Microsoft Windows Server 2008
By the Year
In 2024 there have been 41 vulnerabilities in Microsoft Windows Server 2008 with an average score of 7.5 out of ten. Last year Windows Server 2008 had 361 security vulnerabilities published. Right now, Windows Server 2008 is on track to have less security vulnerabilities in 2024 than it did last year. Last year, the average CVE base score was greater by 0.05
Year | Vulnerabilities | Average Score |
---|---|---|
2024 | 41 | 7.51 |
2023 | 361 | 7.56 |
2022 | 334 | 7.56 |
2021 | 279 | 7.62 |
2020 | 382 | 7.42 |
2019 | 314 | 7.28 |
2018 | 158 | 6.47 |
It may take a day or so for new Windows Server 2008 vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Microsoft Windows Server 2008 Security Vulnerabilities
Certain DNSSEC aspects of the DNS protocol (in RFC 4033, 4034, 4035, 6840, and related RFCs)
CVE-2023-50387
7.5 - High
- February 14, 2024
Certain DNSSEC aspects of the DNS protocol (in RFC 4033, 4034, 4035, 6840, and related RFCs) allow remote attackers to cause a denial of service (CPU consumption) via one or more DNSSEC responses, aka the "KeyTrap" issue. One of the concerns is that, when there is a zone with many DNSKEY and RRSIG records, the protocol specification implies that an algorithm must evaluate all combinations of DNSKEY and RRSIG records.
Allocation of Resources Without Limits or Throttling
Microsoft ActiveX Data Objects Remote Code Execution Vulnerability
CVE-2024-21349
8.8 - High
- February 13, 2024
Microsoft ActiveX Data Objects Remote Code Execution Vulnerability
Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability
CVE-2024-21356
6.5 - Medium
- February 13, 2024
Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability
Microsoft ODBC Driver Remote Code Execution Vulnerability
CVE-2024-21347
7.5 - High
- February 13, 2024
Microsoft ODBC Driver Remote Code Execution Vulnerability
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
CVE-2024-21391
8.8 - High
- February 13, 2024
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
CVE-2024-21350
8.8 - High
- February 13, 2024
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
CVE-2024-21352
8.8 - High
- February 13, 2024
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
CVE-2024-21358
8.8 - High
- February 13, 2024
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
CVE-2024-21359
8.8 - High
- February 13, 2024
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
CVE-2024-21360
8.8 - High
- February 13, 2024
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
CVE-2024-21361
8.8 - High
- February 13, 2024
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
CVE-2024-21365
8.8 - High
- February 13, 2024
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
CVE-2024-21366
8.8 - High
- February 13, 2024
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
CVE-2024-21367
8.8 - High
- February 13, 2024
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
CVE-2024-21368
8.8 - High
- February 13, 2024
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
CVE-2024-21369
8.8 - High
- February 13, 2024
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
CVE-2024-21370
8.8 - High
- February 13, 2024
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
CVE-2024-21375
8.8 - High
- February 13, 2024
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
Windows Printing Service Spoofing Vulnerability
CVE-2024-21406
7.5 - High
- February 13, 2024
Windows Printing Service Spoofing Vulnerability
Windows OLE Remote Code Execution Vulnerability
CVE-2024-21372
8.8 - High
- February 13, 2024
Windows OLE Remote Code Execution Vulnerability
Microsoft Message Queuing (MSMQ) Elevation of Privilege Vulnerability
CVE-2024-21405
7 - High
- February 13, 2024
Microsoft Message Queuing (MSMQ) Elevation of Privilege Vulnerability
Windows Kernel Information Disclosure Vulnerability
CVE-2024-21340
4.6 - Medium
- February 13, 2024
Windows Kernel Information Disclosure Vulnerability
Microsoft Common Log File System Elevation of Privilege Vulnerability
CVE-2024-20653
7.8 - High
- January 09, 2024
Microsoft Common Log File System Elevation of Privilege Vulnerability
Windows Group Policy Elevation of Privilege Vulnerability
CVE-2024-20657
7 - High
- January 09, 2024
Windows Group Policy Elevation of Privilege Vulnerability
Microsoft Online Certificate Status Protocol (OCSP) Remote Code Execution Vulnerability
