Microsoft Windows Server 2008 Service Pack 2 vulnerabilities

1,672 known vulnerabilities affecting microsoft/windows_server_2008_service_pack_2.

Total CVEs

1,672

CISA KEV

actively exploited

Public exploits

Exploited in wild

Severity breakdown

CRITICAL68HIGH1214MEDIUM387LOW3

Vulnerabilities

Page 16 of 84

CVE-2025-21200HIGHCVSS 8.8≥ 6.0.6003.0, < 6.0.6003.231172025-02-11

CVE-2025-21200 [HIGH] CWE-122 CVE-2025-21200: Windows Telephony Service Remote Code Execution Vulnerability Windows Telephony Service Remote Code Execution Vulnerability

nvd

CVE-2025-21371HIGHCVSS 8.8≥ 6.0.6003.0, < 6.0.6003.231172025-02-11

CVE-2025-21371 [HIGH] CWE-122 CVE-2025-21371: Windows Telephony Service Remote Code Execution Vulnerability Windows Telephony Service Remote Code Execution Vulnerability

nvd

CVE-2025-21377MEDIUMCVSS 6.5≥ 6.0.6003.0, < 6.0.6003.231172025-02-11

CVE-2025-21377 [MEDIUM] CWE-73 NTLM Hash Disclosure Spoofing Vulnerability NTLM Hash Disclosure Spoofing Vulnerability NTLM Hash Disclosure Spoofing Vulnerability

cvelistv5

CVE-2025-21350MEDIUMCVSS 5.9≥ 6.0.6003.0, < 6.0.6003.231172025-02-11

CVE-2025-21350 [MEDIUM] CWE-20 Windows Kerberos Denial of Service Vulnerability Windows Kerberos Denial of Service Vulnerability Windows Kerberos Denial of Service Vulnerability

cvelistv5

CVE-2025-21352MEDIUMCVSS 6.5≥ 6.0.6003.0, < 6.0.6003.231172025-02-11

CVE-2025-21352 [MEDIUM] CWE-400 CVE-2025-21352: Internet Connection Sharing (ICS) Denial of Service Vulnerability Internet Connection Sharing (ICS) Denial of Service Vulnerability

nvd

CVE-2025-21337LOWCVSS 3.3≥ 6.0.6003.0, < 6.0.6003.231172025-02-11

CVE-2025-21337 [LOW] CWE-284 Windows NTFS Elevation of Privilege Vulnerability Windows NTFS Elevation of Privilege Vulnerability Windows NTFS Elevation of Privilege Vulnerability

cvelistv5

CVE-2025-21298CRITICALCVSS 9.8≥ 6.0.6003.0, < 6.0.6003.230702025-01-14

CVE-2025-21298 [CRITICAL] CWE-416 Windows OLE Remote Code Execution Vulnerability Windows OLE Remote Code Execution Vulnerability Windows OLE Remote Code Execution Vulnerability

cvelistv5

CVE-2025-21307CRITICALCVSS 9.8≥ 6.0.6003.0, < 6.0.6003.230702025-01-14

CVE-2025-21307 [CRITICAL] CWE-416 CVE-2025-21307: Windows Reliable Multicast Transport Driver (RMCAST) Remote Code Execution Vulnerability Windows Reliable Multicast Transport Driver (RMCAST) Remote Code Execution Vulnerability

nvd

CVE-2025-21300HIGHCVSS 7.5≥ 6.0.6003.0, < 6.0.6003.230702025-01-14

CVE-2025-21300 [HIGH] CWE-400 CVE-2025-21300: Windows Universal Plug and Play (UPnP) Device Host Denial of Service Vulnerability Windows Universal Plug and Play (UPnP) Device Host Denial of Service Vulnerability

nvd

CVE-2025-21409HIGHCVSS 8.8≥ 6.0.6003.0, < 6.0.6003.230702025-01-14

CVE-2025-21409 [HIGH] CWE-122 CVE-2025-21409: Windows Telephony Service Remote Code Execution Vulnerability Windows Telephony Service Remote Code Execution Vulnerability

nvd

CVE-2025-21339HIGHCVSS 8.8≥ 6.0.6003.0, < 6.0.6003.230702025-01-14

CVE-2025-21339 [HIGH] CWE-122 CVE-2025-21339: Windows Telephony Service Remote Code Execution Vulnerability Windows Telephony Service Remote Code Execution Vulnerability

nvd

CVE-2025-21417HIGHCVSS 8.8≥ 6.0.6003.0, < 6.0.6003.230702025-01-14

CVE-2025-21417 [HIGH] CWE-122 CVE-2025-21417: Windows Telephony Service Remote Code Execution Vulnerability Windows Telephony Service Remote Code Execution Vulnerability

nvd

CVE-2025-21286HIGHCVSS 8.8≥ 6.0.6003.0, < 6.0.6003.230702025-01-14

CVE-2025-21286 [HIGH] CWE-122 CVE-2025-21286: Windows Telephony Service Remote Code Execution Vulnerability Windows Telephony Service Remote Code Execution Vulnerability

nvd

CVE-2025-21303HIGHCVSS 8.8≥ 6.0.6003.0, < 6.0.6003.230702025-01-14

CVE-2025-21303 [HIGH] CWE-122 CVE-2025-21303: Windows Telephony Service Remote Code Execution Vulnerability Windows Telephony Service Remote Code Execution Vulnerability

nvd

CVE-2025-21244HIGHCVSS 8.8≥ 6.0.6003.0, < 6.0.6003.230702025-01-14

CVE-2025-21244 [HIGH] CWE-190 CVE-2025-21244: Windows Telephony Service Remote Code Execution Vulnerability Windows Telephony Service Remote Code Execution Vulnerability

nvd

CVE-2025-21287HIGHCVSS 7.8≥ 6.0.6003.0, < 6.0.6003.230702025-01-14

CVE-2025-21287 [HIGH] CWE-269 CVE-2025-21287: Windows Installer Elevation of Privilege Vulnerability Windows Installer Elevation of Privilege Vulnerability

nvd

CVE-2025-21289HIGHCVSS 7.5≥ 6.0.6003.0, < 6.0.6003.230702025-01-14

CVE-2025-21289 [HIGH] CWE-400 CVE-2025-21289: Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability

nvd

CVE-2025-21389HIGHCVSS 7.5≥ 6.0.6003.0, < 6.0.6003.230702025-01-14

CVE-2025-21389 [HIGH] CWE-400 CVE-2025-21389: Uncontrolled resource consumption in Windows Universal Plug and Play (UPnP) Device Host allows an un Uncontrolled resource consumption in Windows Universal Plug and Play (UPnP) Device Host allows an unauthorized attacker to deny service over a network.

nvd

CVE-2025-21338HIGHCVSS 7.8≥ 6.0.6003.0, < 6.0.6003.230702025-01-14

CVE-2025-21338 [HIGH] CWE-190 GDI+ Remote Code Execution Vulnerability GDI+ Remote Code Execution Vulnerability GDI+ Remote Code Execution Vulnerability

cvelistv5

CVE-2025-21302HIGHCVSS 8.8≥ 6.0.6003.0, < 6.0.6003.230702025-01-14

CVE-2025-21302 [HIGH] CWE-122 CVE-2025-21302: Windows Telephony Service Remote Code Execution Vulnerability Windows Telephony Service Remote Code Execution Vulnerability

nvd

← Previous16 / 84Next →