VYPR

Windows Server 2003

by Microsoft

Source repositories

CVEs (4,742)

  • CVE-2018-0959HigMay 9, 2018
    risk 0.50cvss 7.6epss 0.09

    A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system, aka "Hyper-V Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows…

  • CVE-2018-0956HigApr 12, 2018
    risk 0.50cvss 7.5epss 0.14

    A denial of service vulnerability exists in the HTTP 2.0 protocol stack (HTTP.sys) when HTTP.sys improperly parses specially crafted HTTP 2.0 requests, aka "HTTP.sys Denial of Service Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers.

  • CVE-2001-1452HigAug 31, 2001
    risk 0.50cvss 7.5epss 0.09

    By default, DNS servers on Windows NT 4.0 and Windows 2000 Server cache glue records received from non-delegated name servers, which allows remote attackers to poison the DNS cache via spoofed DNS responses.

  • CVE-2026-48563HigJun 9, 2026
    risk 0.49cvss 7.5epss 0.01

    Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network.

  • CVE-2026-47654HigJun 9, 2026
    risk 0.49cvss 7.5epss 0.01

    Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network.

  • CVE-2026-44801HigJun 9, 2026
    risk 0.49cvss 7.5epss 0.00

    Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network.

  • CVE-2026-42993HigJun 9, 2026
    risk 0.49cvss 7.5epss 0.00

    Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network.

  • CVE-2026-42992HigJun 9, 2026
    risk 0.49cvss 7.5epss 0.00

    Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network.

  • CVE-2026-42909HigJun 9, 2026
    risk 0.49cvss 7.5epss 0.00

    Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network.

  • CVE-2026-40406HigMay 12, 2026
    risk 0.49cvss 7.5epss 0.01

    Use after free in Windows TCP/IP allows an unauthorized attacker to disclose information over a network.

  • CVE-2026-35424HigMay 12, 2026
    risk 0.49cvss 7.5epss 0.01

    Missing release of memory after effective lifetime in Windows Internet Key Exchange (IKE) Protocol allows an unauthorized attacker to deny service over a network.

  • CVE-2026-33096HigApr 14, 2026
    risk 0.49cvss 7.5epss 0.01

    Out-of-bounds read in Windows HTTP.sys allows an unauthorized attacker to deny service over a network.

  • CVE-2026-32071HigApr 14, 2026
    risk 0.49cvss 7.5epss 0.01

    Null pointer dereference in Windows Local Security Authority Subsystem Service (LSASS) allows an unauthorized attacker to deny service over a network.

  • CVE-2026-26154HigApr 14, 2026
    risk 0.49cvss 7.5epss 0.01

    Improper input validation in Windows Server Update Service allows an unauthorized attacker to perform tampering over a network.

  • CVE-2026-20921HigJan 13, 2026
    risk 0.49cvss 7.5epss 0.01

    Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SMB Server allows an authorized attacker to elevate privileges over a network.

  • CVE-2025-60704HigNov 11, 2025
    risk 0.49cvss 7.5epss 0.00

    Missing cryptographic step in Windows Kerberos allows an unauthorized attacker to elevate privileges over a network.

  • CVE-2025-59502HigOct 14, 2025
    risk 0.49cvss 7.5epss 0.01

    Uncontrolled resource consumption in Windows Remote Procedure Call allows an unauthorized attacker to deny service over a network.

  • CVE-2025-58726HigOct 14, 2025
    risk 0.49cvss 7.5epss 0.01

    Improper access control in Windows SMB Server allows an authorized attacker to elevate privileges over a network.

  • CVE-2025-55326HigOct 14, 2025
    risk 0.49cvss 7.5epss 0.01

    Use after free in Connected Devices Platform Service (Cdpsvc) allows an unauthorized attacker to execute code over a network.

  • CVE-2025-54919HigSep 9, 2025
    risk 0.49cvss 7.5epss 0.00

    Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Win32K - GRFX allows an authorized attacker to execute code locally.

Page 111 of 238