Windows_server_2008 - Vulncode-DB

Note:

This project will be discontinued after December 13, 2021. [more]

Product:
Windows_server_2008
(Microsoft)

Repositories	Unknown: This might be proprietary software.
#Vulnerabilities	3024

Date	Id	Summary	Products	Score	Patch	Annotated
2021-07-14	CVE-2021-33771	Windows Kernel Elevation of Privilege Vulnerability	Windows_10_1507, Windows_10_1607, Windows_10_1809, Windows_10_1909, Windows_10_2004, Windows_10_20h2, Windows_10_21h1, Windows_8\.1, Windows_rt_8\.1, Windows_server_2004, Windows_server_2008, Windows_server_2012, Windows_server_2016, Windows_server_2019, Windows_server_20h2	7.8
2021-07-16	CVE-2021-34448	Scripting Engine Memory Corruption Vulnerability	Windows_10_1507, Windows_10_1607, Windows_10_1809, Windows_10_1909, Windows_10_2004, Windows_10_20h2, Windows_10_21h1, Windows_7, Windows_8\.1, Windows_rt_8\.1, Windows_server_2008, Windows_server_2012, Windows_server_2016, Windows_server_2019	6.8
2016-11-10	CVE-2016-7255	The kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, and 1607, and Windows Server 2016 allow local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability."	Windows_10_1507, Windows_10_1511, Windows_10_1607, Windows_7, Windows_8\.1, Windows_rt_8\.1, Windows_server_2008, Windows_server_2012, Windows_server_2016, Windows_vista	7.8
2019-04-09	CVE-2019-0808	An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0797.	Windows_7, Windows_server_2008	7.8
2019-05-16	CVE-2019-0708	A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Remote Desktop Services Remote Code Execution Vulnerability'.	Agile_controller\-Campus_firmware, Bh620_v2_firmware, Bh621_v2_firmware, Bh622_v2_firmware, Bh640_v2_firmware, Ch121_firmware, Ch140_firmware, Ch220_firmware, Ch221_firmware, Ch222_firmware, Ch240_firmware, Ch242_firmware, Ch242_v3_firmware, E6000_chassis_firmware, E6000_firmware, Elog_firmware, Espace_ecs_firmware, Gtsoftx3000_firmware, Oceanstor_18500_firmware, Oceanstor_18800_firmware, Oceanstor_18800f_firmware, Oceanstor_hvs85t_firmware, Oceanstor_hvs88t_firmware, Rh1288_v2_firmware, Rh1288a_v2_firmware, Rh2265_v2_firmware, Rh2268_v2_firmware, Rh2285_v2_firmware, Rh2285h_v2_firmware, Rh2288_v2_firmware, Rh2288a_v2_firmware, Rh2288e_v2_firmware, Rh2288h_v2_firmware, Rh2485_v2_firmware, Rh5885_v2_firmware, Rh5885_v3_firmware, Seco_vsm_firmware, Smc2\.0_firmware, Uma_firmware, X6000_firmware, X8000_firmware, Windows_7, Windows_server_2008, Aptio_firmware, Atellica_solution_firmware, Axiom_multix_m_firmware, Axiom_vertix_md_trauma_firmware, Axiom_vertix_solitaire_m_firmware, Centralink_firmware, Lantis_firmware, Mobilett_xp_digital_firmware, Multix_pro_acss_firmware, Multix_pro_acss_p_firmware, Multix_pro_firmware, Multix_pro_navy_firmware, Multix_pro_p_firmware, Multix_swing_firmware, Multix_top_acss_firmware, Multix_top_acss_p_firmware, Multix_top_firmware, Multix_top_p_firmware, Rapidpoint_500_firmware, Streamlab_firmware, Syngo_lab_process_manager, Vertix_solitaire_firmware, Viva_e_firmware, Viva_twin_firmware	9.8
2013-11-06	CVE-2013-3906	GDI+ in Microsoft Windows Vista SP2 and Server 2008 SP2; Office 2003 SP3, 2007 SP3, and 2010 SP1 and SP2; Office Compatibility Pack SP3; and Lync 2010, 2010 Attendee, 2013, and Basic 2013 allows remote attackers to execute arbitrary code via a crafted TIFF image, as demonstrated by an image in a Word document, and exploited in the wild in October and November 2013.	Excel_viewer, Lync, Office, Office_compatibility_pack, Powerpoint_viewer, Windows_server_2008, Windows_vista, Word_viewer	7.8
2014-10-22	CVE-2014-6352	Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow remote attackers to execute arbitrary code via a crafted OLE object, as exploited in the wild in October 2014 with a crafted PowerPoint document.	Windows_7, Windows_8, Windows_8\.1, Windows_rt, Windows_rt_8\.1, Windows_server_2008, Windows_server_2012, Windows_vista	7.8
2017-04-12	CVE-2017-0199	Microsoft Office 2007 SP3, Microsoft Office 2010 SP2, Microsoft Office 2013 SP1, Microsoft Office 2016, Microsoft Windows Vista SP2, Windows Server 2008 SP2, Windows 7 SP1, Windows 8.1 allow remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office/WordPad Remote Code Execution Vulnerability w/Windows API."	Office, Windows_7, Windows_server_2008, Windows_server_2012, Windows_vista, Intellispace_portal	7.8
2016-03-09	CVE-2016-0099	The Secondary Logon Service in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 does not properly process request handles, which allows local users to gain privileges via a crafted application, aka "Secondary Logon Elevation of Privilege Vulnerability."	Windows_10_1507, Windows_10_1511, Windows_7, Windows_8\.1, Windows_server_2008, Windows_server_2012, Windows_vista	7.8
2016-04-12	CVE-2016-0167	The kernel-mode driver in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 allows local users to gain privileges via a crafted application, aka "Win32k Elevation of Privilege Vulnerability," a different vulnerability than CVE-2016-0143 and CVE-2016-0165.	Windows_10_1507, Windows_10_1511, Windows_7, Windows_8\.1, Windows_rt_8\.1, Windows_server_2008, Windows_server_2012, Windows_vista	7.8