01/09 6:9 p.m.•147 views

CVE-2013-0013

The SSL provider component in Microsoft Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, Windows 8, Windows Server 2012, and Windows RT does not properly handle encrypted packets, which allows man-in-the-middle attackers to conduct SSLv2 downgrade attacks against ...

5.8CVSS6.3AI score0.15613EPSS

Total number of security vulnerabilities408