National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Contains Software Flaws (CVE)
  • CPE Product Version: cpe:/o:microsoft:windows_server_2008:-:sp2:~~essential_server_solutions_without_hyper-v~~itanium~
There are 964 matching records.
Displaying matches 121 through 140.
Vuln ID Summary CVSS Severity
CVE-2019-0683

An elevation of privilege vulnerability exists in Active Directory Forest trusts due to a default setting that lets an attacker in the trusting forest request delegation of a TGT for an identity from the trusted forest, aka 'Active Directory Elevation of Privilege Vulnerability'.

Published: April 08, 2019; 08:29:00 PM -04:00
V3: 5.9 MEDIUM
V2: 4.3 MEDIUM
CVE-2019-0667

A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'Windows VBScript Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0665, CVE-2019-0666, CVE-2019-0772.

Published: April 08, 2019; 07:29:00 PM -04:00
V3: 7.5 HIGH
V2: 7.6 HIGH
CVE-2019-0666

A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'Windows VBScript Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0665, CVE-2019-0667, CVE-2019-0772.

Published: April 08, 2019; 07:29:00 PM -04:00
V3: 7.5 HIGH
V2: 7.6 HIGH
CVE-2019-0617

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'.

Published: April 08, 2019; 07:29:00 PM -04:00
V3: 7.8 HIGH
V2: 9.3 HIGH
CVE-2019-0614

An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0774.

Published: April 08, 2019; 07:29:00 PM -04:00
V3: 6.5 MEDIUM
V2: 4.3 MEDIUM
CVE-2019-0603

A remote code execution vulnerability exists in the way that Windows Deployment Services TFTP Server handles objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code with elevated permissions on a target system. To exploit the vulnerability, an attacker could create a specially crafted request, causing Windows to execute arbitrary code with elevated permissions. The security update addresses the vulnerability by correcting how Windows Deployment Services TFTP Server handles objects in memory, aka 'Windows Deployment Services TFTP Server Remote Code Execution Vulnerability'.

Published: April 08, 2019; 07:29:00 PM -04:00
V3: 7.5 HIGH
V2: 8.5 HIGH
CVE-2019-0664

An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0602, CVE-2019-0615, CVE-2019-0616, CVE-2019-0619, CVE-2019-0660.

Published: March 05, 2019; 06:29:02 PM -05:00
V3: 6.5 MEDIUM
V2: 4.3 MEDIUM
CVE-2019-0662

A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory, aka 'GDI+ Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0618.

Published: March 05, 2019; 06:29:02 PM -05:00
V3: 8.8 HIGH
V2: 9.3 HIGH
CVE-2019-0661

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0621, CVE-2019-0663.

Published: March 05, 2019; 06:29:02 PM -05:00
V3: 5.5 MEDIUM
V2: 2.1 LOW
CVE-2019-0660

An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0602, CVE-2019-0615, CVE-2019-0616, CVE-2019-0619, CVE-2019-0664.

Published: March 05, 2019; 06:29:02 PM -05:00
V3: 6.5 MEDIUM
V2: 4.3 MEDIUM
CVE-2019-0657

A vulnerability exists in certain .Net Framework API's and Visual Studio in the way they parse URL's, aka '.NET Framework and Visual Studio Spoofing Vulnerability'.

Published: March 05, 2019; 06:29:02 PM -05:00
V3: 5.9 MEDIUM
V2: 4.3 MEDIUM
CVE-2019-0654

A spoofing vulnerability exists when Microsoft browsers improperly handles specific redirects, aka 'Microsoft Browser Spoofing Vulnerability'.

Published: March 05, 2019; 06:29:01 PM -05:00
V3: 4.3 MEDIUM
V2: 4.3 MEDIUM
CVE-2019-0636

An information vulnerability exists when Windows improperly discloses file information, aka 'Windows Information Disclosure Vulnerability'.

Published: March 05, 2019; 06:29:01 PM -05:00
V3: 5.5 MEDIUM
V2: 2.1 LOW
CVE-2019-0633

A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 2.0 (SMBv2) server handles certain requests, aka 'Windows SMB Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0630.

Published: March 05, 2019; 06:29:01 PM -05:00
V3: 8.8 HIGH
V2: 9.0 HIGH
CVE-2019-0630

A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 2.0 (SMBv2) server handles certain requests, aka 'Windows SMB Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0633.

Published: March 05, 2019; 06:29:01 PM -05:00
V3: 8.8 HIGH
V2: 9.0 HIGH
CVE-2019-0628

An information disclosure vulnerability exists when the win32k component improperly provides kernel information, aka 'Win32k Information Disclosure Vulnerability'.

Published: March 05, 2019; 06:29:01 PM -05:00
V3: 5.5 MEDIUM
V2: 2.1 LOW
CVE-2019-0626

A memory corruption vulnerability exists in the Windows Server DHCP service when an attacker sends specially crafted packets to a DHCP server, aka 'Windows DHCP Server Remote Code Execution Vulnerability'.

Published: March 05, 2019; 06:29:01 PM -05:00
V3: 9.8 CRITICAL
V2: 7.5 HIGH
CVE-2019-0625

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0595, CVE-2019-0596, CVE-2019-0597, CVE-2019-0598, CVE-2019-0599.

Published: March 05, 2019; 06:29:01 PM -05:00
V3: 7.8 HIGH
V2: 9.3 HIGH
CVE-2019-0623

An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'.

Published: March 05, 2019; 06:29:01 PM -05:00
V3: 7.8 HIGH
V2: 7.2 HIGH
CVE-2019-0621

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-0661, CVE-2019-0663.

Published: March 05, 2019; 06:29:01 PM -05:00
V3: 5.5 MEDIUM
V2: 2.1 LOW