Windows Server 2008
by Microsoft
CVEs (2,627)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2008-1454 | 0.03 | — | 0.34 | Jul 8, 2008 | Unspecified vulnerability in Microsoft DNS in Windows 2000 SP4, Server 2003 SP1 and SP2, and Server 2008 allows remote attackers to conduct cache poisoning attacks via unknown vectors related to accepting "records from a response that is outside the remote server's authority,"… | |||
| CVE-2025-53145 | 0.02 | — | 0.06 | Aug 12, 2025 | Access of resource using incompatible type ('type confusion') in Windows Message Queuing allows an authorized attacker to execute code over a network. | |||
| CVE-2025-53144 | 0.02 | — | 0.06 | Aug 12, 2025 | Access of resource using incompatible type ('type confusion') in Windows Message Queuing allows an authorized attacker to execute code over a network. | |||
| CVE-2025-27473 | 0.02 | — | 0.02 | Apr 8, 2025 | Uncontrolled resource consumption in Windows HTTP.sys allows an unauthorized attacker to deny service over a network. | |||
| CVE-2025-21277 | 0.02 | — | 0.38 | Jan 14, 2025 | Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability | |||
| CVE-2024-43454 | 0.02 | — | 0.21 | Sep 10, 2024 | Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability | |||
| CVE-2024-38071 | 0.02 | — | 0.36 | Jul 9, 2024 | Windows Remote Desktop Licensing Service Denial of Service Vulnerability | |||
| CVE-2024-30090 | 0.02 | — | 0.02 | Jun 11, 2024 | Microsoft Streaming Service Elevation of Privilege Vulnerability | |||
| CVE-2024-30078 | 0.02 | — | 0.05 | Jun 11, 2024 | Windows Wi-Fi Driver Remote Code Execution Vulnerability | |||
| CVE-2015-6130 | 0.02 | — | 0.21 | Dec 9, 2015 | Integer underflow in Uniscribe in Microsoft Windows 7 SP1 and Windows Server 2008 R2 SP1 allows remote attackers to execute arbitrary code via a crafted font, aka "Windows Integer Underflow Vulnerability." | |||
| CVE-2015-6125 | 0.02 | — | 0.30 | Dec 9, 2015 | Use-after-free vulnerability in the DNS server in Microsoft Windows Server 2008 SP2 and R2 SP1 and Server 2012 Gold and R2 allows remote attackers to execute arbitrary code via crafted requests, aka "Windows DNS Use After Free Vulnerability." | |||
| CVE-2015-6108 | 0.02 | — | 0.26 | Dec 9, 2015 | The Windows font library in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT Gold and 8.1; Office 2007 SP3; Office 2010 SP2; Word Viewer; .NET Framework 3.0 SP2, 3.5, 3.5.1, 4,… | |||
| CVE-2015-6097 | 0.02 | — | 0.21 | Nov 11, 2015 | Heap-based buffer overflow in Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to execute arbitrary code via a crafted Journal (.jnt) file, aka "Windows Journal Heap Overflow Vulnerability." | |||
| CVE-2015-2515 | 0.02 | — | 0.29 | Oct 14, 2015 | Use-after-free vulnerability in Windows Shell in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows remote attackers to execute arbitrary code via… | |||
| CVE-2015-2513 | 0.02 | — | 0.19 | Sep 9, 2015 | Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows remote attackers to execute arbitrary code via a crafted .jnt file, aka… | |||
| CVE-2015-2474 | 0.02 | — | 0.31 | Aug 15, 2015 | Microsoft Windows Vista SP2 and Server 2008 SP2 allow remote authenticated users to execute arbitrary code via a crafted string in a Server Message Block (SMB) server error-logging action, aka "Server Message Block Memory Corruption Vulnerability." | |||
| CVE-2015-2473 | 0.02 | — | 0.25 | Aug 15, 2015 | Untrusted search path vulnerability in the client in Remote Desktop Protocol (RDP) through 8.1 in Microsoft Windows 7 SP1 and Windows Server 2008 R2 SP1 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory… | |||
| CVE-2015-2435 | 0.02 | — | 0.22 | Aug 15, 2015 | Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, Windows 10, Office 2007 SP3 and 2010 SP2, Live Meeting 2007 Console, Lync 2010, Lync 2010 Attendee, Lync 2013 SP1,… | |||
| CVE-2015-2423 | 0.02 | — | 0.20 | Aug 15, 2015 | Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, Windows 10, Excel 2007 SP3, PowerPoint 2007 SP3, Visio 2007 SP3, Word 2007 SP3, Office 2010 SP2, Excel 2010 SP2,… | |||
| CVE-2015-1716 | 0.02 | — | 0.21 | May 13, 2015 | Schannel in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly restrict Diffie-Hellman Ephemeral (DHE) key lengths, which… |
- CVE-2008-1454Jul 8, 2008risk 0.03cvss —epss 0.34
Unspecified vulnerability in Microsoft DNS in Windows 2000 SP4, Server 2003 SP1 and SP2, and Server 2008 allows remote attackers to conduct cache poisoning attacks via unknown vectors related to accepting "records from a response that is outside the remote server's authority,"…
- CVE-2025-53145Aug 12, 2025risk 0.02cvss —epss 0.06
Access of resource using incompatible type ('type confusion') in Windows Message Queuing allows an authorized attacker to execute code over a network.