CVE-2024-20655
6.6 - Medium
- January 09, 2024
Microsoft Online Certificate Status Protocol (OCSP) Remote Code Execution Vulnerability
Windows HTML Platforms Security Feature Bypass Vulnerability
CVE-2024-20652
8.1 - High
- January 09, 2024
Windows HTML Platforms Security Feature Bypass Vulnerability
Microsoft ODBC Driver Remote Code Execution Vulnerability
CVE-2024-20654
8 - High
- January 09, 2024
Microsoft ODBC Driver Remote Code Execution Vulnerability
Microsoft Message Queuing Information Disclosure Vulnerability
CVE-2024-20660
6.5 - Medium
- January 09, 2024
Microsoft Message Queuing Information Disclosure Vulnerability
Microsoft Message Queuing Denial of Service Vulnerability
CVE-2024-20661
7.5 - High
- January 09, 2024
Microsoft Message Queuing Denial of Service Vulnerability
Resource Exhaustion
Windows Kerberos Security Feature Bypass Vulnerability
CVE-2024-20674
- January 09, 2024
Windows Kerberos Security Feature Bypass Vulnerability
Authentication Bypass by Spoofing
Windows Message Queuing Client (MSMQC) Information Disclosure
CVE-2024-20680
6.5 - Medium
- January 09, 2024
Windows Message Queuing Client (MSMQC) Information Disclosure
Win32k Elevation of Privilege Vulnerability
CVE-2024-20683
7.8 - High
- January 09, 2024
Win32k Elevation of Privilege Vulnerability
Windows Themes Information Disclosure Vulnerability
CVE-2024-20691
4.7 - Medium
- January 09, 2024
Windows Themes Information Disclosure Vulnerability
Windows Online Certificate Status Protocol (OCSP) Information Disclosure Vulnerability
CVE-2024-20662
4.9 - Medium
- January 09, 2024
Windows Online Certificate Status Protocol (OCSP) Information Disclosure Vulnerability
Windows Message Queuing Client (MSMQC) Information Disclosure
CVE-2024-20663
6.5 - Medium
- January 09, 2024
Windows Message Queuing Client (MSMQC) Information Disclosure
Microsoft Message Queuing Information Disclosure Vulnerability
CVE-2024-20664
6.5 - Medium
- January 09, 2024
Microsoft Message Queuing Information Disclosure Vulnerability
Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability
CVE-2024-20692
5.7 - Medium
- January 09, 2024
Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability
Exposure of Resource to Wrong Sphere
Remote Desktop Client Remote Code Execution Vulnerability
CVE-2024-21307
7.5 - High
- January 09, 2024
Remote Desktop Client Remote Code Execution Vulnerability
Race Condition
Windows Cryptographic Services Information Disclosure Vulnerability
CVE-2024-21311
5.5 - Medium
- January 09, 2024
Windows Cryptographic Services Information Disclosure Vulnerability
Windows TCP/IP Information Disclosure Vulnerability
CVE-2024-21313
5.3 - Medium
- January 09, 2024
Windows TCP/IP Information Disclosure Vulnerability
Microsoft Message Queuing Information Disclosure Vulnerability
CVE-2024-21314
6.5 - Medium
- January 09, 2024
Microsoft Message Queuing Information Disclosure Vulnerability
Windows DPAPI (Data Protection Application Programming Interface) Spoofing Vulnerability
CVE-2023-36004
7.5 - High
- December 12, 2023
Windows DPAPI (Data Protection Application Programming Interface) Spoofing Vulnerability
Windows Telephony Server Elevation of Privilege Vulnerability
CVE-2023-36005
8.1 - High
- December 12, 2023
Windows Telephony Server Elevation of Privilege Vulnerability
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
CVE-2023-36006
8.8 - High
- December 12, 2023
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
DHCP Server Service Information Disclosure Vulnerability
CVE-2023-36012
5.3 - Medium
- December 12, 2023
DHCP Server Service Information Disclosure Vulnerability
Windows Media Remote Code Execution Vulnerability
CVE-2023-21740
7.8 - High
- December 12, 2023
Windows Media Remote Code Execution Vulnerability
Microsoft ODBC Driver Remote Code Execution Vulnerability
CVE-2023-35639
8.8 - High
- December 12, 2023
Microsoft ODBC Driver Remote Code Execution Vulnerability
Internet Connection Sharing (ICS) Remote Code Execution Vulnerability
CVE-2023-35641
8.8 - High
- December 12, 2023
Internet Connection Sharing (ICS) Remote Code Execution Vulnerability
Internet Connection Sharing (ICS) Denial of Service Vulnerability
CVE-2023-35642
6.5 - Medium
- December 12, 2023
Internet Connection Sharing (ICS) Denial of Service Vulnerability
Windows DNS Spoofing Vulnerability
CVE-2023-35622
7.5 - High
- December 12, 2023
