Microsoft: >> Windows Server 2008 >> r2 Security Vulnerabilities
A remote code execution vulnerability exists in the Windows Remote Desktop Client when a user connects to a malicious server, aka 'Remote Desktop Client Remote Code Execution Vulnerability'.
CVSS Score
7.5
EPSS Score
0.15
Published
2020-01-14
A remote code execution vulnerability exists when Microsoft Windows OLE fails to properly validate user input, aka 'Windows OLE Remote Code Execution Vulnerability'.
CVSS Score
7.8
EPSS Score
0.262
Published
2019-12-10
A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'VBScript Remote Code Execution Vulnerability'.
CVSS Score
7.5
EPSS Score
0.046
Published
2019-12-10
A security feature bypass vulnerability exists when Microsoft Defender improperly handles specific buffers, aka 'Microsoft Defender Security Feature Bypass Vulnerability'.
CVSS Score
3.3
EPSS Score
0.005
Published
2019-12-10
An information disclosure vulnerability exists when Windows Hyper-V on a host operating system fails to properly validate input from an authenticated user on a guest operating system, aka 'Windows Hyper-V Information Disclosure Vulnerability'.
CVSS Score
6.0
EPSS Score
0.009
Published
2019-12-10
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1472.
CVSS Score
5.5
EPSS Score
0.016
Published
2019-12-10
An elevation of privilege vulnerability exists when Windows improperly handles COM object creation, aka 'Windows COM Server Elevation of Privilege Vulnerability'.
CVSS Score
7.8
EPSS Score
0.004
Published
2019-12-10
A denial of service vulnerability exists in Remote Desktop Protocol (RDP) when an attacker connects to the target system using RDP and sends specially crafted requests, aka 'Windows Remote Desktop Protocol (RDP) Denial of Service Vulnerability'.
CVSS Score
7.5
EPSS Score
0.1
Published
2019-12-10
CVE-2019-1458
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'.
Known exploited
CVSS Score
7.8
EPSS Score
0.926
Published
2019-12-10
An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1466, CVE-2019-1467.
CVSS Score
6.5
EPSS Score
0.261
Published
2019-12-10