- CVE-2025-53144Aug 12, 2025risk 0.02cvss —epss 0.06
Access of resource using incompatible type ('type confusion') in Windows Message Queuing allows an authorized attacker to execute code over a network.
- CVE-2025-27473Apr 8, 2025risk 0.02cvss —epss 0.02
Uncontrolled resource consumption in Windows HTTP.sys allows an unauthorized attacker to deny service over a network.
- CVE-2025-21277Jan 14, 2025risk 0.02cvss —epss 0.38
Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
- CVE-2024-43454Sep 10, 2024risk 0.02cvss —epss 0.21
Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability
- CVE-2024-38071Jul 9, 2024risk 0.02cvss —epss 0.36
Windows Remote Desktop Licensing Service Denial of Service Vulnerability
- CVE-2024-30090Jun 11, 2024risk 0.02cvss —epss 0.02
Microsoft Streaming Service Elevation of Privilege Vulnerability
- CVE-2024-30078Jun 11, 2024risk 0.02cvss —epss 0.05
Windows Wi-Fi Driver Remote Code Execution Vulnerability
- CVE-2015-6130Dec 9, 2015risk 0.02cvss —epss 0.21
Integer underflow in Uniscribe in Microsoft Windows 7 SP1 and Windows Server 2008 R2 SP1 allows remote attackers to execute arbitrary code via a crafted font, aka "Windows Integer Underflow Vulnerability."
- CVE-2015-6125Dec 9, 2015risk 0.02cvss —epss 0.30
Use-after-free vulnerability in the DNS server in Microsoft Windows Server 2008 SP2 and R2 SP1 and Server 2012 Gold and R2 allows remote attackers to execute arbitrary code via crafted requests, aka "Windows DNS Use After Free Vulnerability."
- CVE-2015-6108Dec 9, 2015risk 0.02cvss —epss 0.26
The Windows font library in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT Gold and 8.1; Office 2007 SP3; Office 2010 SP2; Word Viewer; .NET Framework 3.0 SP2, 3.5, 3.5.1, 4,…
- CVE-2015-6097Nov 11, 2015risk 0.02cvss —epss 0.21
Heap-based buffer overflow in Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows remote attackers to execute arbitrary code via a crafted Journal (.jnt) file, aka "Windows Journal Heap Overflow Vulnerability."
- CVE-2015-2515Oct 14, 2015risk 0.02cvss —epss 0.29
Use-after-free vulnerability in Windows Shell in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows remote attackers to execute arbitrary code via…
- CVE-2015-2513Sep 9, 2015risk 0.02cvss —epss 0.19
Windows Journal in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows remote attackers to execute arbitrary code via a crafted .jnt file, aka…
- CVE-2015-2474Aug 15, 2015risk 0.02cvss —epss 0.31
Microsoft Windows Vista SP2 and Server 2008 SP2 allow remote authenticated users to execute arbitrary code via a crafted string in a Server Message Block (SMB) server error-logging action, aka "Server Message Block Memory Corruption Vulnerability."
- CVE-2015-2473Aug 15, 2015risk 0.02cvss —epss 0.25
Untrusted search path vulnerability in the client in Remote Desktop Protocol (RDP) through 8.1 in Microsoft Windows 7 SP1 and Windows Server 2008 R2 SP1 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory…
- CVE-2015-2435Aug 15, 2015risk 0.02cvss —epss 0.22
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, Windows 10, Office 2007 SP3 and 2010 SP2, Live Meeting 2007 Console, Lync 2010, Lync 2010 Attendee, Lync 2013 SP1,…
- CVE-2015-2423Aug 15, 2015risk 0.02cvss —epss 0.20
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, Windows 10, Excel 2007 SP3, PowerPoint 2007 SP3, Visio 2007 SP3, Word 2007 SP3, Office 2010 SP2, Excel 2010 SP2,…
- CVE-2015-1716May 13, 2015risk 0.02cvss —epss 0.21
Schannel in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly restrict Diffie-Hellman Ephemeral (DHE) key lengths, which…
Page 81 of 132