Windows 11 23h2
by Microsoft
Source repositories
CVEs (2,235)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-30050 | 0.01 | — | 0.11 | May 14, 2024 | Windows Mark of the Web Security Feature Bypass Vulnerability | |||
| CVE-2024-30017 | 0.01 | — | 0.02 | May 14, 2024 | Windows Hyper-V Remote Code Execution Vulnerability | |||
| CVE-2024-26211 | 0.01 | — | 0.04 | Apr 9, 2024 | Windows Remote Access Connection Manager Elevation of Privilege Vulnerability | |||
| CVE-2024-26219 | 0.01 | — | 0.03 | Apr 9, 2024 | HTTP.sys Denial of Service Vulnerability | |||
| CVE-2024-26209 | 0.01 | — | 0.15 | Apr 9, 2024 | Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability | |||
| CVE-2024-26183 | 0.01 | — | 0.02 | Apr 9, 2024 | Windows Kerberos Denial of Service Vulnerability | |||
| CVE-2024-21447 | 0.01 | — | 0.01 | Apr 9, 2024 | Windows Authentication Elevation of Privilege Vulnerability | |||
| CVE-2024-20678 | 0.01 | — | 0.03 | Apr 9, 2024 | Remote Procedure Call Runtime Remote Code Execution Vulnerability | |||
| CVE-2024-26158 | 0.01 | — | 0.12 | Apr 9, 2024 | Microsoft Install Service Elevation of Privilege Vulnerability | |||
| CVE-2024-26254 | 0.01 | — | 0.03 | Apr 9, 2024 | Microsoft Virtual Machine Bus (VMBus) Denial of Service Vulnerability | |||
| CVE-2024-21407 | 0.01 | — | 0.16 | Mar 12, 2024 | Windows Hyper-V Remote Code Execution Vulnerability | |||
| CVE-2024-21342 | 0.01 | — | 0.03 | Feb 13, 2024 | Windows DNS Client Denial of Service Vulnerability | |||
| CVE-2024-21357 | 0.01 | — | 0.27 | Feb 13, 2024 | Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability | |||
| CVE-2026-23674 | 0.00 | — | 0.01 | Mar 10, 2026 | Improper resolution of path equivalence in Windows MapUrlToZone allows an unauthorized attacker to bypass a security feature over a network. | |||
| CVE-2026-26132 | 0.00 | — | 0.02 | Mar 10, 2026 | Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally. | |||
| CVE-2026-26111 | 0.00 | — | 0.01 | Mar 10, 2026 | Integer overflow or wraparound in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to execute code over a network. | |||
| CVE-2026-25190 | 0.00 | — | 0.01 | Mar 10, 2026 | Untrusted search path in Windows GDI allows an unauthorized attacker to execute code locally. | |||
| CVE-2026-25188 | 0.00 | — | 0.01 | Mar 10, 2026 | Heap-based buffer overflow in Windows Telephony Service allows an unauthorized attacker to elevate privileges over an adjacent network. | |||
| CVE-2026-25186 | 0.00 | — | 0.01 | Mar 10, 2026 | Exposure of sensitive information to an unauthorized actor in Windows Accessibility Infrastructure (ATBroker.exe) allows an authorized attacker to disclose information locally. | |||
| CVE-2026-25185 | 0.00 | — | 0.01 | Mar 10, 2026 | Exposure of sensitive information to an unauthorized actor in Windows Shell Link Processing allows an unauthorized attacker to perform spoofing over a network. |
- CVE-2024-30050May 14, 2024risk 0.01cvss —epss 0.11
Windows Mark of the Web Security Feature Bypass Vulnerability
- CVE-2024-30017May 14, 2024risk 0.01cvss —epss 0.02
Windows Hyper-V Remote Code Execution Vulnerability
- CVE-2024-26211Apr 9, 2024risk 0.01cvss —epss 0.04
Windows Remote Access Connection Manager Elevation of Privilege Vulnerability
- CVE-2024-26219Apr 9, 2024risk 0.01cvss —epss 0.03
HTTP.sys Denial of Service Vulnerability
- CVE-2024-26209Apr 9, 2024risk 0.01cvss —epss 0.15
Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability
- CVE-2024-26183Apr 9, 2024risk 0.01cvss —epss 0.02
Windows Kerberos Denial of Service Vulnerability
- CVE-2024-21447Apr 9, 2024risk 0.01cvss —epss 0.01
Windows Authentication Elevation of Privilege Vulnerability
- CVE-2024-20678Apr 9, 2024risk 0.01cvss —epss 0.03
Remote Procedure Call Runtime Remote Code Execution Vulnerability
- CVE-2024-26158Apr 9, 2024risk 0.01cvss —epss 0.12
Microsoft Install Service Elevation of Privilege Vulnerability
- CVE-2024-26254Apr 9, 2024risk 0.01cvss —epss 0.03
Microsoft Virtual Machine Bus (VMBus) Denial of Service Vulnerability
- CVE-2024-21407Mar 12, 2024risk 0.01cvss —epss 0.16
Windows Hyper-V Remote Code Execution Vulnerability
- CVE-2024-21342Feb 13, 2024risk 0.01cvss —epss 0.03
Windows DNS Client Denial of Service Vulnerability
- CVE-2024-21357Feb 13, 2024risk 0.01cvss —epss 0.27
Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability
- CVE-2026-23674Mar 10, 2026risk 0.00cvss —epss 0.01
Improper resolution of path equivalence in Windows MapUrlToZone allows an unauthorized attacker to bypass a security feature over a network.
- CVE-2026-26132Mar 10, 2026risk 0.00cvss —epss 0.02
Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally.
- CVE-2026-26111Mar 10, 2026risk 0.00cvss —epss 0.01
Integer overflow or wraparound in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to execute code over a network.
- CVE-2026-25190Mar 10, 2026risk 0.00cvss —epss 0.01
Untrusted search path in Windows GDI allows an unauthorized attacker to execute code locally.
- CVE-2026-25188Mar 10, 2026risk 0.00cvss —epss 0.01
Heap-based buffer overflow in Windows Telephony Service allows an unauthorized attacker to elevate privileges over an adjacent network.
- CVE-2026-25186Mar 10, 2026risk 0.00cvss —epss 0.01
Exposure of sensitive information to an unauthorized actor in Windows Accessibility Infrastructure (ATBroker.exe) allows an authorized attacker to disclose information locally.
- CVE-2026-25185Mar 10, 2026risk 0.00cvss —epss 0.01
Exposure of sensitive information to an unauthorized actor in Windows Shell Link Processing allows an unauthorized attacker to perform spoofing over a network.
Page 55 of 112