Microsoft Windows Server 2008 R2 vulnerabilities
125 known vulnerabilities affecting microsoft/windows_server_2008_r2.
Total CVEs
125
CISA KEV
7
actively exploited
Public exploits
15
Exploited in wild
12
Severity breakdown
CRITICAL1HIGH68MEDIUM54LOW2
Vulnerabilities
Page 5 of 7
CVE-2018-8398MEDIUMCVSS 6.5vItanium-Based Systems Service Pack 1vx64-based Systems Service Pack 1+1 more2018-08-15
CVE-2018-8398 [MEDIUM] CVE-2018-8398: An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka "Windows GDI Inform
An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka "Windows GDI Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows S
cvelistv5
CVE-2018-8348MEDIUMCVSS 4.7vItanium-Based Systems Service Pack 1vx64-based Systems Service Pack 1+1 more2018-08-15
CVE-2018-8348 [MEDIUM] CVE-2018-8348: An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka "Windows Kernel Information Disclosur
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Win
cvelistv5
CVE-2018-8282HIGHCVSS 7.8vItanium-Based Systems Service Pack 1vx64-based Systems Service Pack 1+1 more2018-07-11
CVE-2018-8282 [HIGH] CWE-404 CVE-2018-8282: An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails
An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Win
cvelistv5nvd
CVE-2018-8313HIGHCVSS 7.8vItanium-Based Systems Service Pack 1vx64-based Systems Service Pack 1+1 more2018-07-11
CVE-2018-8313 [HIGH] CVE-2018-8313: An elevation of privilege vulnerability exists in the way that the Windows Kernel API enforces permi
An elevation of privilege vulnerability exists in the way that the Windows Kernel API enforces permissions, aka "Windows Elevation of Privilege Vulnerability." This affects Windows Server 2012 R2, Windows RT 8.1, Windows Server 2012, Windows Server 2016, Windows 8.1, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-8314.
nvd
CVE-2018-8206HIGHCVSS 7.5vItanium-Based Systems Service Pack 1vx64-based Systems Service Pack 1+1 more2018-07-11
CVE-2018-8206 [HIGH] CVE-2018-8206: A denial of service vulnerability exists when Windows improperly handles File Transfer Protocol (FTP
A denial of service vulnerability exists when Windows improperly handles File Transfer Protocol (FTP) connections, aka "Windows FTP Server Denial of Service Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Ser
cvelistv5nvd
CVE-2018-8314HIGHCVSS 7.8vItanium-Based Systems Service Pack 1vx64-based Systems Service Pack 1+1 more2018-07-11
CVE-2018-8314 [HIGH] CVE-2018-8314: An elevation of privilege vulnerability exists when Windows fails a check, allowing a sandbox escape, aka "Windows Elevation of Privilege Vulnerabilit
An elevation of privilege vulnerability exists when Windows fails a check, allowing a sandbox escape, aka "Windows Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2008 R2, Windows 10. This
cvelistv5
CVE-2018-8304MEDIUMCVSS 5.9vItanium-Based Systems Service Pack 1vx64-based Systems Service Pack 1+1 more2018-07-11
CVE-2018-8304 [MEDIUM] CVE-2018-8304: A denial of service vulnerability exists in Windows Domain Name System (DNS) DNSAPI.dll when it fail
A denial of service vulnerability exists in Windows Domain Name System (DNS) DNSAPI.dll when it fails to properly handle DNS responses, aka "Windows DNSAPI Denial of Service Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows
cvelistv5nvd
CVE-2018-8307MEDIUMCVSS 5.3vItanium-Based Systems Service Pack 1vx64-based Systems Service Pack 1+1 more2018-07-11
CVE-2018-8307 [MEDIUM] CVE-2018-8307: A security feature bypass vulnerability exists when Microsoft WordPad improperly handles embedded OL
A security feature bypass vulnerability exists when Microsoft WordPad improperly handles embedded OLE objects, aka "WordPad Security Feature Bypass Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.
cvelistv5nvd
CVE-2018-8308MEDIUMCVSS 6.6vItanium-Based Systems Service Pack 1vx64-based Systems Service Pack 1+1 more2018-07-11
CVE-2018-8308 [MEDIUM] CWE-404 CVE-2018-8308: An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle obje
An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka "Windows Kernel Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Win
cvelistv5nvd
CVE-2018-8309MEDIUMCVSS 5.5vItanium-Based Systems Service Pack 1vx64-based Systems Service Pack 1+1 more2018-07-11
CVE-2018-8309 [MEDIUM] CVE-2018-8309: A denial of service vulnerability exists when Windows improperly handles objects in memory, aka "Win
A denial of service vulnerability exists when Windows improperly handles objects in memory, aka "Windows Denial of Service Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.
