Software Detail
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
Number of items displayed
Windows Server Number Of NVD 5091 CRITICAL 122 HIGH 3461 MEDIUM 1438 LOW 70
URL https://www.microsoft.com/
Explanation Server products offered by Microsoft.

For business, developer, and desktop operating system products, 10 years of support at the supported Service Pack level (with a minimum of 5 years of mainstream support, followed by a minimum of 5 years of extended support).
You may need to deploy the latest updates to be eligible for support.
For some products, the support organization may be less than 10 years.

For consumer and multimedia products, five years of mainstream support at the supported Service Pack level.

The above text is excerpted from Microsoft's Fixed Lifecycle Policy.
Tag
  • 商用ライセンス有り
  • Microsoft
Add Information URL
No Type Name URL
1 https://support.microsoft.com//lifecycle/search
2 https://www.microsoft.com/ja-jp/cloud-platform/windows-server
3 https://support.microsoft.com/ja-jp/hub/4095338/microsoft-lifecycle-policy
4 https://docs.microsoft.com/ja-jp/windows-server/get-started/windows-server-release-info
List Of Product  [ Click to show release history and vulnerability information ]
No Name Latest Version Release date Initial release Normal Support Security Support
Service Pack Support		 Extended
for a fee		 Critical High Medium Low
4891 Windows Server 2022 21H2 Nov. 2, 2021 Nov. 2, 2021 Oct. 13, 2026 Oct. 14, 2031 53 1279 421 5
4892 Windows Server 2019 1809 Oct. 2, 2018 Nov. 13, 2018 Jan. 9, 2024 Jan. 9, 2029 94 2460 885 11
4893 Windows Server 2016 20H2 Oct. 20, 2020 Oct. 15, 2016 Jan. 11, 2022 Jan. 12, 2027 103 2553 1010 15
4894 Windows Server 2012 Oct. 30, 2012 Oct. 30, 2012 Oct. 9, 2018 Oct. 10, 2023 94 2178 911 50
4895 Windows Server 2008 R2( Service Pack 1適用) Feb. 22, 2011 Jan. 14, 2020 0 0 0 0
4896 Windows Server 2008(Service Pack 2適用) April 29, 2009 Jan. 14, 2020 0 0 0 0
4897 Microsoft Windows Server 2003(Service Pack 2適用) May 28, 2003 July 13, 2010 July 14, 2015 0 128 53 15
4898 Microsoft Windows Storage Server 2003 May 5, 2003 Oct. 11, 2011 Oct. 9, 2016 0 128 53 15
4899 Microsoft Windows 2000(Service Pack 4適用) March 31, 2000 June 30, 2005 July 13, 2010 2 40 19 0
NVD Vulnerability Information
  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW
No CVSS3
CVSS2		 Level
Attach Vector		 Title CWE CVE cpe23Uri or higher or less more than less than Update date
Published date		 Show Affected Exploit
PoC
Search
4891 -
4.9 		MEDIUM The Windows Printing Service in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 SP2 allows local users to read arbitrary files via a crafted sep… CWE-200
Information Exposure 		CVE-2009-0229 cpe:2.3:o:microsoft:windows_server_2008:sp2:x64
cpe:2.3:o:microsoft:windows_server_2008:sp2:x32
cpe:2.3:o:microso… 		2026-04-23 09:35
2009-06-11 		Show GitHub Exploit DB Packet Storm
4892 -
9.3 		HIGH Unspecified vulnerability in the Word 6 text converter in WordPad in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and the Word 6 text converter in Microsoft Office Word 20… NVD-CWE-noinfo
CVE-2009-0087 cpe:2.3:o:microsoft:windows_2000:-:sp4 2026-04-23 09:35
2009-04-15 		Show GitHub Exploit DB Packet Storm
4893 -
6.9 		MEDIUM The ThreadPool class in Windows Vista Gold and SP1, and Server 2008, does not properly implement isolation among a set of distinct processes that (1) all run under the NetworkService account or (2) a… CWE-269
 Improper Privilege Management 		CVE-2009-0080 cpe:2.3:o:microsoft:windows_server_2008:-:* 2026-04-23 09:35
2009-04-15 		Show GitHub Exploit DB Packet Storm
4894 -
7.6 		HIGH Windows Internet Naming Service (WINS) allows remote attackers to cause a denial of service (connectivity loss) or steal credentials via a 1Ch registration that causes WINS to change the domain contr… CWE-59
Link Following 		CVE-1999-1593 cpe:2.3:o:microsoft:windows_2000:-:* 2026-04-23 09:35
2009-01-15 		Show GitHub Exploit DB Packet Storm
4895 -
9.3 		HIGH Buffer overflow in the CallHTMLHelp method in the Microsoft Windows Media Services ActiveX control in nskey.dll 4.1.00.3917 in Windows Media Services on Microsoft Windows NT and 2000, and Avaya Media… CWE-787
 Out-of-bounds Write 		CVE-2008-5232 cpe:2.3:o:microsoft:windows_2000:-:* 2026-04-23 09:35
2008-11-26 		Show GitHub Exploit DB Packet Storm
4896 -
5.0 		MEDIUM The LDAP server in Active Directory in Microsoft Windows 2000 SP4 and Server 2003 SP1 and SP2 responds differently to a failed bind attempt depending on whether the user account exists and is permitt… CWE-200
Information Exposure 		CVE-2008-5112 cpe:2.3:o:microsoft:windows_2000:-:sp4 2026-04-23 09:35
2008-11-18 		Show GitHub Exploit DB Packet Storm
4897 -
9.3 		HIGH Microsoft Windows 2000 Gold through SP4, XP Gold through SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows remote SMB servers to execute arbitrary code on a client machine by r… CWE-287
Improper Authentication 		CVE-2008-4037 cpe:2.3:o:microsoft:windows_server_2008:-:*
cpe:2.3:o:microsoft:windows_server_2008:-:*
cpe:2.3:o:microsoft:windo… 		2026-04-23 09:35
2008-11-13 		Show GitHub Exploit DB Packet Storm
4898 -
10.0 		HIGH The Server service in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, and 7 Pre-Beta allows remote attackers to execute arbitrary code via a craf… CWE-94
Code Injection 		CVE-2008-4250 cpe:2.3:o:microsoft:windows_server_2008:-:*
cpe:2.3:o:microsoft:windows_server_2008:-:*
cpe:2.3:o:microsoft:windo… 		2026-04-23 09:35
2008-10-24 		Show GitHub Exploit DB Packet Storm
4899 -
7.1 		HIGH The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, (3) Microsoft Windows, (4) Cisco products, and probably other operating systems allows remote attackers to cause a denial of serv… CWE-16
NVD-CWE-noinfo
Configuration 		CVE-2008-4609 cpe:2.3:o:microsoft:windows_server_2008:-:sp2
cpe:2.3:o:microsoft:windows_server_2008:-:sp1
cpe:2.3:o:microsoft:w… 		2026-04-23 09:35
2008-10-21 		Show GitHub Exploit DB Packet Storm
4900 -
7.2 		HIGH afd.sys in the Ancillary Function Driver (AFD) component in Microsoft Windows XP SP2 and SP3 and Windows Server 2003 SP1 and SP2 does not properly validate input sent from user mode to the kernel, wh… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2008-3464 cpe:2.3:o:microsoft:windows_2003_server:professional:sp3 2026-04-23 09:35
2008-10-15 		Show GitHub Exploit DB Packet Storm