Microsoft Windows Server vulnerabilities

705 known vulnerabilities affecting microsoft/windows_server.

Total CVEs

705

CISA KEV

23

actively exploited

Public exploits

36

Exploited in wild

28

Severity breakdown

CRITICAL27HIGH458MEDIUM216LOW4

Vulnerabilities

Page 36 of 36

CVE-2017-11831MEDIUMCVSS 4.7PoCv17092017-11-15

CVE-2017-11831 [MEDIUM] CWE-200 CVE-2017-11831: Windows kernel in Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 SP1, Windows Windows kernel in Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016, and Windows Server, version 1709 allows an attacker to log on to an affected system, and run a specially crafted application that can compromise the user's system due t

CVE-2017-11850LOWCVSS 2.5v17092017-11-15

CVE-2017-11850 [LOW] CWE-200 CVE-2017-11850: Microsoft Graphics Component in Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, Microsoft Graphics Component in Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an attacker to log on to an affected system and run a specially crafted application due to improper handling of objects in memory, aka "Microsoft Graphics Component

CVE-2009-1133CRITICALCVSS 9.3v20032009-08-12

CVE-2009-1133 [CRITICAL] CWE-119 CVE-2009-1133: Heap-based buffer overflow in Microsoft Remote Desktop Connection (formerly Terminal Services Client Heap-based buffer overflow in Microsoft Remote Desktop Connection (formerly Terminal Services Client) running RDP 5.0 through 6.1 on Windows, and Remote Desktop Connection Client for Mac 2.0, allows remote attackers to execute arbitrary code via unspecified parameters, aka "Remote Desktop Connection Heap Overflow Vulnerability."

CVE-2009-0568CRITICALCVSS 10.0v20082009-06-10

CVE-2009-0568 [CRITICAL] CWE-264 CVE-2009-0568: The RPC Marshalling Engine (aka NDR) in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, The RPC Marshalling Engine (aka NDR) in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 SP2 does not properly maintain its internal state, which allows remote attackers to overwrite arbitrary memory locations via a crafted RPC message that triggers incorrect pointer reading, related to "IDL inte

CVE-2009-0230CRITICALCVSS 9.0v20082009-06-10

CVE-2009-0230 [CRITICAL] CWE-264 CVE-2009-0230: The Windows Print Spooler in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold The Windows Print Spooler in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 SP2 allows remote authenticated users to gain privileges via a crafted RPC message that triggers loading of a DLL file from an arbitrary directory, aka "Print Spooler Load Library Vulnerability."

← Previous36 / 36