Microsoft Windows Server 2008

Don't miss out!

Thousands of developers use stack.watch to stay informed.
Get an email whenever new security vulnerabilities are reported in Microsoft Windows Server 2008.

By the Year

In 2025 there have been 144 vulnerabilities in Microsoft Windows Server 2008 with an average score of 7.3 out of ten. Last year, in 2024 Windows Server 2008 had 299 security vulnerabilities published. Right now, Windows Server 2008 is on track to have less security vulnerabilities in 2025 than it did last year. Last year, the average CVE base score was greater by 0.38

Year	Vulnerabilities	Average Score
2025	144	7.33
2024	299	7.71
2023	363	7.55
2022	334	7.56
2021	279	7.62
2020	382	7.42
2019	314	7.14
2018	158	6.48

It may take a day or so for new Windows Server 2008 vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Microsoft Windows Server 2008 Security Vulnerabilities

External control of file name or path in Internet Shortcut Files

CVE-2025-33053 8.8 - High - June 10, 2025

External control of file name or path in Internet Shortcut Files allows an unauthorized attacker to execute code over a network.

External Control of File Name or Path

Improper input validation in Windows Common Log File System Driver

CVE-2025-32706 7.8 - High - May 13, 2025

Improper input validation in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.

Improper Input Validation

Use after free in Windows Common Log File System Driver

CVE-2025-32701 7.8 - High - May 13, 2025

Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.

Dangling pointer

Access of resource using incompatible type ('type confusion') in Microsoft Scripting Engine

CVE-2025-30397 7.5 - High - May 13, 2025

Access of resource using incompatible type ('type confusion') in Microsoft Scripting Engine allows an unauthorized attacker to execute code over a network.

Object Type Confusion

Use after free in Windows Common Log File System Driver

CVE-2025-30385 7.8 - High - May 13, 2025

Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.

Dangling pointer

Heap-based buffer overflow in Windows Win32K - GRFX

CVE-2025-30388 7.8 - High - May 13, 2025

Heap-based buffer overflow in Windows Win32K - GRFX allows an unauthorized attacker to execute code locally.

Memory Corruption

Out-of-bounds read in Windows NTFS

CVE-2025-32707 7.8 - High - May 13, 2025

Out-of-bounds read in Windows NTFS allows an unauthorized attacker to elevate privileges locally.

Out-of-bounds Read

Heap-based buffer overflow in Windows Kernel

CVE-2025-24063 7.8 - High - May 13, 2025

Heap-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges locally.

Memory Corruption

Use of uninitialized resource in Windows Routing and Remote Access Service (RRAS)

CVE-2025-29830 6.5 - Medium - May 13, 2025

Use of uninitialized resource in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.

Use of Uninitialized Resource

Use after free in Remote Desktop Gateway Service

CVE-2025-29831 7.5 - High - May 13, 2025

Use after free in Remote Desktop Gateway Service allows an unauthorized attacker to execute code over a network.

Dangling pointer

Out-of-bounds read in Windows Routing and Remote Access Service (RRAS)

CVE-2025-29832 6.5 - Medium - May 13, 2025

Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.

Out-of-bounds Read

Out-of-bounds read in Windows Routing and Remote Access Service (RRAS)

CVE-2025-29835 6.5 - Medium - May 13, 2025

Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.

Out-of-bounds Read

Out-of-bounds read in Windows Routing and Remote Access Service (RRAS)

CVE-2025-29836 6.5 - Medium - May 13, 2025

Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.

Out-of-bounds Read

Improper link resolution before file access ('link following') in Windows Installer

CVE-2025-29837 5.5 - Medium - May 13, 2025

Improper link resolution before file access ('link following') in Windows Installer allows an authorized attacker to disclose information locally.

insecure temporary file

Out-of-bounds read in Windows File Server

CVE-2025-29839 4 - Medium - May 13, 2025

Out-of-bounds read in Windows File Server allows an unauthorized attacker to disclose information locally.

