📦

windows_server_2008

Vendor: microsoft

Login to add this product to WatchStack
Actively Exploited 141 CISA KEV List
PoC / Exploits 454 Code Available
Total RCEs 810 Remote Access
Total CVEs 16698 Total Indexed
Avg. EPSS 8.39% Exploit Prob.
Latest CVE CVE-2026-20940 Jan 13

Security Vulnerability Index

Page 7 / 1670
7.0 CVSS
CVE-2025-59205

Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally.

EPSS: 0.18%
7.8 CVSS
CVE-2025-59201

Improper access control in Network Connection Status Indicator (NCSI) allows an authorized attacker to elevate privileges locally.

EPSS: 0.41%
5.0 CVSS
CVE-2025-59198

Improper input validation in Microsoft Windows Search Component allows an authorized attacker to deny service locally.

EPSS: 0.43%
7.0 CVSS
CVE-2025-59196

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SSDP Service allows an authorized attacker to elevate privileges locally.

EPSS: 0.24%
5.5 CVSS
CVE-2025-59190

Improper input validation in Microsoft Windows Search Component allows an unauthorized attacker to deny service locally.

EPSS: 0.46%
7.8 CVSS
CVE-2025-59187

Improper input validation in Windows Kernel allows an authorized attacker to elevate privileges locally.

EPSS: 0.28%
6.5 CVSS
CVE-2025-58739

Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an unauthorized attacker to perform spoofing over a network.

EPSS: 0.75%
7.0 CVSS
CVE-2025-58736

Use after free in Inbox COM Objects allows an unauthorized attacker to execute code locally.

EPSS: 0.32%
7.0 CVSS
CVE-2025-58735

Use after free in Inbox COM Objects allows an unauthorized attacker to execute code locally.

EPSS: 0.43%
7.0 CVSS
CVE-2025-58733

Use after free in Inbox COM Objects allows an unauthorized attacker to execute code locally.

EPSS: 0.32%