Windows Server 2008
by Microsoft
CVEs (2,628)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-8532 | Med | 0.43 | 6.5 | 0.07 | Jun 15, 2017 | Graphics in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows improper disclosure of memory contents, aka "Graphics Uniscribe Information Disclosure… | ||
| CVE-2017-8531 | Med | 0.43 | 6.5 | 0.07 | Jun 15, 2017 | Graphics in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, Windows Server 2016, Microsoft Office 2007 Service Pack 3, and Microsoft Office 2010 Service Pack 2 allows improper… | ||
| CVE-2016-3209 | Med | 0.43 | 5.5 | 0.54 | Oct 14, 2016 | Graphics Device Interface (aka GDI or GDI+) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; Office 2007 SP3; Office 2010 SP2; Word Viewer; Skype for… | ||
| CVE-2016-3372 | Med | 0.43 | 6.6 | 0.02 | Sep 14, 2016 | The kernel API in Microsoft Windows Vista SP2 and Windows Server 2008 SP2 does not properly enforce permissions, which allows local users to spoof processes, spoof inter-process communication, or cause a denial of service via a crafted application, aka "Windows Kernel Elevation… | ||
| CVE-2016-3226 | Med | 0.43 | 6.5 | 0.11 | Jun 16, 2016 | Active Directory in Microsoft Windows Server 2008 R2 SP1 and Server 2012 Gold and R2 allows remote authenticated users to cause a denial of service (service hang) by creating many machine accounts, aka "Active Directory Denial of Service Vulnerability." | ||
| CVE-2025-33057 | Med | 0.42 | 6.5 | 0.01 | Jun 10, 2025 | Null pointer dereference in Windows Local Security Authority (LSA) allows an authorized attacker to deny service over a network. | ||
| CVE-2025-32715 | Med | 0.42 | 6.5 | 0.01 | Jun 10, 2025 | Out-of-bounds read in Remote Desktop Client allows an unauthorized attacker to disclose information over a network. | ||
| CVE-2025-29968 | Med | 0.42 | 6.5 | 0.02 | May 13, 2025 | Improper input validation in Active Directory Certificate Services (AD CS) allows an authorized attacker to deny service over a network. | ||
| CVE-2025-29961 | Med | 0.42 | 6.5 | 0.01 | May 13, 2025 | Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. | ||
| CVE-2025-29960 | Med | 0.42 | 6.5 | 0.01 | May 13, 2025 | Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. | ||
| CVE-2025-29959 | Med | 0.42 | 6.5 | 0.01 | May 13, 2025 | Use of uninitialized resource in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. | ||
| CVE-2025-29958 | Med | 0.42 | 6.5 | 0.01 | May 13, 2025 | Use of uninitialized resource in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. | ||
| CVE-2025-29836 | Med | 0.42 | 6.5 | 0.01 | May 13, 2025 | Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. | ||
| CVE-2025-29835 | Med | 0.42 | 6.5 | 0.01 | May 13, 2025 | Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. | ||
| CVE-2025-29832 | Med | 0.42 | 6.5 | 0.01 | May 13, 2025 | Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. | ||
| CVE-2025-29830 | Med | 0.42 | 6.5 | 0.01 | May 13, 2025 | Use of uninitialized resource in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. | ||
| CVE-2025-27474 | Med | 0.42 | 6.5 | 0.02 | Apr 8, 2025 | Use of uninitialized resource in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. | ||
| CVE-2025-26676 | Med | 0.42 | 6.5 | 0.01 | Apr 8, 2025 | Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. | ||
| CVE-2025-26672 | Med | 0.42 | 6.5 | 0.02 | Apr 8, 2025 | Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. | ||
| CVE-2025-26667 | Med | 0.42 | 6.5 | 0.02 | Apr 8, 2025 | Exposure of sensitive information to an unauthorized actor in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. |
- risk 0.43cvss 6.5epss 0.07
Graphics in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows improper disclosure of memory contents, aka "Graphics Uniscribe Information Disclosure…
- risk 0.43cvss 6.5epss 0.07
Graphics in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, Windows Server 2016, Microsoft Office 2007 Service Pack 3, and Microsoft Office 2010 Service Pack 2 allows improper…
- risk 0.43cvss 5.5epss 0.54
Graphics Device Interface (aka GDI or GDI+) in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; Office 2007 SP3; Office 2010 SP2; Word Viewer; Skype for…
- risk 0.43cvss 6.6epss 0.02
The kernel API in Microsoft Windows Vista SP2 and Windows Server 2008 SP2 does not properly enforce permissions, which allows local users to spoof processes, spoof inter-process communication, or cause a denial of service via a crafted application, aka "Windows Kernel Elevation…
- risk 0.43cvss 6.5epss 0.11
Active Directory in Microsoft Windows Server 2008 R2 SP1 and Server 2012 Gold and R2 allows remote authenticated users to cause a denial of service (service hang) by creating many machine accounts, aka "Active Directory Denial of Service Vulnerability."
- risk 0.42cvss 6.5epss 0.01
Null pointer dereference in Windows Local Security Authority (LSA) allows an authorized attacker to deny service over a network.
- risk 0.42cvss 6.5epss 0.01
Out-of-bounds read in Remote Desktop Client allows an unauthorized attacker to disclose information over a network.
- risk 0.42cvss 6.5epss 0.02
Improper input validation in Active Directory Certificate Services (AD CS) allows an authorized attacker to deny service over a network.
- risk 0.42cvss 6.5epss 0.01
Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.
- risk 0.42cvss 6.5epss 0.01
Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.
- risk 0.42cvss 6.5epss 0.01
Use of uninitialized resource in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.
- risk 0.42cvss 6.5epss 0.01
Use of uninitialized resource in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.
- risk 0.42cvss 6.5epss 0.01
Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.
- risk 0.42cvss 6.5epss 0.01
Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.
- risk 0.42cvss 6.5epss 0.01
Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.
- risk 0.42cvss 6.5epss 0.01
Use of uninitialized resource in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.
- risk 0.42cvss 6.5epss 0.02
Use of uninitialized resource in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.
- risk 0.42cvss 6.5epss 0.01
Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.
- risk 0.42cvss 6.5epss 0.02
Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.
- risk 0.42cvss 6.5epss 0.02
Exposure of sensitive information to an unauthorized actor in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.
Page 72 of 132