Out-of-bounds Read

Uncontrolled resource consumption in Windows LDAP - Lightweight Directory Access Protocol

CVE-2025-29954 5.9 - Medium - May 13, 2025

Uncontrolled resource consumption in Windows LDAP - Lightweight Directory Access Protocol allows an unauthorized attacker to deny service over a network.

Allocation of Resources Without Limits or Throttling

Buffer over-read in Windows SMB

CVE-2025-29956 5.4 - Medium - May 13, 2025

Buffer over-read in Windows SMB allows an authorized attacker to disclose information over a network.

Out-of-bounds Read

Uncontrolled resource consumption in Windows Deployment Services

CVE-2025-29957 6.2 - Medium - May 13, 2025

Uncontrolled resource consumption in Windows Deployment Services allows an unauthorized attacker to deny service locally.

Allocation of Resources Without Limits or Throttling

Use of uninitialized resource in Windows Routing and Remote Access Service (RRAS)

CVE-2025-29958 6.5 - Medium - May 13, 2025

Use of uninitialized resource in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.

Use of Uninitialized Resource

Use of uninitialized resource in Windows Routing and Remote Access Service (RRAS)

CVE-2025-29959 6.5 - Medium - May 13, 2025

Use of uninitialized resource in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.

Use of Uninitialized Resource

Out-of-bounds read in Windows Routing and Remote Access Service (RRAS)

CVE-2025-29960 6.5 - Medium - May 13, 2025

Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.

Out-of-bounds Read

Out-of-bounds read in Windows Routing and Remote Access Service (RRAS)

CVE-2025-29961 6.5 - Medium - May 13, 2025

Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.

Out-of-bounds Read

Heap-based buffer overflow in Windows Media

CVE-2025-29962 8.8 - High - May 13, 2025

Heap-based buffer overflow in Windows Media allows an unauthorized attacker to execute code over a network.

Memory Corruption

Heap-based buffer overflow in Windows Remote Desktop

CVE-2025-29966 8.8 - High - May 13, 2025

Heap-based buffer overflow in Windows Remote Desktop allows an unauthorized attacker to execute code over a network.

Memory Corruption

Heap-based buffer overflow in Remote Desktop Gateway Service

CVE-2025-29967 8.8 - High - May 13, 2025

Heap-based buffer overflow in Remote Desktop Gateway Service allows an unauthorized attacker to execute code over a network.

Memory Corruption

Improper input validation in Active Directory Certificate Services (AD CS)

CVE-2025-29968 6.5 - Medium - May 13, 2025

Improper input validation in Active Directory Certificate Services (AD CS) allows an authorized attacker to deny service over a network.

Improper Input Validation

Time-of-check time-of-use (toctou) race condition in Windows Fundamentals

CVE-2025-29969 7.5 - High - May 13, 2025

Time-of-check time-of-use (toctou) race condition in Windows Fundamentals allows an authorized attacker to execute code over a network.

TOCTTOU

Integer underflow (wrap or wraparound) in Windows Kernel

CVE-2025-29974 5.7 - Medium - May 13, 2025

Integer underflow (wrap or wraparound) in Windows Kernel allows an unauthorized attacker to disclose information over an adjacent network.

Integer underflow

Improper privilege management in Microsoft Office SharePoint

CVE-2025-29976 7.8 - High - May 13, 2025

Improper privilege management in Microsoft Office SharePoint allows an authorized attacker to elevate privileges locally.

Improper Privilege Management

Use after free in Windows Common Log File System Driver

CVE-2025-29824 7.8 - High - April 08, 2025

Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.

Dangling pointer

Heap-based buffer overflow in Windows Telephony Service

CVE-2025-21222 8.8 - High - April 08, 2025

Heap-based buffer overflow in Windows Telephony Service allows an unauthorized attacker to execute code over a network.

Heap-based Buffer Overflow

Improper resolution of path equivalence in Windows MapUrlToZone

CVE-2025-21247 4.3 - Medium - March 11, 2025

Improper resolution of path equivalence in Windows MapUrlToZone allows an unauthorized attacker to bypass a security feature over a network.

