Windows Server Security Vulnerabilities and Issues — Windows Server CVE List

Lucene search

MicrosoftWindows Server

35 matches found

CVE•added 2018/09/13 12:29 a.m.•147 views

CVE-2018-8420

A remote code execution vulnerability exists when the Microsoft XML Core Services MSXML parser processes user input, aka "MS XML Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Serve...

9.3CVSS8.2AI score0.55029EPSS

CVE•added 2018/03/14 5:29 p.m.•118 views

CVE-2018-0877

The Desktop Bridge Virtual File System (VFS) in Windows 10 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege vulnerability due to how file paths are managed, aka "Windows Desktop Bridge VFS Elevation of Privilege Vulnerability".

7.8CVSS7.5AI score0.04863EPSS

CVE•added 2018/09/13 12:29 a.m.•116 views

CVE-2018-8332

A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts, aka "Win32k Graphics Remote Code Execution Vulnerability." This affects Windows 7, Microsoft Office, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows S...

9.3CVSS8.2AI score0.38097EPSS

CVE•added 2018/03/14 5:29 p.m.•115 views

CVE-2018-0898

The Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an information disclosure vulnerability due to the way memo...

4.7CVSS4.7AI score0.06807EPSS

CVE•added 2018/09/13 12:29 a.m.•114 views

CVE-2018-8410

An elevation of privilege vulnerability exists when the Windows Kernel API improperly handles registry objects in memory, aka "Windows Registry Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2012, Windows 8.1, Windows Server 201...

7.8CVSS7.5AI score0.26284EPSS

CVE•added 2018/02/15 2:29 a.m.•113 views

CVE-2018-0825

StructuredQuery in Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows a remote code execution vulnerability due to how objects are handled in m...

7.6CVSS7.3AI score0.26183EPSS

CVE•added 2018/02/15 2:29 a.m.•111 views

CVE-2018-0757

The Windows kernel in Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows an information disclosure vulnerability due to the way objects are han...

4.7CVSS5AI score0.01776EPSS

CVE•added 2018/11/14 1:29 a.m.•111 views

CVE-2018-8554

An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory, aka "DirectX Elevation of Privilege Vulnerability." This affects Windows 10 Servers, Windows 10, Windows Server 2019. This CVE ID is unique from CVE-2018-8485, CVE-2018-8561.

7.8CVSS6.5AI score0.00512EPSS

CVE•added 2018/03/14 5:29 p.m.•110 views

CVE-2018-0880

The Desktop Bridge in Windows 10 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege vulnerability due to how the virtual registry is managed, aka "Windows Desktop Bridge Elevation of Privilege Vulnerability". This CVE is unique from CVE-2018-...

7CVSS7AI score0.07765EPSS

CVE•added 2018/03/14 5:29 p.m.•107 views

CVE-2018-0811

5.5CVSS4.8AI score0.06807EPSS

CVE•added 2018/03/14 5:29 p.m.•107 views

CVE-2018-0897

4.7CVSS4.7AI score0.06807EPSS

CVE•added 2018/03/14 5:29 p.m.•105 views

CVE-2018-0813

5.5CVSS4.8AI score0.06807EPSS

CVE•added 2018/09/13 12:29 a.m.•105 views

CVE-2018-8419

An information disclosure vulnerability exists when the Windows kernel fails to properly initialize a memory address, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Win...

5.5CVSS5.5AI score0.04881EPSS

CVE•added 2018/03/14 5:29 p.m.•104 views

CVE-2018-0896

4.7CVSS4.7AI score0.06807EPSS

CVE•added 2018/03/14 5:29 p.m.•103 views

CVE-2018-0900

4.7CVSS4.7AI score0.06807EPSS

CVE•added 2018/03/14 5:29 p.m.•102 views

CVE-2018-0895

4.7CVSS4.7AI score0.06807EPSS

CVE•added 2018/03/14 5:29 p.m.•99 views

CVE-2018-0814

5.5CVSS4.8AI score0.06807EPSS

CVE•added 2018/03/14 5:29 p.m.•99 views

CVE-2018-0883

Windows Shell in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, Windows Server 2016 and Windows Server, version 1709 allows a remote code execution vulnerability due to how file copy destinations ar...

