Software Detail
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
Number of items displayed
Windows Server Number Of NVD 5145 CRITICAL 123 HIGH 3506 MEDIUM 1446 LOW 70
URL https://www.microsoft.com/
Explanation Server products offered by Microsoft.

For business, developer, and desktop operating system products, 10 years of support at the supported Service Pack level (with a minimum of 5 years of mainstream support, followed by a minimum of 5 years of extended support).
You may need to deploy the latest updates to be eligible for support.
For some products, the support organization may be less than 10 years.

For consumer and multimedia products, five years of mainstream support at the supported Service Pack level.

The above text is excerpted from Microsoft's Fixed Lifecycle Policy.
Tag
  • 商用ライセンス有り
  • Microsoft
Add Information URL
No Type Name URL
1 https://support.microsoft.com//lifecycle/search
2 https://www.microsoft.com/ja-jp/cloud-platform/windows-server
3 https://support.microsoft.com/ja-jp/hub/4095338/microsoft-lifecycle-policy
4 https://docs.microsoft.com/ja-jp/windows-server/get-started/windows-server-release-info
List Of Product  [ Click to show release history and vulnerability information ]
No Name Latest Version Release date Initial release Normal Support Security Support
Service Pack Support		 Extended
for a fee		 Critical High Medium Low
3841 Windows Server 2022 21H2 Nov. 2, 2021 Nov. 2, 2021 Oct. 13, 2026 Oct. 14, 2031 55 1326 429 5
3842 Windows Server 2019 1809 Oct. 2, 2018 Nov. 13, 2018 Jan. 9, 2024 Jan. 9, 2029 95 2505 893 11
3843 Windows Server 2016 20H2 Oct. 20, 2020 Oct. 15, 2016 Jan. 11, 2022 Jan. 12, 2027 104 2591 1017 15
3844 Windows Server 2012 Oct. 30, 2012 Oct. 30, 2012 Oct. 9, 2018 Oct. 10, 2023 95 2213 917 50
3845 Windows Server 2008 R2( Service Pack 1適用) Feb. 22, 2011 Jan. 14, 2020 0 0 0 0
3846 Windows Server 2008(Service Pack 2適用) April 29, 2009 Jan. 14, 2020 0 0 0 0
3847 Microsoft Windows Server 2003(Service Pack 2適用) May 28, 2003 July 13, 2010 July 14, 2015 0 128 53 15
3848 Microsoft Windows Storage Server 2003 May 5, 2003 Oct. 11, 2011 Oct. 9, 2016 0 128 53 15
3849 Microsoft Windows 2000(Service Pack 4適用) March 31, 2000 June 30, 2005 July 13, 2010 2 40 19 0
NVD Vulnerability Information
  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW
No CVSS3
CVSS2		 Level
Attach Vector		 Title CWE CVE cpe23Uri or higher or less more than less than Update date
Published date		 Show Affected Exploit
PoC
Search
3841 7.0
7.2 		HIGH
Local 		An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability." This affects Windows… CWE-404
 Improper Resource Shutdown or Release 		CVE-2018-8120 cpe:2.3:o:microsoft:windows_server_2008:r2:sp1
cpe:2.3:o:microsoft:windows_server_2008:r2:sp1
cpe:2.3:o:microsoft… 		2024-11-21 13:13
2018-05-10 		Show GitHub Exploit DB Packet Storm
3842 7.6
7.4 		HIGH
Adjacent 		A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate vSMB packet data, aka "Hyper-V vSMB Remote Code Execution Vulnerability." This affects Wi… CWE-20
 Improper Input Validation  		CVE-2018-0961 cpe:2.3:o:microsoft:windows_server_2016:1803:*
cpe:2.3:o:microsoft:windows_server_2016:1709:*
cpe:2.3:o:microsoft… 		2024-11-21 12:39