Improper Resolution of Path Equivalence

Improper neutralization in Microsoft Management Console

CVE-2025-26633 7 - High - March 11, 2025

Improper neutralization in Microsoft Management Console allows an unauthorized attacker to bypass a security feature locally.

Improper Neutralization

Heap-based buffer overflow in Windows NTFS

CVE-2025-24993 7.8 - High - March 11, 2025

Heap-based buffer overflow in Windows NTFS allows an unauthorized attacker to execute code locally.

Heap-based Buffer Overflow

Out-of-bounds read in Windows NTFS

CVE-2025-24991 5.5 - Medium - March 11, 2025

Out-of-bounds read in Windows NTFS allows an authorized attacker to disclose information locally.

Out-of-bounds Read

Use after free in Windows Win32 Kernel Subsystem

CVE-2025-24983 7 - High - March 11, 2025

Use after free in Windows Win32 Kernel Subsystem allows an authorized attacker to elevate privileges locally.

Dangling pointer

Integer overflow or wraparound in Windows Fast FAT Driver

CVE-2025-24985 7.8 - High - March 11, 2025

Integer overflow or wraparound in Windows Fast FAT Driver allows an unauthorized attacker to execute code locally.

Integer Overflow or Wraparound

External control of file name or path in Windows NTLM

CVE-2025-24054 5.4 - Medium - March 11, 2025

External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing over a network.

External Control of File Name or Path

Incorrect conversion between numeric types in Windows Common Log File System Driver

CVE-2025-24059 7.8 - High - March 11, 2025

Incorrect conversion between numeric types in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.

Out-of-bounds Read

Use after free in DNS Server

CVE-2025-24064 8.1 - High - March 11, 2025

Use after free in DNS Server allows an unauthorized attacker to execute code over a network.

Dangling pointer

Sensitive data storage in improperly locked memory in Windows Remote Desktop Services

CVE-2025-24035 8.1 - High - March 11, 2025

Sensitive data storage in improperly locked memory in Windows Remote Desktop Services allows an unauthorized attacker to execute code over a network.

Sensitive Data Storage in Improperly Locked Memory

Buffer over-read in Windows NTFS

CVE-2025-24992 5.5 - Medium - March 11, 2025

Buffer over-read in Windows NTFS allows an unauthorized attacker to disclose information locally.

Buffer Over-read

External control of file name or path in Windows NTLM

CVE-2025-24996 6.5 - Medium - March 11, 2025

External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing over a network.

External Control of File Name or Path

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS)

CVE-2025-24051 8.8 - High - March 11, 2025

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.

Heap-based Buffer Overflow

Out-of-bounds read in Windows USB Video Driver

CVE-2025-24055 4.3 - Medium - March 11, 2025

Out-of-bounds read in Windows USB Video Driver allows an authorized attacker to disclose information with a physical attack.

Out-of-bounds Read

Heap-based buffer overflow in Windows Telephony Server

CVE-2025-24056 8.8 - High - March 11, 2025

Heap-based buffer overflow in Windows Telephony Server allows an unauthorized attacker to execute code over a network.

Heap-based Buffer Overflow

Heap-based buffer overflow in Windows exFAT File System

CVE-2025-21180 7.8 - High - March 11, 2025

Heap-based buffer overflow in Windows exFAT File System allows an unauthorized attacker to execute code locally.

Heap-based Buffer Overflow

Windows Telephony Service Remote Code Execution Vulnerability

CVE-2025-21406 8.8 - High - February 11, 2025

Windows Telephony Service Remote Code Execution Vulnerability

Dangling pointer

NTLM Hash Disclosure Spoofing Vulnerability

CVE-2025-21377 6.5 - Medium - February 11, 2025

NTLM Hash Disclosure Spoofing Vulnerability

External Control of File Name or Path

Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability

CVE-2025-21181 7.5 - High - February 11, 2025

Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability

Resource Exhaustion

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Microsoft Windows Server 2025 or by Microsoft? Click the Watch button to subscribe.

