Software Detail
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
Number of items displayed
Windows Server Number Of NVD 5229 CRITICAL 126 HIGH 3568 MEDIUM 1464 LOW 71
URL https://www.microsoft.com/
Explanation Server products offered by Microsoft.

For business, developer, and desktop operating system products, 10 years of support at the supported Service Pack level (with a minimum of 5 years of mainstream support, followed by a minimum of 5 years of extended support).
You may need to deploy the latest updates to be eligible for support.
For some products, the support organization may be less than 10 years.

For consumer and multimedia products, five years of mainstream support at the supported Service Pack level.

The above text is excerpted from Microsoft's Fixed Lifecycle Policy.
Tag
  • 商用ライセンス有り
  • Microsoft

Add Information URL
No Type Name URL
1 https://support.microsoft.com//lifecycle/search
2 https://www.microsoft.com/ja-jp/cloud-platform/windows-server
3 https://support.microsoft.com/ja-jp/hub/4095338/microsoft-lifecycle-policy
4 https://docs.microsoft.com/ja-jp/windows-server/get-started/windows-server-release-info

List Of Product  [ Click to show release history and vulnerability information ]
No Name Latest Version Release date Initial release Normal Support Security Support
Service Pack Support
Extended
for a fee
Critical High Medium Low
5041 Windows Server 2022 21H2 Nov. 2, 2021 Nov. 2, 2021 Oct. 13, 2026 Oct. 14, 2031 60 1398 449 6
5042 Windows Server 2019 1809 Oct. 2, 2018 Nov. 13, 2018 Jan. 9, 2024 Jan. 9, 2029 98 2567 911 12
5043 Windows Server 2016 20H2 Oct. 20, 2020 Oct. 15, 2016 Jan. 11, 2022 Jan. 12, 2027 107 2641 1033 16
5044 Windows Server 2012 Oct. 30, 2012 Oct. 30, 2012 Oct. 9, 2018 Oct. 10, 2023 98 2256 929 51
5045 Windows Server 2008 R2( Service Pack 1適用) Feb. 22, 2011 Jan. 14, 2020 0 0 0 0
5046 Windows Server 2008(Service Pack 2適用) April 29, 2009 Jan. 14, 2020 0 0 0 0
5047 Microsoft Windows Server 2003(Service Pack 2適用) May 28, 2003 July 13, 2010 July 14, 2015 0 128 53 15
5048 Microsoft Windows Storage Server 2003 May 5, 2003 Oct. 11, 2011 Oct. 9, 2016 0 128 53 15
5049 Microsoft Windows 2000(Service Pack 4適用) March 31, 2000 June 30, 2005 July 13, 2010 2 40 19 0
5050 Windows Server 2025 0 0 0 0
NVD Vulnerability Information
  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW
No CVSS3
CVSS2
Level
Attach Vector
Title CWE CVE cpe23Uri or higher or less more than less than Update date
Published date
Show Affected Exploit
PoC
Search
5041 -
9.3
HIGH Stack-based buffer overflow in the WMEncProfileManager ActiveX control in wmex.dll in Microsoft Windows Media Encoder 9 Series allows remote attackers to execute arbitrary code via a long first argum… CWE-119
Incorrect Access of Indexable Resource ('Range Error') 
CVE-2008-3008 cpe:2.3:o:microsoft:windows_2003_server:-:sp2
cpe:2.3:o:microsoft:windows_2003_server:-:sp2
cpe:2.3:o:microsoft:w…
2026-04-23 09:35
2008-09-11
Show GitHub Exploit DB Packet Storm
5042 -
5.4
MEDIUM Microsoft Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, and Server 2008 allows remote attackers to cause a denial of service (system hang) via a series of Pragmatic General Mul… CWE-20
 Improper Input Validation 
CVE-2008-1441 cpe:2.3:o:microsoft:windows_server_2008:-:*
cpe:2.3:o:microsoft:windows_server_2008:-:*
cpe:2.3:o:microsoft:windo…
2026-04-23 09:35
