Windows Server 2003
by Microsoft
Source repositories
CVEs (4,760)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-0176 | Hig | 0.56 | 8.1 | 0.46 | Jun 22, 2017 | A buffer overflow in Smart Card authentication code in gpkcsp.dll in Microsoft Windows XP through SP3 and Server 2003 through SP2 allows a remote attacker to execute arbitrary code on the target computer, provided that the computer is joined in a Windows domain and has Remote… | ||
| CVE-2013-3894 | Hig | 0.56 | 8.1 | 0.43 | Oct 9, 2013 | The kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allow remote attackers to execute arbitrary code via a crafted CMAP table in… | ||
| CVE-2026-45641 | Hig | 0.55 | 8.4 | 0.00 | Jun 9, 2026 | Out-of-bounds read in Windows Hyper-V allows an unauthorized attacker to execute code locally. | ||
| CVE-2026-45607 | Hig | 0.55 | 8.4 | 0.00 | Jun 9, 2026 | Out-of-bounds read in Windows Hyper-V allows an unauthorized attacker to execute code locally. | ||
| CVE-2026-44810 | Hig | 0.55 | 8.4 | 0.00 | Jun 9, 2026 | Improper authentication in Windows Cryptographic Services allows an unauthorized attacker to elevate privileges locally. | ||
| CVE-2026-32162 | Hig | 0.55 | 8.4 | 0.02 | Apr 14, 2026 | Acceptance of extraneous untrusted data with trusted data in Windows COM allows an unauthorized attacker to elevate privileges locally. | ||
| CVE-2026-32091 | Hig | 0.55 | 8.4 | 0.00 | Apr 14, 2026 | Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Brokering File System allows an unauthorized attacker to elevate privileges locally. | ||
| CVE-2018-8490 | Hig | 0.55 | 8.4 | 0.04 | Oct 10, 2018 | A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system, aka "Windows Hyper-V Remote Code Execution Vulnerability." This affects Windows Server 2016, Windows 10,… | ||
| CVE-2018-8489 | Hig | 0.55 | 8.4 | 0.04 | Oct 10, 2018 | A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system, aka "Windows Hyper-V Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2,… | ||
| CVE-2018-8439 | Hig | 0.55 | 8.4 | 0.04 | Sep 13, 2018 | A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system, aka "Windows Hyper-V Remote Code Execution Vulnerability." This affects Windows Server 2012 R2, Windows RT… | ||
| CVE-2018-0965 | Hig | 0.55 | 8.4 | 0.05 | Sep 13, 2018 | A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system, aka "Windows Hyper-V Remote Code Execution Vulnerability." This affects Windows Server 2016, Windows 10,… | ||
| CVE-2017-8461 | Hig | 0.55 | 7.8 | 0.21 | Jun 15, 2017 | Windows RPC with Routing and Remote Access enabled in Windows XP and Windows Server 2003 allows an attacker to execute code on a targeted RPC server which has Routing and Remote Access enabled via a specially crafted application, aka "Windows RPC Remote Code Execution… | ||
| CVE-2013-1340 | Hig | 0.55 | 8.4 | 0.02 | Jul 10, 2013 | win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT does not properly handle objects in memory, which allows local… | ||
| CVE-2012-1867 | Hig | 0.55 | 8.4 | 0.01 | Jun 12, 2012 | Integer overflow in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted TrueType font file… | ||
| CVE-2012-0157 | Hig | 0.55 | 8.4 | 0.01 | Mar 13, 2012 | win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly handle window messaging, which allows local users to gain privileges via a… | ||
| CVE-2011-1881 | Hig | 0.55 | 8.4 | 0.01 | Jul 13, 2011 | win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that triggers… | ||
| CVE-2011-1282 | Hig | 0.55 | 8.4 | 0.02 | Jul 13, 2011 | The Client/Server Run-time Subsystem (aka CSRSS) in the Win32 subsystem in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly initialize memory and… | ||
| CVE-2011-1231 | Hig | 0.55 | 8.4 | 0.01 | Apr 13, 2011 | win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that triggers… | ||
| CVE-2011-0671 | Hig | 0.55 | 8.4 | 0.01 | Apr 13, 2011 | Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a… | ||
| CVE-2010-3941 | Hig | 0.55 | 8.4 | 0.01 | Dec 16, 2010 | Double free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold and SP2, and Windows 7 allows local users to gain privileges via a crafted application, aka… |
- risk 0.56cvss 8.1epss 0.46
A buffer overflow in Smart Card authentication code in gpkcsp.dll in Microsoft Windows XP through SP3 and Server 2003 through SP2 allows a remote attacker to execute arbitrary code on the target computer, provided that the computer is joined in a Windows domain and has Remote…
- risk 0.56cvss 8.1epss 0.43
The kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allow remote attackers to execute arbitrary code via a crafted CMAP table in…
- risk 0.55cvss 8.4epss 0.00
Out-of-bounds read in Windows Hyper-V allows an unauthorized attacker to execute code locally.
- risk 0.55cvss 8.4epss 0.00
Out-of-bounds read in Windows Hyper-V allows an unauthorized attacker to execute code locally.
- risk 0.55cvss 8.4epss 0.00
Improper authentication in Windows Cryptographic Services allows an unauthorized attacker to elevate privileges locally.
- risk 0.55cvss 8.4epss 0.02
Acceptance of extraneous untrusted data with trusted data in Windows COM allows an unauthorized attacker to elevate privileges locally.
- risk 0.55cvss 8.4epss 0.00
Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Brokering File System allows an unauthorized attacker to elevate privileges locally.
- risk 0.55cvss 8.4epss 0.04
A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system, aka "Windows Hyper-V Remote Code Execution Vulnerability." This affects Windows Server 2016, Windows 10,…
- risk 0.55cvss 8.4epss 0.04
A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system, aka "Windows Hyper-V Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2,…
- risk 0.55cvss 8.4epss 0.04
A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system, aka "Windows Hyper-V Remote Code Execution Vulnerability." This affects Windows Server 2012 R2, Windows RT…
- risk 0.55cvss 8.4epss 0.05
A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system, aka "Windows Hyper-V Remote Code Execution Vulnerability." This affects Windows Server 2016, Windows 10,…
- risk 0.55cvss 7.8epss 0.21
Windows RPC with Routing and Remote Access enabled in Windows XP and Windows Server 2003 allows an attacker to execute code on a targeted RPC server which has Routing and Remote Access enabled via a specially crafted application, aka "Windows RPC Remote Code Execution…
- risk 0.55cvss 8.4epss 0.02
win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT does not properly handle objects in memory, which allows local…
- risk 0.55cvss 8.4epss 0.01
Integer overflow in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted TrueType font file…
- risk 0.55cvss 8.4epss 0.01
win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly handle window messaging, which allows local users to gain privileges via a…
- risk 0.55cvss 8.4epss 0.01
win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that triggers…
- risk 0.55cvss 8.4epss 0.02
The Client/Server Run-time Subsystem (aka CSRSS) in the Win32 subsystem in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 does not properly initialize memory and…
- risk 0.55cvss 8.4epss 0.01
win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that triggers…
- risk 0.55cvss 8.4epss 0.01
Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a…
- risk 0.55cvss 8.4epss 0.01
Double free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold and SP2, and Windows 7 allows local users to gain privileges via a crafted application, aka…
Page 5 of 238