Microsoft
Vendor

Microsoft Windows Server 2008
Product

Microsoft Windows Server 2008

Don't miss out!

By the Year

Recent Microsoft Windows Server 2008 Security Vulnerabilities

External control of file name or path in Internet Shortcut Files CVE-2025-33053 8.8 - High - June 10, 2025

Improper input validation in Windows Common Log File System Driver CVE-2025-32706 7.8 - High - May 13, 2025

Use after free in Windows Common Log File System Driver CVE-2025-32701 7.8 - High - May 13, 2025

Access of resource using incompatible type ('type confusion') in Microsoft Scripting Engine CVE-2025-30397 7.5 - High - May 13, 2025

Use after free in Windows Common Log File System Driver CVE-2025-30385 7.8 - High - May 13, 2025

Heap-based buffer overflow in Windows Win32K - GRFX CVE-2025-30388 7.8 - High - May 13, 2025

Out-of-bounds read in Windows NTFS CVE-2025-32707 7.8 - High - May 13, 2025

Heap-based buffer overflow in Windows Kernel CVE-2025-24063 7.8 - High - May 13, 2025

Use of uninitialized resource in Windows Routing and Remote Access Service (RRAS) CVE-2025-29830 6.5 - Medium - May 13, 2025

Use after free in Remote Desktop Gateway Service CVE-2025-29831 7.5 - High - May 13, 2025

Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) CVE-2025-29832 6.5 - Medium - May 13, 2025

Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) CVE-2025-29835 6.5 - Medium - May 13, 2025

Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) CVE-2025-29836 6.5 - Medium - May 13, 2025

Improper link resolution before file access ('link following') in Windows Installer CVE-2025-29837 5.5 - Medium - May 13, 2025

Out-of-bounds read in Windows File Server CVE-2025-29839 4 - Medium - May 13, 2025

Uncontrolled resource consumption in Windows LDAP - Lightweight Directory Access Protocol CVE-2025-29954 5.9 - Medium - May 13, 2025

Buffer over-read in Windows SMB CVE-2025-29956 5.4 - Medium - May 13, 2025

Uncontrolled resource consumption in Windows Deployment Services CVE-2025-29957 6.2 - Medium - May 13, 2025

Use of uninitialized resource in Windows Routing and Remote Access Service (RRAS) CVE-2025-29958 6.5 - Medium - May 13, 2025

Use of uninitialized resource in Windows Routing and Remote Access Service (RRAS) CVE-2025-29959 6.5 - Medium - May 13, 2025

Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) CVE-2025-29960 6.5 - Medium - May 13, 2025

Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) CVE-2025-29961 6.5 - Medium - May 13, 2025

Heap-based buffer overflow in Windows Media CVE-2025-29962 8.8 - High - May 13, 2025

Heap-based buffer overflow in Windows Remote Desktop CVE-2025-29966 8.8 - High - May 13, 2025

Heap-based buffer overflow in Remote Desktop Gateway Service CVE-2025-29967 8.8 - High - May 13, 2025

Improper input validation in Active Directory Certificate Services (AD CS) CVE-2025-29968 6.5 - Medium - May 13, 2025

Time-of-check time-of-use (toctou) race condition in Windows Fundamentals CVE-2025-29969 7.5 - High - May 13, 2025

Integer underflow (wrap or wraparound) in Windows Kernel CVE-2025-29974 5.7 - Medium - May 13, 2025

Improper privilege management in Microsoft Office SharePoint CVE-2025-29976 7.8 - High - May 13, 2025

Use after free in Windows Common Log File System Driver CVE-2025-29824 7.8 - High - April 08, 2025

Heap-based buffer overflow in Windows Telephony Service CVE-2025-21222 8.8 - High - April 08, 2025

Improper resolution of path equivalence in Windows MapUrlToZone CVE-2025-21247 4.3 - Medium - March 11, 2025

Improper neutralization in Microsoft Management Console CVE-2025-26633 7 - High - March 11, 2025

Heap-based buffer overflow in Windows NTFS CVE-2025-24993 7.8 - High - March 11, 2025

