Software Detail
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
Number of items displayed
Windows Server Number Of NVD 5091 CRITICAL 122 HIGH 3461 MEDIUM 1438 LOW 70
URL https://www.microsoft.com/
Explanation Server products offered by Microsoft.

For business, developer, and desktop operating system products, 10 years of support at the supported Service Pack level (with a minimum of 5 years of mainstream support, followed by a minimum of 5 years of extended support).
You may need to deploy the latest updates to be eligible for support.
For some products, the support organization may be less than 10 years.

For consumer and multimedia products, five years of mainstream support at the supported Service Pack level.

The above text is excerpted from Microsoft's Fixed Lifecycle Policy.
Tag
  • Microsoft
  • 商用ライセンス有り
Add Information URL
No Type Name URL
1 https://support.microsoft.com//lifecycle/search
2 https://www.microsoft.com/ja-jp/cloud-platform/windows-server
3 https://support.microsoft.com/ja-jp/hub/4095338/microsoft-lifecycle-policy
4 https://docs.microsoft.com/ja-jp/windows-server/get-started/windows-server-release-info
List Of Product  [ Click to show release history and vulnerability information ]
No Name Latest Version Release date Initial release Normal Support Security Support
Service Pack Support		 Extended
for a fee		 Critical High Medium Low
4541 Windows Server 2022 21H2 Nov. 2, 2021 Nov. 2, 2021 Oct. 13, 2026 Oct. 14, 2031 53 1279 421 5
4542 Windows Server 2019 1809 Oct. 2, 2018 Nov. 13, 2018 Jan. 9, 2024 Jan. 9, 2029 94 2460 885 11
4543 Windows Server 2016 20H2 Oct. 20, 2020 Oct. 15, 2016 Jan. 11, 2022 Jan. 12, 2027 103 2553 1010 15
4544 Windows Server 2012 Oct. 30, 2012 Oct. 30, 2012 Oct. 9, 2018 Oct. 10, 2023 94 2178 911 50
4545 Windows Server 2008 R2( Service Pack 1適用) Feb. 22, 2011 Jan. 14, 2020 0 0 0 0
4546 Windows Server 2008(Service Pack 2適用) April 29, 2009 Jan. 14, 2020 0 0 0 0
4547 Microsoft Windows Server 2003(Service Pack 2適用) May 28, 2003 July 13, 2010 July 14, 2015 0 128 53 15
4548 Microsoft Windows Storage Server 2003 May 5, 2003 Oct. 11, 2011 Oct. 9, 2016 0 128 53 15
4549 Microsoft Windows 2000(Service Pack 4適用) March 31, 2000 June 30, 2005 July 13, 2010 2 40 19 0
NVD Vulnerability Information
  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW
No CVSS3
CVSS2		 Level
Attach Vector		 Title CWE CVE cpe23Uri or higher or less more than less than Update date
Published date		 Show Affected Exploit
PoC
Search
4541 -
9.3 		HIGH GDI+ in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, Offi… CWE-20
 Improper Input Validation  		CVE-2014-1818 cpe:2.3:o:microsoft:windows_server_2012:r2:*
cpe:2.3:o:microsoft:windows_server_2012:-:*
cpe:2.3:o:microsoft:wind… 		2024-11-21 11:05
2014-06-11 		Show GitHub Exploit DB Packet Storm
4542 -
5.0 		MEDIUM The TCP implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows r… CWE-399
 Resource Management Errors 		CVE-2014-1811 cpe:2.3:o:microsoft:windows_server_2012:r2:*
cpe:2.3:o:microsoft:windows_server_2012:-:*
cpe:2.3:o:microsoft:wind… 		2024-11-21 11:05
2014-06-11 		Show GitHub Exploit DB Packet Storm
4543 -
5.1 		MEDIUM The Remote Desktop Protocol (RDP) implementation in Microsoft Windows 7 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 does not properly encrypt sessions, which makes it easier for … CWE-310
Cryptographic Issues 		CVE-2014-0296 cpe:2.3:o:microsoft:windows_server_2012:r2:*
cpe:2.3:o:microsoft:windows_server_2012:-:* 		2024-11-21 11:01
2014-06-11 		Show GitHub Exploit DB Packet Storm
4544 -
9.3 		HIGH usp10.dll in Uniscribe (aka the Unicode Script Processor) in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows S… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2014-1817 cpe:2.3:o:microsoft:windows_server_2012:r2:*
cpe:2.3:o:microsoft:windows_server_2012:-:*
cpe:2.3:o:microsoft:wind… 		2024-11-21 11:05
2014-06-11 		Show GitHub Exploit DB Packet Storm
4545 8.8
9.0 		HIGH
Network 		The Group Policy implementation in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, and Windows Server 2012 Gold and R2 does not properly handle… CWE-255
CWE-522
Credentials Management
 Insufficiently Protected Credentials 		CVE-2014-1812 cpe:2.3:o:microsoft:windows_server_2012:r2:*
cpe:2.3:o:microsoft:windows_server_2012:-:*
cpe:2.3:o:microsoft:wind… 		2026-04-23 01:44
2014-05-14 		Show GitHub Exploit DB Packet Storm
4546 -
7.2 		HIGH The ShellExecute API in Windows Shell in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and … CWE-264
Permissions, Privileges, and Access Controls 		CVE-2014-1807 cpe:2.3:o:microsoft:windows_server_2012:r2:*
cpe:2.3:o:microsoft:windows_server_2012:-:*
cpe:2.3:o:microsoft:wind… 		2024-11-21 11:05
2014-05-14 		Show GitHub Exploit DB Packet Storm
4547 -
5.0 		MEDIUM Microsoft Windows Server 2008 SP2 and R2 SP1 and Server 2012 Gold allow remote attackers to cause a denial of service (iSCSI service outage) by sending many crafted packets, aka "iSCSI Target Remote … CWE-20
 Improper Input Validation  		CVE-2014-0256 cpe:2.3:o:microsoft:windows_server_2012:-:*
cpe:2.3:o:microsoft:windows_server_2008:r2:sp1
cpe:2.3:o:microsoft:wi… 		2024-11-21 11:01
2014-05-14 		Show GitHub Exploit DB Packet Storm
4548 -
5.0 		MEDIUM Microsoft Windows Server 2008 SP2 and R2 SP1 and Server 2012 Gold and R2 allow remote attackers to cause a denial of service (iSCSI service outage) by sending many crafted packets, aka "iSCSI Target … CWE-20
 Improper Input Validation  		CVE-2014-0255 cpe:2.3:o:microsoft:windows_server_2012:r2:*
cpe:2.3:o:microsoft:windows_server_2012:r2:*
cpe:2.3:o:microsoft:win… 		2024-11-21 11:01
2014-05-14 		Show GitHub Exploit DB Packet Storm
4549 -
6.9 		MEDIUM Untrusted search path vulnerability in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows… CWE-426
 Untrusted Search Path 		CVE-2014-0315 cpe:2.3:o:microsoft:windows_server_2012:r2:*
cpe:2.3:o:microsoft:windows_server_2012:-:*
cpe:2.3:o:microsoft:wind… 		2024-11-21 11:01
2014-04-9 		Show GitHub Exploit DB Packet Storm
4550 -
6.6 		MEDIUM win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windo… CWE-200
Information Exposure 		CVE-2014-0323 cpe:2.3:o:microsoft:windows_server_2012:r2:*
cpe:2.3:o:microsoft:windows_server_2012:-:*
cpe:2.3:o:microsoft:wind… 		2024-11-21 11:01
2014-03-12 		Show GitHub Exploit DB Packet Storm