Windows DNS Spoofing Vulnerability
Windows MSHTML Platform Remote Code Execution Vulnerability
CVE-2023-35628
8.1 - High
- December 12, 2023
Windows MSHTML Platform Remote Code Execution Vulnerability
Microsoft USBHUB 3.0 Device Driver Remote Code Execution Vulnerability
CVE-2023-35629
6.8 - Medium
- December 12, 2023
Microsoft USBHUB 3.0 Device Driver Remote Code Execution Vulnerability
Internet Connection Sharing (ICS) Remote Code Execution Vulnerability
CVE-2023-35630
8.8 - High
- December 12, 2023
Internet Connection Sharing (ICS) Remote Code Execution Vulnerability
Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
CVE-2023-35632
7.8 - High
- December 12, 2023
Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
Windows Kernel Elevation of Privilege Vulnerability
CVE-2023-35633
7.8 - High
- December 12, 2023
Windows Kernel Elevation of Privilege Vulnerability
Windows SmartScreen Security Feature Bypass Vulnerability
CVE-2023-36025
8.8 - High
- November 14, 2023
Windows SmartScreen Security Feature Bypass Vulnerability
Microsoft Speech Application Programming Interface (SAPI) Elevation of Privilege Vulnerability
CVE-2023-36719
7.8 - High
- November 14, 2023
Microsoft Speech Application Programming Interface (SAPI) Elevation of Privilege Vulnerability
Windows Scripting Engine Memory Corruption Vulnerability
CVE-2023-36017
8.8 - High
- November 14, 2023
Windows Scripting Engine Memory Corruption Vulnerability
Memory Corruption
Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
CVE-2023-36036
7.8 - High
- November 14, 2023
Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability
CVE-2023-36397
9.8 - Critical
- November 14, 2023
Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability
Microsoft Remote Registry Service Remote Code Execution Vulnerability
CVE-2023-36401
7.2 - High
- November 14, 2023
Microsoft Remote Registry Service Remote Code Execution Vulnerability
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
CVE-2023-36402
8.8 - High
- November 14, 2023
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
Windows Kernel Elevation of Privilege Vulnerability
CVE-2023-36403
7 - High
- November 14, 2023
Windows Kernel Elevation of Privilege Vulnerability
Microsoft Remote Registry Service Remote Code Execution Vulnerability
CVE-2023-36423
8.8 - High
- November 14, 2023
Microsoft Remote Registry Service Remote Code Execution Vulnerability
Windows Deployment Services Denial of Service Vulnerability
CVE-2023-36395
7.5 - High
- November 14, 2023
Windows Deployment Services Denial of Service Vulnerability
Windows User Interface Application Core Remote Code Execution Vulnerability
CVE-2023-36393
7.8 - High
- November 14, 2023
Windows User Interface Application Core Remote Code Execution Vulnerability
Windows Installer Elevation of Privilege Vulnerability
CVE-2023-36705
7.8 - High
- November 14, 2023
Windows Installer Elevation of Privilege Vulnerability
Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability
CVE-2023-36428
5.5 - Medium
- November 14, 2023
Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability
Windows Distributed File System (DFS) Remote Code Execution Vulnerability
CVE-2023-36425
8 - High
- November 14, 2023
Windows Distributed File System (DFS) Remote Code Execution Vulnerability
Windows Common Log File System Driver Elevation of Privilege Vulnerability
CVE-2023-36424
7.8 - High
- November 14, 2023
Windows Common Log File System Driver Elevation of Privilege Vulnerability
Microsoft Message Queuing Remote Code Execution Vulnerability
CVE-2023-36697
8 - High
- October 10, 2023
Microsoft Message Queuing Remote Code Execution Vulnerability
Windows Power Management Service Information Disclosure Vulnerability
CVE-2023-36724
5.5 - Medium
- October 10, 2023
Windows Power Management Service Information Disclosure Vulnerability
Windows Internet Key Exchange (IKE) Extension Elevation of Privilege Vulnerability
CVE-2023-36726
7.8 - High
- October 10, 2023
Windows Internet Key Exchange (IKE) Extension Elevation of Privilege Vulnerability
Win32k Elevation of Privilege Vulnerability
CVE-2023-36731
7.8 - High
- October 10, 2023
Win32k Elevation of Privilege Vulnerability
Win32k Elevation of Privilege Vulnerability
CVE-2023-36732
7.8 - High
- October 10, 2023
Win32k Elevation of Privilege Vulnerability
Win32k Elevation of Privilege Vulnerability
CVE-2023-36743
7.8 - High
