U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
  • CPE Product Version: cpe:/o:microsoft:windows_server_2008:r2::~~~~x64~
There are 1,960 matching records.
Displaying matches 1,741 through 1,760.
Vuln ID Summary CVSS Severity
CVE-2017-11822

Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how Internet Explorer handles objects in memory, aka "Internet Explorer Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11813.

Published: October 13, 2017; 9:29:01 AM -0400
V4.0:(not available)
V3.0: 7.5 HIGH
V2.0: 7.6 HIGH
CVE-2017-11817

The Microsoft Windows Kernel component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, allows an information disclosure vulnerability when it improperly validates objects in memory, aka "Windows Information Disclosure Vulnerability".

Published: October 13, 2017; 9:29:01 AM -0400
V4.0:(not available)
V3.0: 4.7 MEDIUM
V2.0: 1.9 LOW
CVE-2017-11816

The Microsoft Windows Graphics Device Interface (GDI) on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an information disclosure vulnerability in the way it handles objects in memory, aka "Windows GDI Information Disclosure Vulnerability".

Published: October 13, 2017; 9:29:01 AM -0400
V4.0:(not available)
V3.0: 5.5 MEDIUM
V2.0: 2.1 LOW
CVE-2017-11815

The Microsoft Server Block Message (SMB) on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, allows an information disclosure vulnerability in the way that it handles certain requests, aka "Windows SMB Information Disclosure Vulnerability".

Published: October 13, 2017; 9:29:01 AM -0400
V4.0:(not available)
V3.0: 5.3 MEDIUM
V2.0: 3.5 LOW
CVE-2017-11793

Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11792, CVE-2017-11796, CVE-2017-11798, CVE-2017-11799, CVE-2017-11800, CVE-2017-11801, CVE-2017-11802, CVE-2017-11804, CVE-2017-11805, CVE-2017-11806, CVE-2017-11807, CVE-2017-11808, CVE-2017-11809, CVE-2017-11810, CVE-2017-11811, CVE-2017-11812, and CVE-2017-11821.

Published: October 13, 2017; 9:29:00 AM -0400
V4.0:(not available)
V3.0: 7.5 HIGH
V2.0: 7.6 HIGH
CVE-2017-8710

The Microsoft Common Console Document (.msc) in Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1 allows an attacker to read arbitrary files via an XML external entity (XXE) declaration, due to the way that the Microsoft Common Console Document (.msc) parses XML input containing a reference to an external entity, aka "Windows Information Disclosure Vulnerability".

Published: September 12, 2017; 9:29:10 PM -0400
V4.0:(not available)
V3.0: 5.5 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2017-8685

Windows GDI+ on Microsoft Windows Server 2008 SP2 and R2 SP1, and Windows 7 SP1 allows information disclosure by the way it discloses kernel memory addresses, aka "Windows GDI+ Information Disclosure Vulnerability". This CVE ID is unique from CVE-2017-8684 and CVE-2017-8688.

Published: September 12, 2017; 9:29:10 PM -0400
V4.0:(not available)
V3.0: 5.5 MEDIUM
V2.0: 2.1 LOW
CVE-2017-8684

Windows GDI+ on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT 8.1, allows information disclosure by the way it discloses kernel memory addresses, aka "Windows GDI+ Information Disclosure Vulnerability". This CVE ID is unique from CVE-2017-8685 and CVE-2017-8688.

Published: September 12, 2017; 9:29:10 PM -0400
V4.0:(not available)
V3.0: 5.5 MEDIUM
V2.0: 2.1 LOW
CVE-2017-8683

Windows graphics on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, allows an attacker to execute remote code by the way it handles embedded fonts, aka "Win32k Graphics Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-8682.

Published: September 12, 2017; 9:29:10 PM -0400
V4.0:(not available)
V3.0: 5.5 MEDIUM
V2.0: 2.1 LOW
CVE-2017-8682

Windows graphics on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, Windows Server 2016, Microsoft Office Word Viewer, Microsoft Office 2007 Service Pack 3 , and Microsoft Office 2010 Service Pack 2 allows an attacker to execute remote code by the way it handles embedded fonts, aka "Win32k Graphics Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-8683.

Published: September 12, 2017; 9:29:10 PM -0400
V4.0:(not available)
V3.0: 8.8 HIGH
V2.0: 9.3 HIGH
CVE-2017-8680

The Windows kernel component on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT 8.1 allows an information disclosure vulnerability when it improperly handles objects in memory, aka "Win32k Information Disclosure Vulnerability". This CVE ID is unique from CVE-2017-8678, CVE-2017-8677, CVE-2017-8681, and CVE-2017-8687.

