VYPR

Windows Server 2008

by Microsoft

CVEs (2,625)

  • CVE-2016-3393HigKEVOct 14, 2016
    risk 0.68cvss 7.8epss 0.69

    Graphics Device Interface (aka GDI or GDI+) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607 allows remote attackers to execute arbitrary code via…

  • CVE-2016-0040HigKEVFeb 10, 2016
    risk 0.68cvss 7.8epss 0.25

    The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows local users to gain privileges via a crafted application, aka "Windows Elevation of Privilege Vulnerability."

  • CVE-2017-0263HigKEVMay 12, 2017
    risk 0.67cvss 7.8epss 0.10

    The kernel-mode drivers in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allow local users to gain privileges via a crafted application, aka…

  • CVE-2016-0165HigKEVApr 12, 2016
    risk 0.67cvss 7.8epss 0.14

    The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to gain privileges via a crafted application, aka "Win32k…

  • CVE-2014-4077HigKEVNov 11, 2014
    risk 0.67cvss 7.8epss 0.48

    Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, and Office 2007 SP3, when IMJPDCT.EXE (aka IME for Japanese) is installed, allow remote attackers to bypass a sandbox protection mechanism via a crafted PDF document, aka…

  • CVE-2009-2494CriAug 12, 2009
    risk 0.67cvss 9.8epss 0.42

    The Active Template Library (ATL) in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows remote attackers to execute arbitrary code via vectors related to erroneous free operations after reading a variant…

  • CVE-2008-4835CriJan 14, 2009
    risk 0.67cvss 9.8epss 0.45

    SMB in the Server service in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows remote attackers to execute arbitrary code via malformed values of unspecified "fields inside the SMB packets" in an NT Trans2 request,…

  • CVE-2017-8589CriJul 11, 2017
    risk 0.66cvss 9.8epss 0.26

    Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows a remote code execution vulnerability due to the way that Windows Search handles objects in…

  • CVE-2016-3213HigJun 16, 2016
    risk 0.66cvss 8.8epss 0.70

    The Web Proxy Auto Discovery (WPAD) protocol implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold and 1511, and Internet Explorer 9 through 11 has an…

  • CVE-2015-2387HigKEVJul 14, 2015
    risk 0.66cvss 7.8epss 0.37

    ATMFD.DLL in the Adobe Type Manager Font Driver in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges…

  • CVE-2010-4398HigKEVDec 6, 2010
    risk 0.66cvss 7.8epss 0.09

    Stack-based buffer overflow in the RtlQueryRegistryValues function in win32k.sys in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows local users to gain privileges, and bypass the…

  • CVE-2009-2512CriNov 11, 2009
    risk 0.66cvss 9.8epss 0.31

    The Web Services on Devices API (WSDAPI) in Windows Vista Gold, SP1, and SP2 and Server 2008 Gold and SP2 does not properly process the headers of WSD messages, which allows remote attackers to execute arbitrary code via a crafted (1) message or (2) response, aka "Web Services…

  • CVE-2017-0089HigMar 17, 2017
    risk 0.65cvss 8.8epss 0.57

    Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to execute arbitrary code via a crafted web site, aka "Uniscribe Remote Code Execution Vulnerability." This vulnerability is different from those described in…

  • CVE-2008-3465CriDec 10, 2008
    risk 0.65cvss 9.8epss 0.14

    Heap-based buffer overflow in an API in GDI in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows context-dependent attackers to cause a denial of service or execute arbitrary code via a WMF file with a malformed…

  • CVE-2025-60724CriNov 11, 2025
    risk 0.64cvss 9.8epss 0.06

    Heap-based buffer overflow in Microsoft Graphics Component allows an unauthorized attacker to execute code over a network.

  • CVE-2025-53766CriAug 12, 2025
    risk 0.64cvss 9.8epss 0.07

    Heap-based buffer overflow in Windows GDI+ allows an unauthorized attacker to execute code over a network.

  • CVE-2017-8682HigSep 13, 2017
    risk 0.64cvss 8.8epss 0.50

    Windows graphics on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, Windows Server 2016, Microsoft Office Word Viewer, Microsoft Office 2007 Service Pack 3 , and…

  • CVE-2017-0090HigMar 17, 2017
    risk 0.64cvss 8.8epss 0.43

    Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to execute arbitrary code via a crafted web site, aka "Uniscribe Remote Code Execution Vulnerability." This vulnerability is different from those described in…

  • CVE-2017-0088HigMar 17, 2017
    risk 0.64cvss 8.8epss 0.42

    Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to execute arbitrary code via a crafted web site, aka "Windows Uniscribe Remote Code Execution Vulnerability."

  • CVE-2017-0087HigMar 17, 2017
    risk 0.64cvss 8.8epss 0.43

    Uniscribe in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to execute arbitrary code via a crafted web site, aka "Uniscribe Remote Code Execution Vulnerability." This vulnerability is different from those described in…

Page 3 of 132