CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  Take a third party risk management course for FREE
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Microsoft » Windows Server 2008 » R2 SP1 * * : Security Vulnerabilities

Cpe Name:cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:*:*
CVSS Scores Greater Than: 0   1   2   3   4   5   6   7   8   9  
Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2022-30190 Exec Code 2022-06-01 2022-06-07
9.3
 None Remote Medium Not required Complete Complete Complete
Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability.
2 CVE-2022-24503 668 2022-03-09 2022-05-23
5.0
 None Remote Low Not required Partial None None
Remote Desktop Protocol Client Information Disclosure Vulnerability.
3 CVE-2022-24502 Bypass 2022-03-09 2022-05-23
4.3
 None Remote Medium Not required Partial None None
Windows HTML Platforms Security Feature Bypass Vulnerability.
4 CVE-2022-23283 362 2022-03-09 2022-05-23
4.4
 None Local Medium Not required Partial Partial Partial
Windows ALPC Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-23287, CVE-2022-24505.
5 CVE-2022-23253 DoS 2022-03-09 2022-05-23
4.0
 None Remote Low ??? None None Partial
Point-to-Point Tunneling Protocol Denial of Service Vulnerability.
6 CVE-2021-1656 2021-01-12 2021-01-19
2.1
 None Local Low Not required Partial None None
TPM Device Driver Information Disclosure Vulnerability
7 CVE-2020-17088 269 2020-11-11 2021-07-21
4.6
 None Local Low Not required Partial Partial Partial
Windows Common Log File System Driver Elevation of Privilege Vulnerability
8 CVE-2020-17051 Exec Code 2020-11-11 2020-11-23
10.0
 None Remote Low Not required Complete Complete Complete
Windows Network File System Remote Code Execution Vulnerability
9 CVE-2020-17047 DoS 2020-11-11 2020-11-19
7.8
 None Remote Low Not required None None Complete
Windows Network File System Denial of Service Vulnerability
10 CVE-2020-17045 200 +Info 2020-11-11 2021-07-21
4.9
 None Local Low Not required Complete None None
Windows KernelStream Information Disclosure Vulnerability
11 CVE-2020-17042 Exec Code 2020-11-11 2020-11-19
9.3
 None Remote Medium Not required Complete Complete Complete
Windows Print Spooler Remote Code Execution Vulnerability
12 CVE-2020-17038 269 2020-11-11 2021-07-21
7.2
 None Local Low Not required Complete Complete Complete
Win32k Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17010.
13 CVE-2020-17036 200 +Info 2020-11-11 2021-07-21
4.9
 None Local Low Not required Complete None None
Windows Function Discovery SSDP Provider Information Disclosure Vulnerability
14 CVE-2020-17029 200 +Info 2020-11-11 2021-07-21
4.9
 None Local Low Not required Complete None None
Windows Canonical Display Driver Information Disclosure Vulnerability
15 CVE-2020-16902 269 2020-10-16 2020-10-27
7.2
 None Local Low Not required Complete Complete Complete
An elevation of privilege vulnerability exists in the Windows Installer when the Windows Installer fails to properly sanitize input leading to an insecure library loading behavior.A locally authenticated attacker could run arbitrary code with elevated system privileges, aka 'Windows Installer Elevation of Privilege Vulnerability'.
16 CVE-2020-16900 269 +Priv 2020-10-16 2021-07-21
4.6
 None Local Low Not required Partial Partial Partial
An elevation of privilege vulnerability exists when the Windows Event System improperly handles objects in memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows Event System Elevation of Privilege Vulnerability'.
17 CVE-2020-1584 269 2020-08-17 2021-07-21
7.2
 None Local Low Not required Complete Complete Complete
An elevation of privilege vulnerability exists in the way that the dnsrslvr.dll handles objects in memory, aka 'Windows dnsrslvr.dll Elevation of Privilege Vulnerability'.
18 CVE-2020-1437 269 2020-07-14 2021-07-21
4.6
 None Local Low Not required Partial Partial Partial
An elevation of privilege vulnerability exists in the way that the Windows Network Location Awareness Service handles objects in memory, aka 'Windows Network Location Awareness Service Elevation of Privilege Vulnerability'.
