Windows Server 2008
by Microsoft
CVEs (2,627)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2019-0986 | Med | 0.41 | 6.3 | 0.02 | Jun 12, 2019 | An elevation of privilege vulnerability exists when the Windows User Profile Service (ProfSvc) improperly handles symlinks. An attacker who successfully exploited this vulnerability could delete files and folders in an elevated context. To exploit this vulnerability, an attacker… | ||
| CVE-2017-0061 | Med | 0.41 | 5.3 | 0.43 | Mar 17, 2017 | The Color Management Module (ICM32.dll) memory handling functionality in Windows Vista SP2, Windows Server 2008 SP2 and R2, and Windows 7 SP1 allows remote attackers to bypass ASLR and execute code in combination with another vulnerability through a crafted website, aka… | ||
| CVE-2017-0055 | Med | 0.41 | 6.1 | 0.16 | Mar 17, 2017 | Microsoft Internet Information Server (IIS) in Windows Vista SP2; Windows Server 2008 SP2 and R2; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to perform cross-site… | ||
| CVE-2023-35341 | Med | 0.40 | 6.2 | 0.01 | Jul 11, 2023 | Microsoft DirectMusic Information Disclosure Vulnerability | ||
| CVE-2023-21697 | Med | 0.40 | 6.2 | 0.01 | Feb 14, 2023 | Windows Internet Storage Name Service (iSNS) Server Information Disclosure Vulnerability | ||
| CVE-2022-37967 | Hig | 0.40 | 7.2 | 0.04 | Nov 9, 2022 | Windows Kerberos Elevation of Privilege Vulnerability | ||
| CVE-2022-22048 | Med | 0.40 | 6.1 | 0.01 | Jul 12, 2022 | BitLocker Security Feature Bypass Vulnerability | ||
| CVE-2019-1125 | Med | 0.40 | 5.6 | 0.05 | Sep 3, 2019 | An information disclosure vulnerability exists when certain central processing units (CPU) speculatively access memory. An attacker who successfully exploited the vulnerability could read privileged data across trust boundaries. To exploit this vulnerability, an attacker would… | ||
| CVE-2017-8683 | Med | 0.40 | 5.5 | 0.19 | Sep 13, 2017 | Windows graphics on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, allows an attacker to execute remote code by the way it handles embedded… | ||
| CVE-2017-0060 | Med | 0.40 | 5.5 | 0.16 | Mar 17, 2017 | The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607 allows remote attackers to obtain sensitive information from… | ||
| CVE-2016-0070 | Med | 0.40 | 5.5 | 0.11 | Oct 14, 2016 | The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 allows local users to gain privileges via a crafted application that makes an API call… | ||
| CVE-2016-3373 | Med | 0.40 | 5.5 | 0.17 | Sep 14, 2016 | The kernel API in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 does not properly implement registry access control, which allows local users to… | ||
| CVE-2010-0021 | Med | 0.40 | 5.9 | 0.14 | Feb 10, 2010 | Multiple race conditions in the SMB implementation in the Server service in Microsoft Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allow remote attackers to cause a denial of service (system hang) via a crafted (1) SMBv1 or (2) SMBv2… | ||
| CVE-2022-37985 | Med | 0.39 | 5.5 | 0.38 | Oct 11, 2022 | Windows Graphics Component Information Disclosure Vulnerability | ||
| CVE-2022-22028 | Med | 0.39 | 5.9 | 0.02 | Jul 12, 2022 | Windows Network File System Information Disclosure Vulnerability | ||
| CVE-2019-1153 | Med | 0.39 | 5.5 | 0.03 | Aug 14, 2019 | An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. To exploit this… | ||
| CVE-2019-1148 | Med | 0.39 | 5.5 | 0.03 | Aug 14, 2019 | An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. To exploit this… | ||
| CVE-2018-8304 | Med | 0.39 | 5.9 | 0.12 | Jul 11, 2018 | A denial of service vulnerability exists in Windows Domain Name System (DNS) DNSAPI.dll when it fails to properly handle DNS responses, aka "Windows DNSAPI Denial of Service Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008,… | ||
| CVE-2018-0975 | Med | 0.39 | 5.5 | 0.03 | Apr 12, 2018 | An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (ASLR) bypass, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows… | ||
| CVE-2018-0974 | Med | 0.39 | 5.5 | 0.04 | Apr 12, 2018 | An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (ASLR) bypass, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows… |
- risk 0.41cvss 6.3epss 0.02
An elevation of privilege vulnerability exists when the Windows User Profile Service (ProfSvc) improperly handles symlinks. An attacker who successfully exploited this vulnerability could delete files and folders in an elevated context. To exploit this vulnerability, an attacker…
- risk 0.41cvss 5.3epss 0.43
The Color Management Module (ICM32.dll) memory handling functionality in Windows Vista SP2, Windows Server 2008 SP2 and R2, and Windows 7 SP1 allows remote attackers to bypass ASLR and execute code in combination with another vulnerability through a crafted website, aka…
- risk 0.41cvss 6.1epss 0.16
Microsoft Internet Information Server (IIS) in Windows Vista SP2; Windows Server 2008 SP2 and R2; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to perform cross-site…
- risk 0.40cvss 6.2epss 0.01
Microsoft DirectMusic Information Disclosure Vulnerability
- risk 0.40cvss 6.2epss 0.01
Windows Internet Storage Name Service (iSNS) Server Information Disclosure Vulnerability
- risk 0.40cvss 7.2epss 0.04
Windows Kerberos Elevation of Privilege Vulnerability
- risk 0.40cvss 6.1epss 0.01
BitLocker Security Feature Bypass Vulnerability
- risk 0.40cvss 5.6epss 0.05
An information disclosure vulnerability exists when certain central processing units (CPU) speculatively access memory. An attacker who successfully exploited the vulnerability could read privileged data across trust boundaries. To exploit this vulnerability, an attacker would…
- risk 0.40cvss 5.5epss 0.19
Windows graphics on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, allows an attacker to execute remote code by the way it handles embedded…
- risk 0.40cvss 5.5epss 0.16
The Graphics Device Interface (GDI) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607 allows remote attackers to obtain sensitive information from…
- risk 0.40cvss 5.5epss 0.11
The kernel in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 allows local users to gain privileges via a crafted application that makes an API call…
- risk 0.40cvss 5.5epss 0.17
The kernel API in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 does not properly implement registry access control, which allows local users to…
- risk 0.40cvss 5.9epss 0.14
Multiple race conditions in the SMB implementation in the Server service in Microsoft Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allow remote attackers to cause a denial of service (system hang) via a crafted (1) SMBv1 or (2) SMBv2…
- risk 0.39cvss 5.5epss 0.38
Windows Graphics Component Information Disclosure Vulnerability
- risk 0.39cvss 5.9epss 0.02
Windows Network File System Information Disclosure Vulnerability
- risk 0.39cvss 5.5epss 0.03
An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. To exploit this…
- risk 0.39cvss 5.5epss 0.03
An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. To exploit this…
- risk 0.39cvss 5.9epss 0.12
A denial of service vulnerability exists in Windows Domain Name System (DNS) DNSAPI.dll when it fails to properly handle DNS responses, aka "Windows DNSAPI Denial of Service Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008,…
- risk 0.39cvss 5.5epss 0.03
An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (ASLR) bypass, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows…
- risk 0.39cvss 5.5epss 0.04
An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (ASLR) bypass, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows…
Page 55 of 132