2018-05-10 		Show GitHub Exploit DB Packet Storm
3843 7.0
6.9 		HIGH
Local 		An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability." This affects Windows… CWE-404
 Improper Resource Shutdown or Release 		CVE-2018-8124 cpe:2.3:o:microsoft:windows_server_2016:1803:*
cpe:2.3:o:microsoft:windows_server_2016:1709:*
cpe:2.3:o:microsoft… 		2024-11-21 13:13
2018-05-10 		Show GitHub Exploit DB Packet Storm
3844 7.6
7.4 		HIGH
Adjacent 		A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system, aka "Hyper-V Remote Code Ex… CWE-20
 Improper Input Validation  		CVE-2018-0959 cpe:2.3:o:microsoft:windows_server_2016:1803:*
cpe:2.3:o:microsoft:windows_server_2016:1709:*
cpe:2.3:o:microsoft… 		2024-11-21 12:39
2018-05-10 		Show GitHub Exploit DB Packet Storm
3845 5.3
4.6 		MEDIUM
Local 		A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard, aka "Windows Security Feature Bypass Vulnerability." This affects Windows Server 2016, … NVD-CWE-noinfo
CVE-2018-0958 cpe:2.3:o:microsoft:windows_server_2016:1803:*
cpe:2.3:o:microsoft:windows_server_2016:1709:*
cpe:2.3:o:microsoft… 		2024-11-21 12:39
2018-05-10 		Show GitHub Exploit DB Packet Storm
3846 5.3
4.6 		MEDIUM
Local 		A security feature bypass vulnerability exists in Windows Scripting Host which could allow an attacker to bypass Device Guard, aka "Windows Security Feature Bypass Vulnerability." This affects Window… NVD-CWE-noinfo
CVE-2018-0854 cpe:2.3:o:microsoft:windows_server_2016:1709:*
cpe:2.3:o:microsoft:windows_server_2016:-:* 		2024-11-21 12:39
2018-05-10 		Show GitHub Exploit DB Packet Storm
3847 8.8
5.1 		HIGH
Network 		A remote code execution vulnerability exists in "Microsoft COM for Windows" when it fails to properly handle serialized objects, aka "Microsoft COM for Windows Remote Code Execution Vulnerability." T… CWE-502
 Deserialization of Untrusted Data 		CVE-2018-0824 cpe:2.3:o:microsoft:windows_server_2016:-:*
cpe:2.3:o:microsoft:windows_server_2012:r2:*
cpe:2.3:o:microsoft:wind… 		2024-11-21 12:39
2018-05-10 		Show GitHub Exploit DB Packet Storm
3848 5.3
4.6 		MEDIUM
Local 		A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard, aka "Windows Security Feature Bypass Vulnerability." This affects Windows 10, Windows 1… NVD-CWE-noinfo
CVE-2018-1035 cpe:2.3:o:microsoft:windows_server_2016:1709:* 2024-11-21 12:59
2018-04-19 		Show GitHub Exploit DB Packet Storm
3849 5.5
2.1 		MEDIUM
Local 		A denial of service vulnerability exists in the way that Windows handles objects in memory, aka "Microsoft Graphics Component Denial of Service Vulnerability." This affects Windows 7, Windows Server … NVD-CWE-noinfo
CVE-2018-8116 cpe:2.3:o:microsoft:windows_server_2016:-:*
cpe:2.3:o:microsoft:windows_server_2012:r2:*
cpe:2.3:o:microsoft:wind… 		2024-11-21 13:13
2018-04-12 		Show GitHub Exploit DB Packet Storm
3850 7.8
7.2 		HIGH
Local 		An elevation of privilege vulnerability exists when Windows improperly handles objects in memory and incorrectly maps kernel memory, aka "Microsoft DirectX Graphics Kernel Subsystem Elevation of Priv… NVD-CWE-noinfo
CVE-2018-1009 cpe:2.3:o:microsoft:windows_server_2012:r2:* 2024-11-21 12:58
2018-04-12 		Show GitHub Exploit DB Packet Storm