19 CVE-2020-1436 787 Exec Code 2020-07-14 2022-05-03
6.8
 None Remote Medium Not required Partial Partial Partial
A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted fonts.For all systems except Windows 10, an attacker who successfully exploited the vulnerability could execute code remotely, aka 'Windows Font Library Remote Code Execution Vulnerability'.
20 CVE-2020-1435 119 Exec Code Overflow 2020-07-14 2021-07-21
9.3
 None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory, aka 'GDI+ Remote Code Execution Vulnerability'.
21 CVE-2020-0907 119 Exec Code Overflow 2020-04-15 2021-07-21
9.3
 None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability exists in the way that Microsoft Graphics Components handle objects in memory, aka 'Microsoft Graphics Components Remote Code Execution Vulnerability'.
22 CVE-2020-0774 200 +Info 2020-03-12 2021-07-21
4.3
 None Remote Medium Not required Partial None None
An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-0874, CVE-2020-0879, CVE-2020-0880, CVE-2020-0882.
23 CVE-2020-0645 20 2020-03-12 2021-07-21
5.0
 None Remote Low Not required None Partial None
A tampering vulnerability exists when Microsoft IIS Server improperly handles malformed request headers, aka 'Microsoft IIS Server Tampering Vulnerability'.
24 CVE-2019-1339 59 2019-10-10 2020-08-24
7.2
 None Local Low Not required Complete Complete Complete
An elevation of privilege vulnerability exists when Windows Error Reporting manager improperly handles hard links, aka 'Windows Error Reporting Manager Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1315, CVE-2019-1342.
25 CVE-2019-1178 2019-08-14 2020-08-24
4.6
 None Local Low Not required Partial Partial Partial
An elevation of privilege vulnerability exists in the way that the ssdpsrv.dll handles objects in memory, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1173, CVE-2019-1174, CVE-2019-1175, CVE-2019-1177, CVE-2019-1179, CVE-2019-1180, CVE-2019-1184, CVE-2019-1186.
26 CVE-2019-1152 787 Exec Code 2019-08-14 2020-08-24
9.3
 None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts, aka 'Microsoft Graphics Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1144, CVE-2019-1145, CVE-2019-1149, CVE-2019-1150, CVE-2019-1151.
27 CVE-2019-1151 787 Exec Code 2019-08-14 2020-08-24
9.3
 None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts, aka 'Microsoft Graphics Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1144, CVE-2019-1145, CVE-2019-1149, CVE-2019-1150, CVE-2019-1152.
28 CVE-2019-1150 787 Exec Code 2019-08-14 2020-08-24
9.3
 None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts, aka 'Microsoft Graphics Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1144, CVE-2019-1145, CVE-2019-1149, CVE-2019-1151, CVE-2019-1152.
29 CVE-2019-1149 787 Exec Code 2019-08-14 2020-08-24
9.3
 None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts, aka 'Microsoft Graphics Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1144, CVE-2019-1145, CVE-2019-1150, CVE-2019-1151, CVE-2019-1152.
30 CVE-2019-1145 119 Exec Code Overflow 2019-08-14 2020-08-24
9.3
 None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts, aka 'Microsoft Graphics Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1144, CVE-2019-1149, CVE-2019-1150, CVE-2019-1151, CVE-2019-1152.
31 CVE-2019-1144 415 Exec Code 2019-08-14 2020-08-24
9.3
 None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts, aka 'Microsoft Graphics Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1145, CVE-2019-1149, CVE-2019-1150, CVE-2019-1151, CVE-2019-1152.
32 CVE-2019-0636 2019-03-05 2020-08-24
2.1
 None Local Low Not required Partial None None
An information vulnerability exists when Windows improperly discloses file information, aka 'Windows Information Disclosure Vulnerability'.
