Windows 11 23h2
by Microsoft
Source repositories
CVEs (2,235)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-36570 | Hig | 0.48 | 7.3 | 0.01 | Oct 10, 2023 | Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability | ||
| CVE-2023-32054 | Hig | 0.48 | 7.3 | 0.01 | Jul 11, 2023 | Volume Shadow Copy Elevation of Privilege Vulnerability | ||
| CVE-2023-21526 | Hig | 0.48 | 7.4 | 0.01 | Jul 11, 2023 | Windows Netlogon Information Disclosure Vulnerability | ||
| CVE-2023-21820 | Hig | 0.48 | 7.4 | 0.01 | Feb 14, 2023 | Windows Distributed File System (DFS) Remote Code Execution Vulnerability | ||
| CVE-2026-32202 | Med | 0.47 | 4.3 | 0.64 | KEV | Apr 14, 2026 | Protection mechanism failure in Windows Shell allows an unauthorized attacker to perform spoofing over a network. | |
| CVE-2026-32149 | Hig | 0.47 | 7.3 | 0.00 | Apr 14, 2026 | Improper input validation in Windows Hyper-V allows an authorized attacker to execute code locally. | ||
| CVE-2024-21320 | Med | 0.47 | 6.5 | 0.23 | Jan 9, 2024 | Windows Themes Spoofing Vulnerability | ||
| CVE-2023-36401 | Hig | 0.47 | 7.2 | 0.02 | Nov 14, 2023 | Microsoft Remote Registry Service Remote Code Execution Vulnerability | ||
| CVE-2023-36399 | Hig | 0.47 | 7.1 | 0.08 | Nov 14, 2023 | Windows Storage Elevation of Privilege Vulnerability | ||
| CVE-2023-38171 | Hig | 0.47 | 7.5 | 0.69 | Oct 10, 2023 | Microsoft QUIC Denial of Service Vulnerability | ||
| CVE-2023-36584 | Med | 0.47 | 5.4 | 0.03 | KEV | Oct 10, 2023 | Windows Mark of the Web Security Feature Bypass Vulnerability | |
| CVE-2022-41049 | Med | 0.47 | 5.4 | 0.02 | KEV | Nov 9, 2022 | Windows Mark of the Web Security Feature Bypass Vulnerability | |
| CVE-2026-45653 | Hig | 0.46 | 7.0 | 0.00 | Jun 9, 2026 | Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally. | ||
| CVE-2026-45640 | Hig | 0.46 | 7.0 | 0.00 | Jun 9, 2026 | Use after free in Windows Bluetooth Port Driver allows an authorized attacker to elevate privileges locally. | ||
| CVE-2026-45603 | Hig | 0.46 | 7.0 | 0.00 | Jun 9, 2026 | Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. | ||
| CVE-2026-45601 | Hig | 0.46 | 7.0 | 0.00 | Jun 9, 2026 | Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. | ||
| CVE-2026-45598 | Hig | 0.46 | 7.0 | 0.00 | Jun 9, 2026 | Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. | ||
| CVE-2026-45597 | Hig | 0.46 | 7.0 | 0.00 | Jun 9, 2026 | Concurrent execution using shared resource with improper synchronization ('race condition') in UI Automation Manager (uiamanager.dll) allows an authorized attacker to elevate privileges locally. | ||
| CVE-2026-45596 | Hig | 0.46 | 7.0 | 0.00 | Jun 9, 2026 | Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally. | ||
| CVE-2026-42912 | Hig | 0.46 | 7.0 | 0.00 | Jun 9, 2026 | Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Telephony Service allows an authorized attacker to elevate privileges locally. |
- risk 0.48cvss 7.3epss 0.01
Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
- risk 0.48cvss 7.3epss 0.01
Volume Shadow Copy Elevation of Privilege Vulnerability
- risk 0.48cvss 7.4epss 0.01
Windows Netlogon Information Disclosure Vulnerability
- risk 0.48cvss 7.4epss 0.01
Windows Distributed File System (DFS) Remote Code Execution Vulnerability
- risk 0.47cvss 4.3epss 0.64
Protection mechanism failure in Windows Shell allows an unauthorized attacker to perform spoofing over a network.
- risk 0.47cvss 7.3epss 0.00
Improper input validation in Windows Hyper-V allows an authorized attacker to execute code locally.
- risk 0.47cvss 6.5epss 0.23
Windows Themes Spoofing Vulnerability
- risk 0.47cvss 7.2epss 0.02
Microsoft Remote Registry Service Remote Code Execution Vulnerability
- risk 0.47cvss 7.1epss 0.08
Windows Storage Elevation of Privilege Vulnerability
- risk 0.47cvss 7.5epss 0.69
Microsoft QUIC Denial of Service Vulnerability
- risk 0.47cvss 5.4epss 0.03
Windows Mark of the Web Security Feature Bypass Vulnerability
- risk 0.47cvss 5.4epss 0.02
Windows Mark of the Web Security Feature Bypass Vulnerability
- risk 0.46cvss 7.0epss 0.00
Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally.
- risk 0.46cvss 7.0epss 0.00
Use after free in Windows Bluetooth Port Driver allows an authorized attacker to elevate privileges locally.
- risk 0.46cvss 7.0epss 0.00
Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
- risk 0.46cvss 7.0epss 0.00
Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
- risk 0.46cvss 7.0epss 0.00
Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
- risk 0.46cvss 7.0epss 0.00
Concurrent execution using shared resource with improper synchronization ('race condition') in UI Automation Manager (uiamanager.dll) allows an authorized attacker to elevate privileges locally.
- risk 0.46cvss 7.0epss 0.00
Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
- risk 0.46cvss 7.0epss 0.00
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Telephony Service allows an authorized attacker to elevate privileges locally.
Page 32 of 112