Filtered by vendor Microsoft Subscriptions
Filtered by product Windows Server 2008 Subscriptions
Total 3583 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2014-1812 1 Microsoft 6 Windows 7, Windows 8, Windows 8.1 and 3 more 2024-12-19 N/A
The Group Policy implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 does not properly handle distribution of passwords, which allows remote authenticated users to obtain sensitive credential information and consequently gain privileges by leveraging access to the SYSVOL share, as exploited in the wild in May 2014, aka "Group Policy Preferences Password Elevation of Privilege Vulnerability."
CVE-2014-1776 1 Microsoft 11 Internet Explorer, Windows 7, Windows 8 and 8 more 2024-12-19 9.8 Critical
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors related to the CMarkup::IsConnectedToPrimaryMarkup function, as exploited in the wild in April 2014. NOTE: this issue originally emphasized VGX.DLL, but Microsoft clarified that "VGX.DLL does not contain the vulnerable code leveraged in this exploit. Disabling VGX.DLL is an exploit-specific workaround that provides an immediate, effective workaround to help block known attacks."
CVE-2014-0322 1 Microsoft 7 Internet Explorer, Windows 7, Windows 8 and 4 more 2024-12-19 8.8 High
Use-after-free vulnerability in Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code via vectors involving crafted JavaScript code, CMarkup, and the onpropertychange attribute of a script element, as exploited in the wild in January and February 2014.
CVE-2014-2817 1 Microsoft 10 Internet Explorer, Windows 7, Windows 8 and 7 more 2024-12-19 8.8 High
Microsoft Internet Explorer 6 through 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability."
CVE-2012-0151 1 Microsoft 5 Windows 7, Windows Server 2003, Windows Server 2008 and 2 more 2024-12-19 7.8 High
The Authenticode Signature Verification function in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, and Windows 8 Consumer Preview does not properly validate the digest of a signed portable executable (PE) file, which allows user-assisted remote attackers to execute arbitrary code via a modified file with additional content, aka "WinVerifyTrust Signature Validation Vulnerability."
CVE-2013-3906 1 Microsoft 8 Excel Viewer, Lync, Office and 5 more 2024-12-19 7.8 High
GDI+ in Microsoft Windows Vista SP2 and Server 2008 SP2; Office 2003 SP3, 2007 SP3, and 2010 SP1 and SP2; Office Compatibility Pack SP3; and Lync 2010, 2010 Attendee, 2013, and Basic 2013 allows remote attackers to execute arbitrary code via a crafted TIFF image, as demonstrated by an image in a Word document, and exploited in the wild in October and November 2013.
CVE-2013-3897 1 Microsoft 10 Internet Explorer, Windows 7, Windows 8 and 7 more 2024-12-19 8.8 High
Use-after-free vulnerability in the CDisplayPointer class in mshtml.dll in Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted JavaScript code that uses the onpropertychange event handler, as exploited in the wild in September and October 2013, aka "Internet Explorer Memory Corruption Vulnerability."
CVE-2009-1123 1 Microsoft 5 Windows 2000, Windows Server 2003, Windows Server 2008 and 2 more 2024-12-19 7.8 High
The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 SP2 does not properly validate changes to unspecified kernel objects, which allows local users to gain privileges via a crafted application, aka "Windows Kernel Desktop Vulnerability."
CVE-2010-2568 1 Microsoft 5 Windows 7, Windows Server 2003, Windows Server 2008 and 2 more 2024-12-19 7.8 High
Windows Shell in Microsoft Windows XP SP3, Server 2003 SP2, Vista SP1 and SP2, Server 2008 SP2 and R2, and Windows 7 allows local users or remote attackers to execute arbitrary code via a crafted (1) .LNK or (2) .PIF shortcut file, which is not properly handled during icon display in Windows Explorer, as demonstrated in the wild in July 2010, and originally reported for malware that leverages CVE-2010-2772 in Siemens WinCC SCADA systems.
CVE-2023-29348 1 Microsoft 5 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 2 more 2024-12-18 7.5 High
Windows Remote Desktop Gateway (RD Gateway) Information Disclosure Vulnerability
CVE-2024-35250 1 Microsoft 23 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 20 more 2024-12-17 7.8 High
Windows Kernel-Mode Driver Elevation of Privilege Vulnerability
CVE-2023-36606 1 Microsoft 12 Windows 10, Windows 10 1607, Windows 10 1809 and 9 more 2024-12-12 7.5 High
Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
CVE-2023-36581 1 Microsoft 12 Windows 10, Windows 10 1607, Windows 10 1809 and 9 more 2024-12-12 7.5 High
Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
CVE-2023-36579 1 Microsoft 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more 2024-12-12 7.5 High
Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
CVE-2023-36431 1 Microsoft 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more 2024-12-12 7.5 High
Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
CVE-2024-38099 1 Microsoft 6 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 3 more 2024-12-10 5.9 Medium
Windows Remote Desktop Licensing Service Denial of Service Vulnerability
CVE-2024-38081 1 Microsoft 16 .net, .net Framework, Visual Studio 2022 and 13 more 2024-12-10 7.3 High
.NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability
CVE-2024-38079 1 Microsoft 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more 2024-12-10 7.8 High
Windows Graphics Component Elevation of Privilege Vulnerability
CVE-2024-38074 1 Microsoft 6 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 3 more 2024-12-10 9.8 Critical
Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability
CVE-2024-38073 1 Microsoft 6 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 3 more 2024-12-10 7.5 High
Windows Remote Desktop Licensing Service Denial of Service Vulnerability