- October 10, 2023
Win32k Elevation of Privilege Vulnerability
Windows Remote Desktop Gateway (RD Gateway) Information Disclosure Vulnerability
CVE-2023-29348
7.5 - High
- October 10, 2023
Windows Remote Desktop Gateway (RD Gateway) Information Disclosure Vulnerability
Windows MSHTML Platform Remote Code Execution Vulnerability
CVE-2023-36436
7.8 - High
- October 10, 2023
Windows MSHTML Platform Remote Code Execution Vulnerability
Windows Deployment Services Information Disclosure Vulnerability
CVE-2023-36567
7.5 - High
- October 10, 2023
Windows Deployment Services Information Disclosure Vulnerability
Microsoft Message Queuing Remote Code Execution Vulnerability
CVE-2023-36572
7.3 - High
- October 10, 2023
Microsoft Message Queuing Remote Code Execution Vulnerability
Microsoft Message Queuing Remote Code Execution Vulnerability
CVE-2023-36573
7.3 - High
- October 10, 2023
Microsoft Message Queuing Remote Code Execution Vulnerability
Microsoft Message Queuing Remote Code Execution Vulnerability
CVE-2023-36574
7.3 - High
- October 10, 2023
Microsoft Message Queuing Remote Code Execution Vulnerability
Microsoft Message Queuing Remote Code Execution Vulnerability
CVE-2023-36575
7.3 - High
- October 10, 2023
Microsoft Message Queuing Remote Code Execution Vulnerability
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
CVE-2023-36577
8.8 - High
- October 10, 2023
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
Microsoft Message Queuing Remote Code Execution Vulnerability
CVE-2023-36578
7.3 - High
- October 10, 2023
Microsoft Message Queuing Remote Code Execution Vulnerability
Microsoft Message Queuing Denial of Service Vulnerability
CVE-2023-36579
7.5 - High
- October 10, 2023
Microsoft Message Queuing Denial of Service Vulnerability
Microsoft DirectMusic Remote Code Execution Vulnerability
CVE-2023-36702
7.8 - High
- October 10, 2023
Microsoft DirectMusic Remote Code Execution Vulnerability
DHCP Server Service Denial of Service Vulnerability
CVE-2023-36703
7.5 - High
- October 10, 2023
DHCP Server Service Denial of Service Vulnerability
Windows Deployment Services Information Disclosure Vulnerability
CVE-2023-36706
6.5 - Medium
- October 10, 2023
Windows Deployment Services Information Disclosure Vulnerability
Win32k Elevation of Privilege Vulnerability
CVE-2023-36776
7 - High
- October 10, 2023
Win32k Elevation of Privilege Vulnerability
Race Condition
Windows RDP Encoder Mirror Driver Elevation of Privilege Vulnerability
CVE-2023-36790
7.8 - High
- October 10, 2023
Windows RDP Encoder Mirror Driver Elevation of Privilege Vulnerability
Layer 2 Tunneling Protocol Remote Code Execution Vulnerability
CVE-2023-38166
8.1 - High
- October 10, 2023
Layer 2 Tunneling Protocol Remote Code Execution Vulnerability
Race Condition
Layer 2 Tunneling Protocol Remote Code Execution Vulnerability
CVE-2023-41765
8.1 - High
- October 10, 2023
Layer 2 Tunneling Protocol Remote Code Execution Vulnerability
Race Condition
Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability
CVE-2023-41766
7.8 - High
- October 10, 2023
Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability
Layer 2 Tunneling Protocol Remote Code Execution Vulnerability
CVE-2023-41767
8.1 - High
- October 10, 2023
Layer 2 Tunneling Protocol Remote Code Execution Vulnerability
Race Condition
Layer 2 Tunneling Protocol Remote Code Execution Vulnerability
CVE-2023-41768
8.1 - High
- October 10, 2023
Layer 2 Tunneling Protocol Remote Code Execution Vulnerability
Race Condition
Layer 2 Tunneling Protocol Remote Code Execution Vulnerability
CVE-2023-41769
8.1 - High
- October 10, 2023
Layer 2 Tunneling Protocol Remote Code Execution Vulnerability
Race Condition
Layer 2 Tunneling Protocol Remote Code Execution Vulnerability
CVE-2023-41770
8.1 - High
- October 10, 2023
Layer 2 Tunneling Protocol Remote Code Execution Vulnerability
Race Condition
Layer 2 Tunneling Protocol Remote Code Execution Vulnerability
CVE-2023-41771
8.1 - High
- October 10, 2023
Layer 2 Tunneling Protocol Remote Code Execution Vulnerability
Race Condition
Layer 2 Tunneling Protocol Remote Code Execution Vulnerability
CVE-2023-41773
8.1 - High
- October 10, 2023
Layer 2 Tunneling Protocol Remote Code Execution Vulnerability
Race Condition
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Microsoft Windows 10 1507 or by Microsoft? Click the Watch button to subscribe.