| Windows Server | Number Of NVD | 5091 | CRITICAL | 122 | HIGH | 3461 | MEDIUM | 1438 | LOW | 70 |
| URL | https://www.microsoft.com/ | ||||||||
|---|---|---|---|---|---|---|---|---|---|
| Explanation | Server products offered by Microsoft. For business, developer, and desktop operating system products, 10 years of support at the supported Service Pack level (with a minimum of 5 years of mainstream support, followed by a minimum of 5 years of extended support). You may need to deploy the latest updates to be eligible for support. For some products, the support organization may be less than 10 years. For consumer and multimedia products, five years of mainstream support at the supported Service Pack level. The above text is excerpted from Microsoft's Fixed Lifecycle Policy. |
||||||||
| Tag | |||||||||
| No | Type | Name | URL |
|---|---|---|---|
| 1 | https://support.microsoft.com//lifecycle/search | ||
| 2 | https://www.microsoft.com/ja-jp/cloud-platform/windows-server | ||
| 3 | https://support.microsoft.com/ja-jp/hub/4095338/microsoft-lifecycle-policy | ||
| 4 | https://docs.microsoft.com/ja-jp/windows-server/get-started/windows-server-release-info |
| No | Name | Latest Version | Release date | Initial release | Normal Support | Security Support Service Pack Support |
Extended for a fee |
Critical | High | Medium | Low |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 261 | Windows Server 2022 | 21H2 | Nov. 2, 2021 | Nov. 2, 2021 | Oct. 13, 2026 | Oct. 14, 2031 | 53 | 1279 | 421 | 5 | |
| 262 | Windows Server 2019 | 1809 | Oct. 2, 2018 | Nov. 13, 2018 | Jan. 9, 2024 | Jan. 9, 2029 | 94 | 2460 | 885 | 11 | |
| 263 | Windows Server 2016 | 20H2 | Oct. 20, 2020 | Oct. 15, 2016 | Jan. 11, 2022 | Jan. 12, 2027 | 103 | 2553 | 1010 | 15 | |
| 264 | Windows Server 2012 | Oct. 30, 2012 | Oct. 30, 2012 | Oct. 9, 2018 | Oct. 10, 2023 | 94 | 2178 | 911 | 50 | ||
| 265 | Windows Server 2008 R2( Service Pack 1適用) | Feb. 22, 2011 | Jan. 14, 2020 | 0 | 0 | 0 | 0 | ||||
| 266 | Windows Server 2008(Service Pack 2適用) | April 29, 2009 | Jan. 14, 2020 | 0 | 0 | 0 | 0 | ||||
| 267 | Microsoft Windows Server 2003(Service Pack 2適用) | May 28, 2003 | July 13, 2010 | July 14, 2015 | 0 | 128 | 53 | 15 | |||
| 268 | Microsoft Windows Storage Server 2003 | May 5, 2003 | Oct. 11, 2011 | Oct. 9, 2016 | 0 | 128 | 53 | 15 | |||
| 269 | Microsoft Windows 2000(Service Pack 4適用) | March 31, 2000 | June 30, 2005 | July 13, 2010 | 2 | 40 | 19 | 0 |
| No | CVSS3 CVSS2 |
Level Attach Vector |
Title | CWE | CVE | cpe23Uri | or higher | or less | more than | less than | Update date Published date |
Show Affected | Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 261 |
5.9 - |
MEDIUM
Network |
Uncontrolled resource consumption in Windows LDAP - Lightweight Directory Access Protocol allows an unauthorized attacker to deny service over a network. |
CWE-770 CWE-400 Allocation of Resources Without Limits or Throttling Uncontrolled Resource Consumption |
CVE-2025-29954 |
cpe:2.3:o:microsoft:windows_server_2019:*:* cpe:2.3:o:microsoft:windows_server_2016:*:* cpe:2.3:o:microsoft:windo… |
|
|
|
10.0.17763.7314 10.0.14393.8066 |
2025-05-20 03:29 2025-05-14 |
Show | GitHub Exploit DB Packet Storm |
| 262 |
7.5 - |
HIGH
Network |
Acceptance of extraneous untrusted data with trusted data in UrlMon allows an unauthorized attacker to bypass a security feature over a network. |
CWE-345 CWE-349 Insufficient Verification of Data Authenticity Acceptance of Extraneous Untrusted Data With Trusted Data |
