Windows 11 23h2
by Microsoft
Source repositories
CVEs (2,235)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-50154 | 0.05 | — | 0.26 | Aug 12, 2025 | Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an unauthorized attacker to perform spoofing over a network. | |||
| CVE-2024-43532 | 0.05 | — | 0.12 | Oct 8, 2024 | Remote Registry Service Elevation of Privilege Vulnerability | |||
| CVE-2024-38148 | 0.05 | — | 0.32 | Aug 13, 2024 | Windows Secure Channel Denial of Service Vulnerability | |||
| CVE-2024-38030 | 0.05 | — | 0.51 | Jul 9, 2024 | Windows Themes Spoofing Vulnerability | |||
| CVE-2024-21320 | 0.05 | — | 0.23 | Jan 9, 2024 | Windows Themes Spoofing Vulnerability | |||
| CVE-2025-47987 | 0.04 | — | 0.02 | Jul 8, 2025 | Heap-based buffer overflow in Windows Cred SSProvider Protocol allows an authorized attacker to elevate privileges locally. | |||
| CVE-2025-32724 | 0.04 | — | 0.02 | Jun 10, 2025 | Uncontrolled resource consumption in Windows Local Security Authority Subsystem Service (LSASS) allows an unauthorized attacker to deny service over a network. | |||
| CVE-2024-30038 | 0.04 | — | 0.03 | May 14, 2024 | Win32k Elevation of Privilege Vulnerability | |||
| CVE-2024-26230 | 0.04 | — | 0.24 | Apr 9, 2024 | Windows Telephony Server Elevation of Privilege Vulnerability | |||
| CVE-2024-20697 | 0.04 | — | 0.72 | Jan 9, 2024 | Windows libarchive Remote Code Execution Vulnerability | |||
| CVE-2023-36606 | 0.04 | — | 0.67 | Oct 10, 2023 | Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability | |||
| CVE-2023-28293 | 0.04 | — | 0.03 | Apr 11, 2023 | Windows Kernel Elevation of Privilege Vulnerability | |||
| CVE-2023-21769 | 0.04 | — | 0.92 | Apr 11, 2023 | Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability | |||
| CVE-2023-24871 | 0.04 | — | 0.03 | Mar 14, 2023 | Windows Bluetooth Service Remote Code Execution Vulnerability | |||
| CVE-2023-21746 | 0.04 | — | 0.03 | Jan 10, 2023 | Windows NTLM Elevation of Privilege Vulnerability | |||
| CVE-2022-44666 | 0.04 | — | 0.40 | Dec 13, 2022 | Windows Contacts Remote Code Execution Vulnerability | |||
| CVE-2026-21244 | 0.03 | — | 0.01 | Feb 10, 2026 | Heap-based buffer overflow in Windows Hyper-V allows an authorized attacker to execute code locally. | |||
| CVE-2026-21248 | 0.03 | — | 0.01 | Feb 10, 2026 | Heap-based buffer overflow in Windows Hyper-V allows an authorized attacker to execute code locally. | |||
| CVE-2025-59254 | 0.03 | — | 0.01 | Oct 14, 2025 | Heap-based buffer overflow in Windows DWM Core Library allows an authorized attacker to elevate privileges locally. | |||
| CVE-2025-53722 | 0.03 | — | 0.17 | Aug 12, 2025 | Uncontrolled resource consumption in Windows Remote Desktop Services allows an unauthorized attacker to deny service over a network. |
- CVE-2025-50154Aug 12, 2025risk 0.05cvss —epss 0.26
Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an unauthorized attacker to perform spoofing over a network.
- CVE-2024-43532Oct 8, 2024risk 0.05cvss —epss 0.12
Remote Registry Service Elevation of Privilege Vulnerability
- CVE-2024-38148Aug 13, 2024risk 0.05cvss —epss 0.32
Windows Secure Channel Denial of Service Vulnerability
- CVE-2024-38030Jul 9, 2024risk 0.05cvss —epss 0.51
Windows Themes Spoofing Vulnerability
- CVE-2024-21320Jan 9, 2024risk 0.05cvss —epss 0.23
Windows Themes Spoofing Vulnerability
- CVE-2025-47987Jul 8, 2025risk 0.04cvss —epss 0.02
Heap-based buffer overflow in Windows Cred SSProvider Protocol allows an authorized attacker to elevate privileges locally.
- CVE-2025-32724Jun 10, 2025risk 0.04cvss —epss 0.02
Uncontrolled resource consumption in Windows Local Security Authority Subsystem Service (LSASS) allows an unauthorized attacker to deny service over a network.
- CVE-2024-30038May 14, 2024risk 0.04cvss —epss 0.03
Win32k Elevation of Privilege Vulnerability
- CVE-2024-26230Apr 9, 2024risk 0.04cvss —epss 0.24
Windows Telephony Server Elevation of Privilege Vulnerability
- CVE-2024-20697Jan 9, 2024risk 0.04cvss —epss 0.72
Windows libarchive Remote Code Execution Vulnerability
- CVE-2023-36606Oct 10, 2023risk 0.04cvss —epss 0.67
Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
- CVE-2023-28293Apr 11, 2023risk 0.04cvss —epss 0.03
Windows Kernel Elevation of Privilege Vulnerability
- CVE-2023-21769Apr 11, 2023risk 0.04cvss —epss 0.92
Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
- CVE-2023-24871Mar 14, 2023risk 0.04cvss —epss 0.03
Windows Bluetooth Service Remote Code Execution Vulnerability
- CVE-2023-21746Jan 10, 2023risk 0.04cvss —epss 0.03
Windows NTLM Elevation of Privilege Vulnerability
- CVE-2022-44666Dec 13, 2022risk 0.04cvss —epss 0.40
Windows Contacts Remote Code Execution Vulnerability
- CVE-2026-21244Feb 10, 2026risk 0.03cvss —epss 0.01
Heap-based buffer overflow in Windows Hyper-V allows an authorized attacker to execute code locally.
- CVE-2026-21248Feb 10, 2026risk 0.03cvss —epss 0.01
Heap-based buffer overflow in Windows Hyper-V allows an authorized attacker to execute code locally.
- CVE-2025-59254Oct 14, 2025risk 0.03cvss —epss 0.01
Heap-based buffer overflow in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.
- CVE-2025-53722Aug 12, 2025risk 0.03cvss —epss 0.17
Uncontrolled resource consumption in Windows Remote Desktop Services allows an unauthorized attacker to deny service over a network.
Page 19 of 112