Filtered by vendor Microsoft
Subscriptions
Filtered by product Windows Server 2008
Subscriptions
Total
3762 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2015-2502 | 1 Microsoft | 9 Internet Explorer, Windows 10 1507, Windows 7 and 6 more | 2025-03-26 | 8.8 High |
| Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Memory Corruption Vulnerability," as exploited in the wild in August 2015. | ||||
| CVE-2015-1701 | 1 Microsoft | 4 Windows 2003 Server, Windows 7, Windows Server 2008 and 1 more | 2025-03-26 | 7.8 High |
| Win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Vista SP2, and Server 2008 SP2 allows local users to gain privileges via a crafted application, as exploited in the wild in April 2015, aka "Win32k Elevation of Privilege Vulnerability." | ||||
| CVE-2024-21365 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2025-03-24 | 8.8 High |
| Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | ||||
| CVE-2025-26633 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-03-23 | 7 High |
| Improper neutralization in Microsoft Management Console allows an unauthorized attacker to bypass a security feature locally. | ||||
| CVE-2025-24993 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-03-23 | 7.8 High |
| Heap-based buffer overflow in Windows NTFS allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-24991 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-03-23 | 5.5 Medium |
| Out-of-bounds read in Windows NTFS allows an authorized attacker to disclose information locally. | ||||
| CVE-2025-24985 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-03-23 | 7.8 High |
| Integer overflow or wraparound in Windows Fast FAT Driver allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-24983 | 1 Microsoft | 5 Windows 10 1507, Windows 10 1607, Windows Server 2008 and 2 more | 2025-03-23 | 7 High |
| Use after free in Windows Win32 Kernel Subsystem allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2023-23376 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2025-03-17 | 7.8 High |
| Windows Common Log File System Driver Elevation of Privilege Vulnerability | ||||
| CVE-2014-4123 | 1 Microsoft | 10 Internet Explorer, Windows 7, Windows 8 and 7 more | 2025-03-14 | 8.8 High |
| Microsoft Internet Explorer 7 through 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability," as exploited in the wild in October 2014, a different vulnerability than CVE-2014-4124. | ||||
| CVE-2014-2817 | 1 Microsoft | 10 Internet Explorer, Windows 7, Windows 8 and 7 more | 2025-03-14 | 8.8 High |
| Microsoft Internet Explorer 6 through 11 allows remote attackers to gain privileges via a crafted web site, aka "Internet Explorer Elevation of Privilege Vulnerability." | ||||
| CVE-2014-1776 | 1 Microsoft | 11 Internet Explorer, Windows 7, Windows 8 and 8 more | 2025-03-14 | 9.8 Critical |
| Use-after-free vulnerability in Microsoft Internet Explorer 6 through 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors related to the CMarkup::IsConnectedToPrimaryMarkup function, as exploited in the wild in April 2014. NOTE: this issue originally emphasized VGX.DLL, but Microsoft clarified that "VGX.DLL does not contain the vulnerable code leveraged in this exploit. Disabling VGX.DLL is an exploit-specific workaround that provides an immediate, effective workaround to help block known attacks." | ||||
| CVE-2013-7331 | 1 Microsoft | 10 Internet Explorer, Windows 7, Windows 8 and 7 more | 2025-03-14 | 6.5 Medium |
| The Microsoft.XMLDOM ActiveX control in Microsoft Windows 8.1 and earlier allows remote attackers to determine the existence of local pathnames, UNC share pathnames, intranet hostnames, and intranet IP addresses by examining error codes, as demonstrated by a res:// URL, and exploited in the wild in February 2014. | ||||
| CVE-2014-0322 | 1 Microsoft | 7 Internet Explorer, Windows 7, Windows 8 and 4 more | 2025-03-14 | 8.8 High |
| Use-after-free vulnerability in Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code via vectors involving crafted JavaScript code, CMarkup, and the onpropertychange attribute of a script element, as exploited in the wild in January and February 2014. | ||||
| CVE-2012-1889 | 1 Microsoft | 15 Expression Web, Groove, Groove Server and 12 more | 2025-03-14 | 8.8 High |
| Microsoft XML Core Services 3.0, 4.0, 5.0, and 6.0 accesses uninitialized memory locations, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site. | ||||
| CVE-2024-21360 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2025-03-14 | 8.8 High |
| Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | ||||
| CVE-2024-49019 | 1 Microsoft | 7 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 4 more | 2025-03-14 | 7.8 High |
| Active Directory Certificate Services Elevation of Privilege Vulnerability | ||||
| CVE-2017-8759 | 1 Microsoft | 11 .net Framework, Windows 10 1507, Windows 10 1511 and 8 more | 2025-03-13 | 7.8 High |
| Microsoft .NET Framework 2.0, 3.5, 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2 and 4.7 allow an attacker to execute code remotely via a malicious document or application, aka ".NET Framework Remote Code Execution Vulnerability." | ||||
| CVE-2015-2425 | 1 Microsoft | 6 Internet Explorer, Windows 7, Windows 8.1 and 3 more | 2025-03-13 | 8.8 High |
| Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption Vulnerability," a different vulnerability than CVE-2015-2383 and CVE-2015-2384. | ||||
| CVE-2015-0071 | 1 Microsoft | 9 Internet Explorer, Windows 7, Windows 8 and 6 more | 2025-03-13 | 6.5 Medium |
| Microsoft Internet Explorer 9 through 11 allows remote attackers to bypass the ASLR protection mechanism via a crafted web site, aka "Internet Explorer ASLR Bypass Vulnerability." | ||||