7.6CVSS6.7AI score0.20607EPSS

CVE•added 2018/03/14 5:29 p.m.•98 views

CVE-2018-0901

4.7CVSS4.7AI score0.06807EPSS

CVE•added 2018/03/14 5:29 p.m.•98 views

CVE-2018-0904

The Windows kernel in Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows information disclosure vulnerability due to how memory addresses ar...

4.7CVSS5AI score0.01631EPSS

CVE•added 2018/09/13 12:29 a.m.•98 views

CVE-2018-8335

A denial of service vulnerability exists in the Microsoft Server Block Message (SMB) when an attacker sends specially crafted requests to the server, aka "Windows SMB Denial of Service Vulnerability." This affects Windows Server 2012 R2, Windows RT 8.1, Windows Server 2012, Windows Server 2016, Win...

7.8CVSS7.1AI score0.05751EPSS

CVE•added 2018/09/13 12:29 a.m.•97 views

CVE-2018-8438

A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system, aka "Windows Hyper-V Denial of Service Vulnerability." This affects Windows Server 2012 R2, Windows RT 8.1, Windows Se...

6.8CVSS6.2AI score0.00513EPSS

CVE•added 2018/03/14 5:29 p.m.•95 views

CVE-2018-0882

7CVSS7AI score0.07765EPSS

CVE•added 2018/03/14 5:29 p.m.•95 views

CVE-2018-0884

Windows Scripting Host (WSH) in Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows a security feature bypass vulnerability due to how objects are handled in memory, aka "Windows Security Feature Bypass Vulnerability". This CVE is unique from CVE-...

7.8CVSS7.2AI score0.00517EPSS

CVE•added 2018/03/14 5:29 p.m.•95 views

CVE-2018-0888

The Microsoft Hyper-V Network Switch in 64-bit versions of Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an information disclosure vulnera...

5.6CVSS5.6AI score0.00559EPSS

CVE•added 2018/03/14 5:29 p.m.•94 views

CVE-2018-0894

4.7CVSS4.7AI score0.06807EPSS

CVE•added 2018/03/14 5:29 p.m.•93 views

CVE-2018-0881

The Microsoft Video Control in Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege due to how objects are handled i...

7CVSS6.2AI score0.00565EPSS

CVE•added 2018/03/14 5:29 p.m.•92 views

CVE-2018-0902

The Cryptography Next Generation (CNG) kernel-mode driver (cng.sys) in Windows 10 Gold, 1511, 1607, 1703, and 1709. Windows Server 2016 and Windows Server, version 1709 allows a security feature bypass vulnerability due to the way the kernel-mode driver validates and enforces impersonation levels, ...

7.8CVSS7.3AI score0.00517EPSS

CVE•added 2018/03/14 5:29 p.m.•91 views

CVE-2018-0885

The Microsoft Hyper-V Network Switch in 64-bit versions of Microsoft Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows a denial of service vulnerability due to how input from a pri...

6.3CVSS5.7AI score0.01134EPSS

CVE•added 2018/03/14 5:29 p.m.•90 views

CVE-2018-0926

5.5CVSS4.7AI score0.06807EPSS

CVE•added 2018/03/14 5:29 p.m.•87 views

CVE-2018-0899

4.7CVSS4.7AI score0.06807EPSS

CVE•added 2018/08/15 5:29 p.m.•73 views

CVE-2018-8399

An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability." This affects Windows 10 Servers, Windows 10. This CVE ID is unique from CVE-2018-8404.

7CVSS6.7AI score0.00945EPSS

CVE•added 2018/09/13 12:29 a.m.•72 views

CVE-2018-8445

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-8336, CVE-2018-8419, CVE-2018-8442, CVE-2018-8443,...

5.5CVSS5.7AI score0.04881EPSS

CVE•added 2018/08/15 5:29 p.m.•64 views

CVE-2018-8350

A remote code execution vulnerability exists when Microsoft Windows PDF Library improperly handles objects in memory, aka "Windows PDF Remote Code Execution Vulnerability." This affects Windows 10 Servers, Windows 10.

9.3CVSS8.8AI score0.16701EPSS

CVE•added 2018/09/13 12:29 a.m.•60 views

CVE-2018-8422

An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka "Windows GDI Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2008 R2. This CVE ID is unique from CVE-2018-8424.

6.5CVSS6.3AI score0.16EPSS