Vulnerabilities (CVE)

Filtered by vendor Microsoft Subscribe
Filtered by product Windows Server 2008
Total 3380 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2013-6999 1 Microsoft 1 Windows Server 2008 2024-03-21 4.0 MEDIUM N/A
The IsHandleEntrySecure function in win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2008 SP2 does not properly validate the tagPROCESSINFO pW32Job field, which allows local users to cause a denial of service (NULL pointer dereference and system crash) via a crafted NtUserValidateHandleSecure call for an owned object. NOTE: the vendor reportedly disputes the significance of this report, stating that "it appears to be a local DOS ... we don't consider it a security vulnerability.
CVE-2023-36911 1 Microsoft 12 Windows 10, Windows 10 1607, Windows 10 1809 and 9 more 2024-03-12 N/A 9.8 CRITICAL
Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
CVE-2023-36910 1 Microsoft 12 Windows 10, Windows 10 1607, Windows 10 1809 and 9 more 2024-03-12 N/A 9.8 CRITICAL
Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
CVE-2023-35385 1 Microsoft 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more 2024-03-12 N/A 9.8 CRITICAL
Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
CVE-2024-21356 1 Microsoft 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more 2024-03-12 N/A 6.5 MEDIUM
Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability
CVE-2024-21349 1 Microsoft 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more 2024-03-12 N/A 8.8 HIGH
Microsoft ActiveX Data Objects Remote Code Execution Vulnerability
CVE-2024-21347 1 Microsoft 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more 2024-03-07 N/A 7.5 HIGH
Microsoft ODBC Driver Remote Code Execution Vulnerability
CVE-2024-21391 1 Microsoft 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more 2024-03-07 N/A 8.8 HIGH
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
CVE-2023-38161 1 Microsoft 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more 2024-03-07 N/A 7.8 HIGH
Windows GDI Elevation of Privilege Vulnerability
CVE-2023-50387 8 Fedoraproject, Isc, Microsoft and 5 more 13 Fedora, Bind, Windows Server 2008 and 10 more 2024-03-07 N/A 7.5 HIGH
Certain DNSSEC aspects of the DNS protocol (in RFC 4033, 4034, 4035, 6840, and related RFCs) allow remote attackers to cause a denial of service (CPU consumption) via one or more DNSSEC responses, aka the "KeyTrap" issue. One of the concerns is that, when there is a zone with many DNSKEY and RRSIG records, the protocol specification implies that an algorithm must evaluate all combinations of DNSKEY and RRSIG records.
CVE-2024-21361 1 Microsoft 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more 2024-03-05 N/A 8.8 HIGH
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
CVE-2024-21360 1 Microsoft 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more 2024-03-05 N/A 8.8 HIGH
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
CVE-2024-21359 1 Microsoft 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more 2024-03-05 N/A 8.8 HIGH
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
CVE-2024-21367 1 Microsoft 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more 2024-03-05 N/A 8.8 HIGH
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
CVE-2024-21366 1 Microsoft 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more 2024-03-05 N/A 8.8 HIGH
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
CVE-2024-21365 1 Microsoft 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more 2024-03-05 N/A 8.8 HIGH
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
CVE-2024-21375 1 Microsoft 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more 2024-03-05 N/A 8.8 HIGH
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
CVE-2024-21370 1 Microsoft 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more 2024-03-05 N/A 8.8 HIGH
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
CVE-2024-21369 1 Microsoft 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more 2024-03-05 N/A 8.8 HIGH
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
CVE-2024-21368 1 Microsoft 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more 2024-03-05 N/A 8.8 HIGH
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability