Software Detail
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
Number of items displayed
Windows Server Number Of NVD 5229 CRITICAL 126 HIGH 3568 MEDIUM 1464 LOW 71
URL https://www.microsoft.com/
Explanation Server products offered by Microsoft.

For business, developer, and desktop operating system products, 10 years of support at the supported Service Pack level (with a minimum of 5 years of mainstream support, followed by a minimum of 5 years of extended support).
You may need to deploy the latest updates to be eligible for support.
For some products, the support organization may be less than 10 years.

For consumer and multimedia products, five years of mainstream support at the supported Service Pack level.

The above text is excerpted from Microsoft's Fixed Lifecycle Policy.
Tag
  • 商用ライセンス有り
  • Microsoft

Add Information URL
No Type Name URL
1 https://support.microsoft.com//lifecycle/search
2 https://www.microsoft.com/ja-jp/cloud-platform/windows-server
3 https://support.microsoft.com/ja-jp/hub/4095338/microsoft-lifecycle-policy
4 https://docs.microsoft.com/ja-jp/windows-server/get-started/windows-server-release-info

List Of Product  [ Click to show release history and vulnerability information ]
No Name Latest Version Release date Initial release Normal Support Security Support
Service Pack Support
Extended
for a fee
Critical High Medium Low
5061 Windows Server 2022 21H2 Nov. 2, 2021 Nov. 2, 2021 Oct. 13, 2026 Oct. 14, 2031 60 1398 449 6
5062 Windows Server 2019 1809 Oct. 2, 2018 Nov. 13, 2018 Jan. 9, 2024 Jan. 9, 2029 98 2567 911 12
5063 Windows Server 2016 20H2 Oct. 20, 2020 Oct. 15, 2016 Jan. 11, 2022 Jan. 12, 2027 107 2641 1033 16
5064 Windows Server 2012 Oct. 30, 2012 Oct. 30, 2012 Oct. 9, 2018 Oct. 10, 2023 98 2256 929 51
5065 Windows Server 2008 R2( Service Pack 1適用) Feb. 22, 2011 Jan. 14, 2020 0 0 0 0
5066 Windows Server 2008(Service Pack 2適用) April 29, 2009 Jan. 14, 2020 0 0 0 0
5067 Microsoft Windows Server 2003(Service Pack 2適用) May 28, 2003 July 13, 2010 July 14, 2015 0 128 53 15
5068 Microsoft Windows Storage Server 2003 May 5, 2003 Oct. 11, 2011 Oct. 9, 2016 0 128 53 15
5069 Microsoft Windows 2000(Service Pack 4適用) March 31, 2000 June 30, 2005 July 13, 2010 2 40 19 0
5070 Windows Server 2025 0 0 0 0
NVD Vulnerability Information
  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW
No CVSS3
CVSS2
Level
Attach Vector
Title CWE CVE cpe23Uri or higher or less more than less than Update date
Published date
Show Affected Exploit
PoC
Search
5061 -
7.2
HIGH Buffer overflow in the Graphics Device Interface (GDI) in Microsoft Windows 2000 SP4; XP SP2; Server 2003 Gold, SP1, and SP2; and Vista allows local users to gain privileges via certain "color-relate… NVD-CWE-Other
CVE-2007-1215 cpe:2.3:o:microsoft:windows_2003_server:sp2:*
cpe:2.3:o:microsoft:windows_2003_server:sp2:*
cpe:2.3:o:microsoft:w…
2026-04-23 09:35
2007-04-5
Show GitHub Exploit DB Packet Storm
5062 -
9.3
HIGH Stack-based buffer overflow in the animated cursor code in Microsoft Windows 2000 SP4 through Vista allows remote attackers to execute arbitrary code or cause a denial of service (persistent reboot) … CWE-119
Incorrect Access of Indexable Resource ('Range Error') 
CVE-2007-0038 cpe:2.3:o:microsoft:windows_2003_server:sp2:*
cpe:2.3:o:microsoft:windows_2003_server:sp2:*
cpe:2.3:o:microsoft:w…
2026-04-23 09:35
2007-03-31
Show GitHub Exploit DB Packet Storm
5063 -
9.3
HIGH Unspecified vulnerability in Microsoft Windows 2000 SP4 through Vista allows remote attackers to execute arbitrary code or cause a denial of service (persistent reboot) via a malformed ANI file, whic… NVD-CWE-noinfo
CVE-2007-1765 cpe:2.3:o:microsoft:windows_2003_server:-:*
cpe:2.3:o:microsoft:windows_2003_server:-:*
cpe:2.3:o:microsoft:windo…
2026-04-23 09:35
2007-03-30
Show GitHub Exploit DB Packet Storm
5064 -
7.5
HIGH The default configuration of Microsoft Windows uses the Web Proxy Autodiscovery Protocol (WPAD) without static WPAD entries, which might allow remote attackers to intercept web traffic by registering… CWE-16
Configuration
CVE-2007-1692 cpe:2.3:o:microsoft:windows_2003_server:r2:*
cpe:2.3:o:microsoft:windows_2003_server:2000:*
2026-04-23 09:35
2007-03-27
Show GitHub Exploit DB Packet Storm
5065 -
3.6
LOW \Device\NdisTapi (NDISTAPI.sys) in Microsoft Windows XP SP2 and 2003 SP1 uses weak permissions, which allows local users to write to the device and cause a denial of service, as demonstrated by using… NVD-CWE-Other
CVE-2007-1537 cpe:2.3:o:microsoft:windows_2003_server:sp1:* 2026-04-23 09:35
2007-03-21
Show GitHub Exploit DB Packet Storm
5066 -
9.3
HIGH The RichEdit component in Microsoft Windows 2000 SP4, XP SP2, and 2003 SP1; Office 2000 SP3, XP SP3, 2003 SP2, and Office 2004 for Mac; and Learning Essentials for Microsoft Office 1.0, 1.1, and 1.5 … NVD-CWE-Other
CVE-2006-1311 cpe:2.3:o:microsoft:windows_2003_server:sp1:* 2026-04-23 09:35
2007-02-14
Show GitHub Exploit DB Packet Storm
5067 -
9.3
HIGH The MFC component in Microsoft Windows 2000 SP4, XP SP2, and 2003 SP1 and Visual Studio .NET 2000, 2002 SP1, 2003, and 2003 SP1 allows user-assisted remote attackers to execute arbitrary code via an … CWE-94
Code Injection
CVE-2007-0025 cpe:2.3:o:microsoft:windows_2003_server:xp_sp2:*
cpe:2.3:o:microsoft:windows_2003_server:2003:sp2
cpe:2.3:o:micro…
2026-04-23 09:35
2007-02-14
Show GitHub Exploit DB Packet Storm
5068 -
7.6
HIGH The OLE Dialog component in Microsoft Windows 2000 SP4, XP SP2, and 2003 SP1 allows user-assisted remote attackers to execute arbitrary code via an RTF file with a malformed OLE object that triggers … NVD-CWE-Other
CVE-2007-0026 cpe:2.3:o:microsoft:windows_2003_server:sp1:* 2026-04-23 09:35
2007-02-14
Show GitHub Exploit DB Packet Storm
5069 -
7.2
HIGH The hardware detection functionality in the Windows Shell in Microsoft Windows XP SP2 and Professional, and Server 2003 SP1 allows local users to gain privileges via an unvalidated parameter to a fun… NVD-CWE-Other
CVE-2007-0211 cpe:2.3:o:microsoft:windows_2003_server:sp1:* 2026-04-23 09:35
2007-02-14
Show GitHub Exploit DB Packet Storm
5070 -
9.3
HIGH The HTML Help ActiveX control (Hhctrl.ocx) in Microsoft Windows 2000 SP3, XP SP2 and Professional, 2003 SP1 allows remote attackers to execute arbitrary code via unspecified functions, related to uni… NVD-CWE-Other
CVE-2007-0214 cpe:2.3:o:microsoft:windows_2003_server:sp1:*
cpe:2.3:o:microsoft:windows_2003_server:sp1:*
cpe:2.3:o:microsoft:w…
2026-04-23 09:35
2007-02-14
Show GitHub Exploit DB Packet Storm