33 CVE-2019-0633 19 Exec Code 2019-03-05 2019-03-07
9.0
 None Remote Low ??? Complete Complete Complete
A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 2.0 (SMBv2) server handles certain requests, aka 'Windows SMB Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0630.
34 CVE-2019-0630 19 Exec Code 2019-03-05 2019-03-07
9.0
 None Remote Low ??? Complete Complete Complete
A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 2.0 (SMBv2) server handles certain requests, aka 'Windows SMB Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0633.
35 CVE-2019-0569 2019-01-08 2020-08-24
2.1
 None Local Low Not required Partial None None
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2019-0536, CVE-2019-0549, CVE-2019-0554.
36 CVE-2019-0554 2019-01-08 2020-08-24
2.1
 None Local Low Not required Partial None None
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2019-0536, CVE-2019-0549, CVE-2019-0569.
37 CVE-2019-0536 2019-01-08 2020-08-24
2.1
 None Local Low Not required Partial None None
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2019-0549, CVE-2019-0554, CVE-2019-0569.
38 CVE-2018-8563 2018-11-14 2020-08-24
2.1
 None Local Low Not required Partial None None
An information disclosure vulnerability exists when DirectX improperly handles objects in memory, aka "DirectX Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2012, Windows 8.1, Windows Server 2008 R2.
39 CVE-2018-8494 611 Exec Code 2018-10-10 2018-11-28
9.3
 None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability exists when the Microsoft XML Core Services MSXML parser processes user input, aka "MS XML Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.
40 CVE-2018-8486 2018-10-10 2020-08-24
2.1
 None Local Low Not required Partial None None
An information disclosure vulnerability exists when DirectX improperly handles objects in memory, aka "DirectX Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.
41 CVE-2018-8482 2018-10-10 2020-08-24
2.6
 None Remote High Not required Partial None None
An information disclosure vulnerability exists when Windows Media Player improperly discloses file information, aka "Windows Media Player Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-8481.
42 CVE-2018-8481 2018-10-10 2020-08-24
2.6
 None Remote High Not required Partial None None
An information disclosure vulnerability exists when Windows Media Player improperly discloses file information, aka "Windows Media Player Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-8482.
43 CVE-2018-8475 Exec Code 2018-09-13 2020-08-24
6.8
 None Remote Medium Not required Partial Partial Partial
A remote code execution vulnerability exists when Windows does not properly handle specially crafted image files, aka "Windows Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.
44 CVE-2018-8468 2018-09-13 2019-10-03
4.3
 None Remote Medium Not required None Partial None
An elevation of privilege vulnerability exists when Windows, allowing a sandbox escape, aka "Windows Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.
45 CVE-2018-8453 404 2018-10-10 2019-10-03
7.2
 None Local Low Not required Complete Complete Complete
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.
46 CVE-2018-8446 200 +Info 2018-09-13 2018-11-19
2.1
 None Local Low Not required Partial None None
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-8336, CVE-2018-8419, CVE-2018-8442, CVE-2018-8443, CVE-2018-8445.
47 CVE-2018-8443 200 +Info 2018-09-13 2018-11-02
2.1
 None Local Low Not required Partial None None
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-8336, CVE-2018-8419, CVE-2018-8442, CVE-2018-8445, CVE-2018-8446.
48 CVE-2018-8442 200 +Info 2018-09-13 2018-11-02
2.1
 None Local Low Not required Partial None None
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-8336, CVE-2018-8419, CVE-2018-8443, CVE-2018-8445, CVE-2018-8446.
49 CVE-2018-8440 2018-09-13 2019-10-03
7.2
 None Local Low Not required Complete Complete Complete
An elevation of privilege vulnerability exists when Windows improperly handles calls to Advanced Local Procedure Call (ALPC), aka "Windows ALPC Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.
50 CVE-2018-8433 200 +Info 2018-09-13 2018-11-20
1.9
 None Local Medium Not required Partial None None
An information disclosure vulnerability exists when the Windows Graphics component improperly handles objects in memory, aka "Microsoft Graphics Component Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.
Total number of vulnerabilities : 481   Page : 1 (This Page)2 3 4 5 6 7 8 9 10
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.