Microsoft Windows Server 2008 R2 Service Pack 1

1874 CVEs affecting Microsoft Windows Server 2008 R2 Service Pack 1. Latest disclosed: 2026-01-13. Critical: 60, High: 1345.

Top CVEs affecting Microsoft Windows Server 2008 R2 Service Pack 1
CVE	Severity	Score	Published	Summary
`CVE-2020-1467`	Critical	`10.0`	2020-08-17	An elevation of privilege vulnerability exists when Windows improperly handles hard links. An attacker who successfully exploited this vulnerability could over…
`CVE-2021-26424`	Critical	`9.9`	2021-08-12	Windows TCP/IP Remote Code Execution Vulnerability
`CVE-2021-28476`	Critical	`9.9`	2021-05-11	Windows Hyper-V Remote Code Execution Vulnerability
`CVE-2025-60724`	Critical	`9.8`	2025-11-11	Heap-based buffer overflow in Microsoft Graphics Component allows an unauthorized attacker to execute code over a network.
`CVE-2025-53766`	Critical	`9.8`	2025-08-12	Heap-based buffer overflow in Windows GDI+ allows an unauthorized attacker to execute code over a network.
`CVE-2025-47981`	Critical	`9.8`	2025-07-08	Heap-based buffer overflow in Windows SPNEGO Extended Negotiation allows an unauthorized attacker to execute code over a network.
`CVE-2025-21307`	Critical	`9.8`	2025-01-14	Windows Reliable Multicast Transport Driver (RMCAST) Remote Code Execution Vulnerability
`CVE-2025-21298`	Critical	`9.8`	2025-01-14	Windows OLE Remote Code Execution Vulnerability
`CVE-2024-49112`	Critical	`9.8`	2024-12-10	Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability
`CVE-2024-38140`	Critical	`9.8`	2024-08-13	Windows Reliable Multicast Transport Driver (RMCAST) Remote Code Execution Vulnerability
`CVE-2024-38063`	Critical	`9.8`	2024-08-13	Windows TCP/IP Remote Code Execution Vulnerability
`CVE-2024-38199`	Critical	`9.8`	2024-08-13	Windows Line Printer Daemon (LPD) Service Remote Code Execution Vulnerability
`CVE-2024-38074`	Critical	`9.8`	2024-07-09	Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability
`CVE-2024-38077`	Critical	`9.8`	2024-07-09	Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability
`CVE-2024-30080`	Critical	`9.8`	2024-06-11	Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
`CVE-2023-36397`	Critical	`9.8`	2023-11-14	Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability
`CVE-2023-36434`	Critical	`9.8`	2023-10-10	Windows IIS Server Elevation of Privilege Vulnerability
`CVE-2023-35349`	Critical	`9.8`	2023-10-10	Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
`CVE-2023-35385`	Critical	`9.8`	2023-08-08	Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
`CVE-2023-36911`	Critical	`9.8`	2023-08-08	Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability