VYPR

Windows Server 2003

by Microsoft

Source repositories

CVEs (4,745)

  • CVE-2025-21337LowFeb 11, 2025
    risk 0.21cvss 3.3epss 0.01

    Windows NTFS Elevation of Privilege Vulnerability

  • CVE-2023-21759LowJan 10, 2023
    risk 0.21cvss 3.3epss 0.01

    Windows Smart Card Resource Management Server Security Feature Bypass Vulnerability

  • CVE-2022-38022LowOct 11, 2022
    risk 0.21cvss 3.3epss 0.01

    Windows Kernel Elevation of Privilege Vulnerability

  • CVE-2018-8482LowOct 10, 2018
    risk 0.21cvss 3.1epss 0.05

    An information disclosure vulnerability exists when Windows Media Player improperly discloses file information, aka "Windows Media Player Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server…

  • CVE-2018-8481LowOct 10, 2018
    risk 0.21cvss 3.1epss 0.05

    An information disclosure vulnerability exists when Windows Media Player improperly discloses file information, aka "Windows Media Player Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server…

  • CVE-2025-21312LowJan 14, 2025
    risk 0.16cvss 2.4epss 0.01

    Windows Smart Card Reader Information Disclosure Vulnerability

  • CVE-2017-11850LowNov 15, 2017
    risk 0.16cvss 2.5epss 0.03

    Microsoft Graphics Component in Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an attacker to log on to an affected system and run a specially crafted application due to…

  • CVE-2025-62215KEVNov 11, 2025
    risk 0.15cvss epss 0.06

    Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Kernel allows an authorized attacker to elevate privileges locally.

  • CVE-2026-21513KEVFeb 10, 2026
    risk 0.14cvss epss 0.15

    Protection mechanism failure in MSHTML Framework allows an unauthorized attacker to bypass a security feature over a network.

  • CVE-2026-21533KEVFeb 10, 2026
    risk 0.14cvss epss 0.04

    Improper privilege management in Windows Remote Desktop allows an authorized attacker to elevate privileges locally.

  • CVE-2026-21525KEVFeb 10, 2026
    risk 0.13cvss epss 0.05

    Null pointer dereference in Windows Remote Access Connection Manager allows an unauthorized attacker to deny service locally.

  • CVE-2026-21510KEVFeb 10, 2026
    risk 0.12cvss epss 0.26

    Protection mechanism failure in Windows Shell allows an unauthorized attacker to bypass a security feature over a network.

  • CVE-2026-21519KEVFeb 10, 2026
    risk 0.12cvss epss 0.02

    Access of resource using incompatible type ('type confusion') in Desktop Window Manager allows an authorized attacker to elevate privileges locally.

  • CVE-2026-20805KEVJan 13, 2026
    risk 0.12cvss epss 0.05

    Exposure of sensitive information to an unauthorized actor in Desktop Windows Manager allows an authorized attacker to disclose information locally.

  • CVE-2025-62221KEVDec 9, 2025
    risk 0.12cvss epss 0.02

    Use after free in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally.

  • CVE-2025-59230KEVOct 14, 2025
    risk 0.12cvss epss 0.03

    Improper access control in Windows Remote Access Connection Manager allows an authorized attacker to elevate privileges locally.

  • CVE-2025-24990KEVOct 14, 2025
    risk 0.12cvss epss 0.06

    Microsoft is aware of vulnerabilities in the third party Agere Modem driver that ships natively with supported Windows operating systems. This is an announcement of the upcoming removal of ltmdm64.sys driver. The driver has been removed in the October cumulative update. Fax…

  • CVE-2003-0352Aug 18, 2003
    risk 0.11cvss epss 0.99

    Buffer overflow in a certain DCOM interface for RPC in Microsoft Windows NT 4.0, 2000, XP, and Server 2003 allows remote attackers to execute arbitrary code via a malformed message, as exploited by the Blaster/MSblast/LovSAN and Nachi/Welchia worms.

  • CVE-2010-0483Mar 3, 2010
    risk 0.10cvss epss 0.86

    vbscript.dll in VBScript 5.1, 5.6, 5.7, and 5.8 in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2, when Internet Explorer is used, allows user-assisted remote attackers to execute arbitrary code by referencing a (1) local pathname, (2) UNC share pathname, or (3)…

  • CVE-2006-3439Aug 9, 2006
    risk 0.10cvss epss 0.84

    Buffer overflow in the Server Service in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 SP1 allows remote attackers, including anonymous users, to execute arbitrary code via a crafted RPC message, a different vulnerability than CVE-2006-1314.

Page 181 of 238