Out-of-bounds read in Windows NTFS CVE-2025-24991 5.5 - Medium - March 11, 2025

Use after free in Windows Win32 Kernel Subsystem CVE-2025-24983 7 - High - March 11, 2025

Integer overflow or wraparound in Windows Fast FAT Driver CVE-2025-24985 7.8 - High - March 11, 2025

External control of file name or path in Windows NTLM CVE-2025-24054 5.4 - Medium - March 11, 2025

Incorrect conversion between numeric types in Windows Common Log File System Driver CVE-2025-24059 7.8 - High - March 11, 2025

Use after free in DNS Server CVE-2025-24064 8.1 - High - March 11, 2025

Sensitive data storage in improperly locked memory in Windows Remote Desktop Services CVE-2025-24035 8.1 - High - March 11, 2025

Buffer over-read in Windows NTFS CVE-2025-24992 5.5 - Medium - March 11, 2025

External control of file name or path in Windows NTLM CVE-2025-24996 6.5 - Medium - March 11, 2025

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) CVE-2025-24051 8.8 - High - March 11, 2025

Out-of-bounds read in Windows USB Video Driver CVE-2025-24055 4.3 - Medium - March 11, 2025

Heap-based buffer overflow in Windows Telephony Server CVE-2025-24056 8.8 - High - March 11, 2025

Heap-based buffer overflow in Windows exFAT File System CVE-2025-21180 7.8 - High - March 11, 2025

Windows Telephony Service Remote Code Execution Vulnerability CVE-2025-21406 8.8 - High - February 11, 2025

NTLM Hash Disclosure Spoofing Vulnerability CVE-2025-21377 6.5 - Medium - February 11, 2025

Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability CVE-2025-21181 7.5 - High - February 11, 2025

Stay on top of Security Vulnerabilities

Microsoft Vendor

Microsoft Windows Server 2008Product

External control of file name or path in Internet Shortcut Files

CVE-2025-33053 8.8 - High - June 10, 2025

Improper input validation in Windows Common Log File System Driver

CVE-2025-32706 7.8 - High - May 13, 2025

Use after free in Windows Common Log File System Driver

CVE-2025-32701 7.8 - High - May 13, 2025

Access of resource using incompatible type ('type confusion') in Microsoft Scripting Engine

CVE-2025-30397 7.5 - High - May 13, 2025

Use after free in Windows Common Log File System Driver

CVE-2025-30385 7.8 - High - May 13, 2025

Heap-based buffer overflow in Windows Win32K - GRFX

CVE-2025-30388 7.8 - High - May 13, 2025

Out-of-bounds read in Windows NTFS

CVE-2025-32707 7.8 - High - May 13, 2025

Heap-based buffer overflow in Windows Kernel

CVE-2025-24063 7.8 - High - May 13, 2025

Use of uninitialized resource in Windows Routing and Remote Access Service (RRAS)

CVE-2025-29830 6.5 - Medium - May 13, 2025

Use after free in Remote Desktop Gateway Service

CVE-2025-29831 7.5 - High - May 13, 2025

Out-of-bounds read in Windows Routing and Remote Access Service (RRAS)

CVE-2025-29832 6.5 - Medium - May 13, 2025

Out-of-bounds read in Windows Routing and Remote Access Service (RRAS)

CVE-2025-29835 6.5 - Medium - May 13, 2025

Out-of-bounds read in Windows Routing and Remote Access Service (RRAS)

CVE-2025-29836 6.5 - Medium - May 13, 2025

Improper link resolution before file access ('link following') in Windows Installer

CVE-2025-29837 5.5 - Medium - May 13, 2025

Out-of-bounds read in Windows File Server

CVE-2025-29839 4 - Medium - May 13, 2025

Uncontrolled resource consumption in Windows LDAP - Lightweight Directory Access Protocol