cvelistv5nvd
CVE-2018-8225HIGHCVSS 8.1vItanium-Based Systems Service Pack 1vx64-based Systems Service Pack 1+1 more2018-06-14
CVE-2018-8225 [HIGH] CVE-2018-8225: A remote code execution vulnerability exists in Windows Domain Name System (DNS) DNSAPI.dll when it
A remote code execution vulnerability exists in Windows Domain Name System (DNS) DNSAPI.dll when it fails to properly handle DNS responses, aka "Windows DNSAPI Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Wi
cvelistv5nvd
CVE-2018-1036HIGHCVSS 7.0vItanium-Based Systems Service Pack 1vx64-based Systems Service Pack 1+1 more2018-06-14
CVE-2018-1036 [HIGH] CWE-732 CVE-2018-1036: An elevation of privilege vulnerability exists when NTFS improperly checks access, aka "NTFS Elevati
An elevation of privilege vulnerability exists when NTFS improperly checks access, aka "NTFS Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.
cvelistv5nvd
CVE-2018-8224HIGHCVSS 7.0vItanium-Based Systems Service Pack 1vx64-based Systems Service Pack 1+1 more2018-06-14
CVE-2018-8224 [HIGH] CWE-404 CVE-2018-8224: An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle obje
An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka "Windows Kernel Elevation of Privilege Vulnerability." This affects Windows Server 2008, Windows 7, Windows Server 2008 R2.
cvelistv5nvd
CVE-2018-8251HIGHCVSS 7.5vItanium-Based Systems Service Pack 1vx64-based Systems Service Pack 1+1 more2018-06-14
CVE-2018-8251 [HIGH] CWE-787 CVE-2018-8251: A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in
A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory, aka "Media Foundation Memory Corruption Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.
cvelistv5nvd
CVE-2018-8169HIGHCVSS 7.0vItanium-Based Systems Service Pack 1vx64-based Systems Service Pack 1+1 more2018-06-14
CVE-2018-8169 [HIGH] CWE-404 CVE-2018-8169: An elevation of privilege vulnerability exists when the (Human Interface Device) HID Parser Library
An elevation of privilege vulnerability exists when the (Human Interface Device) HID Parser Library driver improperly handles objects in memory, aka "HIDParser Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 20
cvelistv5nvd
CVE-2018-1040MEDIUMCVSS 5.3vItanium-Based Systems Service Pack 1vx64-based Systems Service Pack 1+1 more2018-06-14
CVE-2018-1040 [MEDIUM] CVE-2018-1040: A denial of service vulnerability exists in the way that the Windows Code Integrity Module performs
A denial of service vulnerability exists in the way that the Windows Code Integrity Module performs hashing, aka "Windows Code Integrity Module Denial of Service Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows
cvelistv5nvd
CVE-2018-8205MEDIUMCVSS 5.5vItanium-Based Systems Service Pack 1vx64-based Systems Service Pack 1+1 more2018-06-14
CVE-2018-8205 [MEDIUM] CVE-2018-8205: A denial of service vulnerability exists when Windows improperly handles objects in memory, aka "Win
A denial of service vulnerability exists when Windows improperly handles objects in memory, aka "Windows Denial of Service Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.
cvelistv5nvd
CVE-2018-8121MEDIUMCVSS 4.7vItanium-Based Systems Service Pack 1vx64-based Systems Service Pack 1+1 more2018-06-14
CVE-2018-8121 [MEDIUM] CWE-665 CVE-2018-8121: An information disclosure vulnerability exists when the Windows kernel improperly initializes object
An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 10 Servers, Windows 10. This CVE ID is unique from CVE-2018-8207.
nvd
CVE-2018-8207MEDIUMCVSS 4.7vItanium-Based Systems Service Pack 1vx64-based Systems Service Pack 1+1 more2018-06-14
CVE-2018-8207 [MEDIUM] CVE-2018-8207: An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka "Windows Kernel Information Disclosur
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Win
cvelistv5
CVE-2018-8136HIGHCVSS 7.8vItanium-Based Systems Service Pack 1vx64-based Systems Service Pack 1+1 more2018-05-09
CVE-2018-8136 [HIGH] CVE-2018-8136: A remote code execution vulnerability exists in the way that Windows handles objects in memory, aka
A remote code execution vulnerability exists in the way that Windows handles objects in memory, aka "Windows Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.
cvelistv5nvd