Published: September 12, 2017; 9:29:10 PM -0400
V4.0:(not available)
V3.0: 5.5 MEDIUM
V2.0: 2.1 LOW
CVE-2017-8636

Microsoft browsers in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of the current user due to the way that Microsoft browser JavaScript engines render content when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8634, CVE-2017-8635, CVE-2017-8638, CVE-2017-8639, CVE-2017-8640, CVE-2017-8641, CVE-2017-8645, CVE-2017-8646, CVE-2017-8647, CVE-2017-8655, CVE-2017-8656, CVE-2017-8657, CVE-2017-8670, CVE-2017-8671, CVE-2017-8672, and CVE-2017-8674.

Published: August 08, 2017; 5:29:00 PM -0400
V4.0:(not available)
V3.0: 7.5 HIGH
V2.0: 7.6 HIGH
CVE-2017-8635

Microsoft browsers in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of the current user due to the way that JavaScript engines render when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8634, CVE-2017-8636, CVE-2017-8638, CVE-2017-8639, CVE-2017-8640, CVE-2017-8641, CVE-2017-8645, CVE-2017-8646, CVE-2017-8647, CVE-2017-8655, CVE-2017-8656, CVE-2017-8657, CVE-2017-8670, CVE-2017-8671, CVE-2017-8672, and CVE-2017-8674.

Published: August 08, 2017; 5:29:00 PM -0400
V4.0:(not available)
V3.0: 7.5 HIGH
V2.0: 7.6 HIGH
CVE-2017-8620

Windows Search in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows a remote code execution vulnerability when it improperly handles objects in memory, aka "Windows Search Remote Code Execution Vulnerability".

Published: August 08, 2017; 5:29:00 PM -0400
V4.0:(not available)
V3.0: 8.1 HIGH
V2.0: 9.3 HIGH
CVE-2017-8618

Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 Internet Explorer in the way affected Microsoft scripting engines render when handling objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This CVE ID is unique from CVE-2017-8596, CVE-2017-8610, CVE-2017-8601, CVE-2017-8603, CVE-2017-8604, CVE-2017-8605, CVE-2017-8606, CVE-2017-8607, CVE-2017-8608, CVE-2017-8619, CVE-2017-9598 and CVE-2017-8609.

Published: July 11, 2017; 5:29:02 PM -0400
V4.0:(not available)
V3.0: 7.5 HIGH
V2.0: 7.6 HIGH
CVE-2017-8564

Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an information disclosure vulnerability when it fails to properly initialize a memory address, aka "Windows Kernel Information Disclosure Vulnerability".

Published: July 11, 2017; 5:29:01 PM -0400
V4.0:(not available)
V3.0: 5.5 MEDIUM
V2.0: 2.1 LOW
CVE-2017-8557

Windows System Information Console in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an information disclosure vulnerability improperly parses XML input containing a reference to an external entity, aka "Windows System Information Console Information Disclosure Vulnerability".

Published: July 11, 2017; 5:29:00 PM -0400
V4.0:(not available)
V3.0: 5.5 MEDIUM
V2.0: 2.1 LOW
CVE-2017-8553

An information disclosure vulnerability exists in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows Server 2016 when the Windows kernel improperly handles objects in memory, aka "GDI Information Disclosure Vulnerability".

Published: June 14, 2017; 9:29:04 PM -0400
V4.0:(not available)
V3.0: 4.7 MEDIUM
V2.0: 1.9 LOW
CVE-2017-8543

Microsoft Windows XP SP3, Windows XP x64 XP2, Windows Server 2003 SP2, Windows Vista, Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to take control of the affected system when Windows Search fails to handle objects in memory, aka "Windows Search Remote Code Execution Vulnerability".

Published: June 14, 2017; 9:29:04 PM -0400
V4.0:(not available)
V3.0: 9.8 CRITICAL
V2.0: 10.0 HIGH
CVE-2017-8532

Graphics in Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows improper disclosure of memory contents, aka "Graphics Uniscribe Information Disclosure Vulnerability". This CVE ID is unique from CVE-2017-0286, CVE-2017-0287, CVE-2017-0288, CVE-2017-0289, CVE-2017-8531, and CVE-2017-8533.

Published: June 14, 2017; 9:29:04 PM -0400
V4.0:(not available)
V3.0: 6.5 MEDIUM
V2.0: 4.3 MEDIUM