2008-06-12
Show GitHub Exploit DB Packet Storm
5043 -
7.2
HIGH The WINS service on Microsoft Windows 2000 SP4, and Server 2003 SP1 and SP2, does not properly validate data structures in WINS network packets, which allows local users to gain privileges via a craf… CWE-20
 Improper Input Validation 
CVE-2008-1451 cpe:2.3:o:microsoft:windows_2003_server:-:sp2
cpe:2.3:o:microsoft:windows_2003_server:-:sp1
cpe:2.3:o:microsoft:w…
2026-04-23 09:35
2008-06-12
Show GitHub Exploit DB Packet Storm
5044 -
9.3
HIGH Buffer overflow in the Microsoft HeartbeatCtl ActiveX control in HRTBEAT.OCX allows remote attackers to execute arbitrary code via the Host argument to an unspecified method. CWE-119
Incorrect Access of Indexable Resource ('Range Error') 
CVE-2007-6255 cpe:2.3:o:microsoft:windows_2000:-:sp4 2026-04-23 09:35
2008-04-23
Show GitHub Exploit DB Packet Storm
5045 7.5
8.8
HIGH
Network
The DNS client in Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP1 and SP2, and Vista uses predictable DNS transaction IDs, which allows remote attackers to spoof DNS responses. CWE-330
 Use of Insufficiently Random Values
CVE-2008-0087 cpe:2.3:o:microsoft:windows_2000:-:sp4 2026-04-23 09:35
2008-04-9
Show GitHub Exploit DB Packet Storm
5046 8.1
9.3
HIGH
Network
Heap-based buffer overflow in the CreateDIBPatternBrushPt function in GDI in Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP1 and SP2, Vista, and Server 2008 allows remote attackers to execute arb… CWE-119
CWE-190
Incorrect Access of Indexable Resource ('Range Error') 
 Integer Overflow or Wraparound
CVE-2008-1083 cpe:2.3:o:microsoft:windows_server_2008:-:*
cpe:2.3:o:microsoft:windows_server_2008:-:*
2026-04-23 09:35
2008-04-9
Show GitHub Exploit DB Packet Storm
5047 -
7.2
HIGH Unspecified vulnerability in the kernel in Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP1 and SP2, through Vista SP1, and Server 2008 allows local users to execute arbitrary code via unknown vec… CWE-94
Code Injection
CVE-2008-1084 cpe:2.3:o:microsoft:windows_server_2008:-:* 2026-04-23 09:35
2008-04-9
Show GitHub Exploit DB Packet Storm
5048 -
6.8
MEDIUM Unspecified vulnerability in Active Directory on Microsoft Windows 2000 and Windows Server 2003, and Active Directory Application Mode (ADAM) on XP and Server 2003, allows remote attackers to cause a… CWE-20
 Improper Input Validation 
CVE-2008-0088 cpe:2.3:o:microsoft:windows_2003_server:sp2:*
cpe:2.3:o:microsoft:windows_2003_server:sp1:*
2026-04-23 09:35
2008-02-13
Show GitHub Exploit DB Packet Storm
5049 -
7.2
HIGH Unspecified vulnerability in Local Security Authority Subsystem Service (LSASS) in Microsoft Windows 2000 SP4, XP SP2, and Server 2003 SP1 and SP2 allows local users to gain privileges via a crafted … CWE-264
Permissions, Privileges, and Access Controls
CVE-2007-5352 cpe:2.3:o:microsoft:windows_2003_server:sp2:*
cpe:2.3:o:microsoft:windows_2003_server:sp1:*
2026-04-23 09:35
2008-01-9
Show GitHub Exploit DB Packet Storm
5050 -
7.1
HIGH Microsoft Windows Explorer (explorer.exe) allows user-assisted remote attackers to cause a denial of service (CPU consumption) via a certain PNG file with a large tEXt chunk that possibly triggers an… CWE-189
CWE-399
Numeric Errors
 Resource Management Errors
CVE-2007-5133 cpe:2.3:o:microsoft:windows_2003_server:-:* 2026-04-23 09:35
2007-09-28
Show GitHub Exploit DB Packet Storm