Software Detail
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
Number of items displayed
Windows Server Number Of NVD 5091 CRITICAL 122 HIGH 3461 MEDIUM 1438 LOW 70
URL https://www.microsoft.com/
Explanation Server products offered by Microsoft.

For business, developer, and desktop operating system products, 10 years of support at the supported Service Pack level (with a minimum of 5 years of mainstream support, followed by a minimum of 5 years of extended support).
You may need to deploy the latest updates to be eligible for support.
For some products, the support organization may be less than 10 years.

For consumer and multimedia products, five years of mainstream support at the supported Service Pack level.

The above text is excerpted from Microsoft's Fixed Lifecycle Policy.
Tag
  • Microsoft
  • 商用ライセンス有り
Add Information URL
No Type Name URL
1 https://support.microsoft.com//lifecycle/search
2 https://www.microsoft.com/ja-jp/cloud-platform/windows-server
3 https://support.microsoft.com/ja-jp/hub/4095338/microsoft-lifecycle-policy
4 https://docs.microsoft.com/ja-jp/windows-server/get-started/windows-server-release-info
List Of Product  [ Click to show release history and vulnerability information ]
No Name Latest Version Release date Initial release Normal Support Security Support
Service Pack Support		 Extended
for a fee		 Critical High Medium Low
4551 Windows Server 2022 21H2 Nov. 2, 2021 Nov. 2, 2021 Oct. 13, 2026 Oct. 14, 2031 53 1279 421 5
4552 Windows Server 2019 1809 Oct. 2, 2018 Nov. 13, 2018 Jan. 9, 2024 Jan. 9, 2029 94 2460 885 11
4553 Windows Server 2016 20H2 Oct. 20, 2020 Oct. 15, 2016 Jan. 11, 2022 Jan. 12, 2027 103 2553 1010 15
4554 Windows Server 2012 Oct. 30, 2012 Oct. 30, 2012 Oct. 9, 2018 Oct. 10, 2023 94 2178 911 50
4555 Windows Server 2008 R2( Service Pack 1適用) Feb. 22, 2011 Jan. 14, 2020 0 0 0 0
4556 Windows Server 2008(Service Pack 2適用) April 29, 2009 Jan. 14, 2020 0 0 0 0
4557 Microsoft Windows Server 2003(Service Pack 2適用) May 28, 2003 July 13, 2010 July 14, 2015 0 128 53 15
4558 Microsoft Windows Storage Server 2003 May 5, 2003 Oct. 11, 2011 Oct. 9, 2016 0 128 53 15
4559 Microsoft Windows 2000(Service Pack 4適用) March 31, 2000 June 30, 2005 July 13, 2010 2 40 19 0
NVD Vulnerability Information
  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW
No CVSS3
CVSS2		 Level
Attach Vector		 Title CWE CVE cpe23Uri or higher or less more than less than Update date
Published date		 Show Affected Exploit
PoC
Search
4551 -
5.4 		MEDIUM The Security Account Manager Remote (SAMR) protocol implementation in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, and Windows Ser… CWE-264
CWE-20
Permissions, Privileges, and Access Controls
 Improper Input Validation  		CVE-2014-0317 cpe:2.3:o:microsoft:windows_server_2012:r2:*
cpe:2.3:o:microsoft:windows_server_2012:r2:*
cpe:2.3:o:microsoft:win… 		2024-11-21 11:01
2014-03-12 		Show GitHub Exploit DB Packet Storm
4552 -
9.3 		HIGH Double free vulnerability in qedit.dll in DirectShow in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Win… CWE-415
 Double Free 		CVE-2014-0301 cpe:2.3:o:microsoft:windows_server_2012:r2:*
cpe:2.3:o:microsoft:windows_server_2012:-:*
cpe:2.3:o:microsoft:wind… 		2024-11-21 11:01
2014-03-12 		Show GitHub Exploit DB Packet Storm
4553 -
7.2 		HIGH win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windo… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2014-0300 cpe:2.3:o:microsoft:windows_server_2012:r2:*
cpe:2.3:o:microsoft:windows_server_2012:-:*
cpe:2.3:o:microsoft:wind… 		2024-11-21 11:01
2014-03-12 		Show GitHub Exploit DB Packet Storm
4554 -
7.1 		HIGH The XMLHTTP ActiveX controls in XML Core Services 3.0 in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Wi… CWE-200
Information Exposure 		CVE-2014-0266 cpe:2.3:o:microsoft:windows_server_2012:r2:*
cpe:2.3:o:microsoft:windows_server_2012:-:*
cpe:2.3:o:microsoft:wind… 		2024-11-21 11:01
2014-02-12 		Show GitHub Exploit DB Packet Storm
4555 -
9.3 		HIGH The Direct2D implementation in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to exe… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2014-0263 cpe:2.3:o:microsoft:windows_server_2012:r2:*
cpe:2.3:o:microsoft:windows_server_2012:-:*
cpe:2.3:o:microsoft:wind… 		2024-11-21 11:01
2014-02-12 		Show GitHub Exploit DB Packet Storm
4556 -
7.8 		HIGH The IPv6 implementation in Microsoft Windows 8, Windows Server 2012, and Windows RT does not properly validate packets, which allows remote attackers to cause a denial of service (system hang) via cr… CWE-20
 Improper Input Validation  		CVE-2014-0254 cpe:2.3:o:microsoft:windows_server_2012:-:* 2024-11-21 11:01
2014-02-12 		Show GitHub Exploit DB Packet Storm
4557 8.8
7.6 		HIGH
Network 		Why is Microsoft republishing a CVE from 2013? We are republishing CVE-2013-3900 in the Security Update Guide to update the Security Updates table and to inform customers that the EnableCertPaddingCh… CWE-347
 Improper Verification of Cryptographic Signature 		CVE-2013-3900 cpe:2.3:o:microsoft:windows_server_2019:-:*
cpe:2.3:o:microsoft:windows_server_2016:-:*
cpe:2.3:o:microsoft:windo… 		2026-04-23 01:46
2013-12-11 		Show GitHub Exploit DB Packet Storm
4558 -
6.9 		MEDIUM Integer overflow in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1,… CWE-190
 Integer Overflow or Wraparound 		CVE-2013-5058 cpe:2.3:o:microsoft:windows_server_2012:r2:*
cpe:2.3:o:microsoft:windows_server_2012:-:*
cpe:2.3:o:microsoft:wind… 		2024-11-21 10:56
2013-12-11 		Show GitHub Exploit DB Packet Storm
4559 -
9.3 		HIGH Use-after-free vulnerability in the Scripting Runtime Object Library in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1… CWE-416
 Use After Free 		CVE-2013-5056 cpe:2.3:o:microsoft:windows_server_2012:r2:*
cpe:2.3:o:microsoft:windows_server_2012:-:*
cpe:2.3:o:microsoft:wind… 		2024-11-21 10:56
2013-12-11 		Show GitHub Exploit DB Packet Storm
4560 -
7.2 		HIGH portcls.sys in the kernel-mode drivers in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allows local users to gain pri… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2013-3907 cpe:2.3:o:microsoft:windows_server_2012:-:* 2024-11-21 10:54
2013-12-11 		Show GitHub Exploit DB Packet Storm