Filtered by vendor Microsoft
Subscriptions
Filtered by product Windows Server 2008
Subscriptions
Total
3583 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2014-1812 | 1 Microsoft | 6 Windows 7, Windows 8, Windows 8.1 and 3 more | 2024-12-19 | N/A |
The Group Policy implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 does not properly handle distribution of passwords, which allows remote authenticated users to obtain sensitive credential information and consequently gain privileges by leveraging access to the SYSVOL share, as exploited in the wild in May 2014, aka "Group Policy Preferences Password Elevation of Privilege Vulnerability." | ||||
CVE-2014-1776 | 1 Microsoft | 11 Internet Explorer, Windows 7, Windows 8 and 8 more | 2024-12-19 | 9.8 Critical |
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors related to the CMarkup::IsConnectedToPrimaryMarkup function, as exploited in the wild in April 2014. NOTE: this issue originally emphasized VGX.DLL, but Microsoft clarified that "VGX.DLL does not contain the vulnerable code leveraged in this exploit. Disabling VGX.DLL is an exploit-specific workaround that provides an immediate, effective workaround to help block known attacks." | ||||
CVE-2014-0322 | 1 Microsoft | 7 Internet Explorer, Windows 7, Windows 8 and 4 more | 2024-12-19 | 8.8 High |
Use-after-free vulnerability in Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code via vectors involving crafted JavaScript code, CMarkup, and the onpropertychange attribute of a script element, as exploited in the wild in January and February 2014. | ||||
CVE-2014-2817 | 1 Microsoft | 10 Internet Explorer, Windows 7, Windows 8 and 7 more | 2024-12-19 | 8.8 High |
Microsoft Internet Explorer 6 through 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability." | ||||
CVE-2012-0151 | 1 Microsoft | 5 Windows 7, Windows Server 2003, Windows Server 2008 and 2 more | 2024-12-19 | 7.8 High |
The Authenticode Signature Verification function in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, and Windows 8 Consumer Preview does not properly validate the digest of a signed portable executable (PE) file, which allows user-assisted remote attackers to execute arbitrary code via a modified file with additional content, aka "WinVerifyTrust Signature Validation Vulnerability." | ||||
CVE-2013-3906 | 1 Microsoft | 8 Excel Viewer, Lync, Office and 5 more | 2024-12-19 | 7.8 High |
GDI+ in Microsoft Windows Vista SP2 and Server 2008 SP2; Office 2003 SP3, 2007 SP3, and 2010 SP1 and SP2; Office Compatibility Pack SP3; and Lync 2010, 2010 Attendee, 2013, and Basic 2013 allows remote attackers to execute arbitrary code via a crafted TIFF image, as demonstrated by an image in a Word document, and exploited in the wild in October and November 2013. | ||||
CVE-2013-3897 | 1 Microsoft | 10 Internet Explorer, Windows 7, Windows 8 and 7 more | 2024-12-19 | 8.8 High |
Use-after-free vulnerability in the CDisplayPointer class in mshtml.dll in Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted JavaScript code that uses the onpropertychange event handler, as exploited in the wild in September and October 2013, aka "Internet Explorer Memory Corruption Vulnerability." | ||||
CVE-2009-1123 | 1 Microsoft | 5 Windows 2000, Windows Server 2003, Windows Server 2008 and 2 more | 2024-12-19 | 7.8 High |
The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 SP2 does not properly validate changes to unspecified kernel objects, which allows local users to gain privileges via a crafted application, aka "Windows Kernel Desktop Vulnerability." | ||||
CVE-2010-2568 | 1 Microsoft | 5 Windows 7, Windows Server 2003, Windows Server 2008 and 2 more | 2024-12-19 | 7.8 High |
Windows Shell in Microsoft Windows XP SP3, Server 2003 SP2, Vista SP1 and SP2, Server 2008 SP2 and R2, and Windows 7 allows local users or remote attackers to execute arbitrary code via a crafted (1) .LNK or (2) .PIF shortcut file, which is not properly handled during icon display in Windows Explorer, as demonstrated in the wild in July 2010, and originally reported for malware that leverages CVE-2010-2772 in Siemens WinCC SCADA systems. | ||||
CVE-2023-29348 | 1 Microsoft | 5 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 2 more | 2024-12-18 | 7.5 High |
Windows Remote Desktop Gateway (RD Gateway) Information Disclosure Vulnerability | ||||
CVE-2024-35250 | 1 Microsoft | 23 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 20 more | 2024-12-17 | 7.8 High |
Windows Kernel-Mode Driver Elevation of Privilege Vulnerability | ||||
CVE-2023-36606 | 1 Microsoft | 12 Windows 10, Windows 10 1607, Windows 10 1809 and 9 more | 2024-12-12 | 7.5 High |
Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability | ||||
CVE-2023-36581 | 1 Microsoft | 12 Windows 10, Windows 10 1607, Windows 10 1809 and 9 more | 2024-12-12 | 7.5 High |
Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability | ||||
CVE-2023-36579 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2024-12-12 | 7.5 High |
Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability | ||||
CVE-2023-36431 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2024-12-12 | 7.5 High |
Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability | ||||
CVE-2024-38099 | 1 Microsoft | 6 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 3 more | 2024-12-10 | 5.9 Medium |
Windows Remote Desktop Licensing Service Denial of Service Vulnerability | ||||
CVE-2024-38081 | 1 Microsoft | 16 .net, .net Framework, Visual Studio 2022 and 13 more | 2024-12-10 | 7.3 High |
.NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability | ||||
CVE-2024-38079 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2024-12-10 | 7.8 High |
Windows Graphics Component Elevation of Privilege Vulnerability | ||||
CVE-2024-38074 | 1 Microsoft | 6 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 3 more | 2024-12-10 | 9.8 Critical |
Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability | ||||
CVE-2024-38073 | 1 Microsoft | 6 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 3 more | 2024-12-10 | 7.5 High |
Windows Remote Desktop Licensing Service Denial of Service Vulnerability |