CVE-2025-29842 |
cpe:2.3:o:microsoft:windows_server_2019:*:* cpe:2.3:o:microsoft:windows_server_2016:*:* |
|
|
|
10.0.17763.7314 10.0.14393.8066 |
2025-05-20 03:29 2025-05-14 |
Show | GitHub Exploit DB Packet Storm |
| 263 |
8.8 - |
HIGH
Network |
Stack-based buffer overflow in Windows Media allows an unauthorized attacker to execute code over a network. |
CWE-787 CWE-121 Out-of-bounds Write Stack-based Buffer Overflow |
CVE-2025-29840 |
cpe:2.3:o:microsoft:windows_server_2019:*:* cpe:2.3:o:microsoft:windows_server_2016:*:* |
|
|
|
10.0.17763.7314 10.0.14393.8066 |
2025-05-20 03:30 2025-05-14 |
Show | GitHub Exploit DB Packet Storm |
| 264 |
4.0 - |
MEDIUM
Local |
Out-of-bounds read in Windows File Server allows an unauthorized attacker to disclose information locally. |
CWE-125
Out-of-bounds Read |
CVE-2025-29839 |
cpe:2.3:o:microsoft:windows_server_2019:*:* cpe:2.3:o:microsoft:windows_server_2016:*:* cpe:2.3:o:microsoft:windo… |
|
|
|
10.0.17763.7314 10.0.14393.8066 |
2025-05-20 03:30 2025-05-14 |
Show | GitHub Exploit DB Packet Storm |
| 265 |
5.5 - |
MEDIUM
Local |
Improper link resolution before file access ('link following') in Windows Installer allows an authorized attacker to disclose information locally. |
CWE-59
Link Following |
CVE-2025-29837 |
cpe:2.3:o:microsoft:windows_server_2019:*:* cpe:2.3:o:microsoft:windows_server_2016:*:* cpe:2.3:o:microsoft:windo… |
|
|
|
10.0.17763.7314 10.0.14393.8066 |
2025-05-20 03:18 2025-05-14 |
Show | GitHub Exploit DB Packet Storm |
| 266 |
6.5 - |
MEDIUM
Network |
Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. |
CWE-125
Out-of-bounds Read |
CVE-2025-29836 |
cpe:2.3:o:microsoft:windows_server_2019:*:* cpe:2.3:o:microsoft:windows_server_2016:*:* cpe:2.3:o:microsoft:windo… |
|
|
|
10.0.17763.7314 10.0.14393.8066 |
2025-05-20 03:18 2025-05-14 |
Show | GitHub Exploit DB Packet Storm |
| 267 |
6.5 - |
MEDIUM
Network |
Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. |
CWE-125 CWE-476 Out-of-bounds Read NULL Pointer Dereference |
CVE-2025-29835 |
cpe:2.3:o:microsoft:windows_server_2019:*:* cpe:2.3:o:microsoft:windows_server_2016:*:* cpe:2.3:o:microsoft:windo… |
|
|
|
10.0.17763.7314 10.0.14393.8066 |
2025-05-20 03:19 2025-05-14 |
Show | GitHub Exploit DB Packet Storm |
| 268 |
7.7 - |
HIGH
Local |
Time-of-check time-of-use (toctou) race condition in Windows Virtual Machine Bus allows an unauthorized attacker to execute code locally. | - | CVE-2025-29833 |
cpe:2.3:o:microsoft:windows_server_2019:*:* cpe:2.3:o:microsoft:windows_server_2016:*:* cpe:2.3:o:microsoft:windo… |
|
|
|
10.0.17763.7314 10.0.14393.8066 |
2025-05-20 03:19 2025-05-14 |
Show | GitHub Exploit DB Packet Storm |
| 269 |
6.5 - |
MEDIUM
Network |
Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. |
CWE-125
Out-of-bounds Read |
CVE-2025-29832 |
cpe:2.3:o:microsoft:windows_server_2019:*:* cpe:2.3:o:microsoft:windows_server_2016:*:* cpe:2.3:o:microsoft:windo… |
|
|
|
10.0.17763.7314 10.0.14393.8066 |
2025-05-20 03:19 2025-05-14 |
Show | GitHub Exploit DB Packet Storm |
| 270 |
7.5 - |
HIGH
Network |
Use after free in Remote Desktop Gateway Service allows an unauthorized attacker to execute code over a network. |
CWE-416
Use After Free |
CVE-2025-29831 |
cpe:2.3:o:microsoft:windows_server_2019:*:* cpe:2.3:o:microsoft:windows_server_2016:*:* cpe:2.3:o:microsoft:windo… |
|
|
|
10.0.17763.7314 10.0.14393.8066 |
2025-05-20 03:20 2025-05-14 |
Show | GitHub Exploit DB Packet Storm |