CVE-2025-29954 5.9 - Medium - May 13, 2025

Buffer over-read in Windows SMB

CVE-2025-29956 5.4 - Medium - May 13, 2025

Uncontrolled resource consumption in Windows Deployment Services

CVE-2025-29957 6.2 - Medium - May 13, 2025

Use of uninitialized resource in Windows Routing and Remote Access Service (RRAS)

CVE-2025-29958 6.5 - Medium - May 13, 2025

Use of uninitialized resource in Windows Routing and Remote Access Service (RRAS)

CVE-2025-29959 6.5 - Medium - May 13, 2025

Out-of-bounds read in Windows Routing and Remote Access Service (RRAS)

CVE-2025-29960 6.5 - Medium - May 13, 2025

Out-of-bounds read in Windows Routing and Remote Access Service (RRAS)

CVE-2025-29961 6.5 - Medium - May 13, 2025

Heap-based buffer overflow in Windows Media

CVE-2025-29962 8.8 - High - May 13, 2025

Heap-based buffer overflow in Windows Remote Desktop

CVE-2025-29966 8.8 - High - May 13, 2025

Heap-based buffer overflow in Remote Desktop Gateway Service

CVE-2025-29967 8.8 - High - May 13, 2025

Improper input validation in Active Directory Certificate Services (AD CS)

CVE-2025-29968 6.5 - Medium - May 13, 2025

Time-of-check time-of-use (toctou) race condition in Windows Fundamentals

CVE-2025-29969 7.5 - High - May 13, 2025

Integer underflow (wrap or wraparound) in Windows Kernel

CVE-2025-29974 5.7 - Medium - May 13, 2025

Improper privilege management in Microsoft Office SharePoint

CVE-2025-29976 7.8 - High - May 13, 2025

Use after free in Windows Common Log File System Driver

CVE-2025-29824 7.8 - High - April 08, 2025

Heap-based buffer overflow in Windows Telephony Service

CVE-2025-21222 8.8 - High - April 08, 2025

Improper resolution of path equivalence in Windows MapUrlToZone

CVE-2025-21247 4.3 - Medium - March 11, 2025

Improper neutralization in Microsoft Management Console

CVE-2025-26633 7 - High - March 11, 2025

Heap-based buffer overflow in Windows NTFS

CVE-2025-24993 7.8 - High - March 11, 2025

Out-of-bounds read in Windows NTFS

CVE-2025-24991 5.5 - Medium - March 11, 2025

Use after free in Windows Win32 Kernel Subsystem

CVE-2025-24983 7 - High - March 11, 2025

Integer overflow or wraparound in Windows Fast FAT Driver

CVE-2025-24985 7.8 - High - March 11, 2025

External control of file name or path in Windows NTLM

CVE-2025-24054 5.4 - Medium - March 11, 2025

Incorrect conversion between numeric types in Windows Common Log File System Driver

CVE-2025-24059 7.8 - High - March 11, 2025

Use after free in DNS Server

CVE-2025-24064 8.1 - High - March 11, 2025

Sensitive data storage in improperly locked memory in Windows Remote Desktop Services

CVE-2025-24035 8.1 - High - March 11, 2025

Buffer over-read in Windows NTFS

CVE-2025-24992 5.5 - Medium - March 11, 2025

External control of file name or path in Windows NTLM

CVE-2025-24996 6.5 - Medium - March 11, 2025

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS)

CVE-2025-24051 8.8 - High - March 11, 2025

Out-of-bounds read in Windows USB Video Driver

CVE-2025-24055 4.3 - Medium - March 11, 2025

Heap-based buffer overflow in Windows Telephony Server

CVE-2025-24056 8.8 - High - March 11, 2025

Heap-based buffer overflow in Windows exFAT File System

CVE-2025-21180 7.8 - High - March 11, 2025

Windows Telephony Service Remote Code Execution Vulnerability

CVE-2025-21406 8.8 - High - February 11, 2025

NTLM Hash Disclosure Spoofing Vulnerability

CVE-2025-21377 6.5 - Medium - February 11, 2025

Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability

CVE-2025-21181 7.5 - High - February 11, 2025

Microsoft
Vendor

Microsoft Windows Server 2008
Product