Windows 11 24h2
by Microsoft
CVEs (1,332)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-38180 | 0.01 | — | 0.02 | Aug 13, 2024 | Windows SmartScreen Security Feature Bypass Vulnerability | |||
| CVE-2024-38150 | 0.01 | — | 0.04 | Aug 13, 2024 | Windows DWM Core Library Elevation of Privilege Vulnerability | |||
| CVE-2024-38146 | 0.01 | — | 0.02 | Aug 13, 2024 | Windows Layer-2 Bridge Network Driver Denial of Service Vulnerability | |||
| CVE-2024-38145 | 0.01 | — | 0.02 | Aug 13, 2024 | Windows Layer-2 Bridge Network Driver Denial of Service Vulnerability | |||
| CVE-2024-38141 | 0.01 | — | 0.04 | Aug 13, 2024 | Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability | |||
| CVE-2024-38132 | 0.01 | — | 0.03 | Aug 13, 2024 | Windows Network Address Translation (NAT) Denial of Service Vulnerability | |||
| CVE-2024-38127 | 0.01 | — | 0.02 | Aug 13, 2024 | Windows Hyper-V Elevation of Privilege Vulnerability | |||
| CVE-2024-38126 | 0.01 | — | 0.03 | Aug 13, 2024 | Windows Network Address Translation (NAT) Denial of Service Vulnerability | |||
| CVE-2024-38125 | 0.01 | — | 0.06 | Aug 13, 2024 | Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability | |||
| CVE-2024-38116 | 0.01 | — | 0.02 | Aug 13, 2024 | Windows IP Routing Management Snapin Remote Code Execution Vulnerability | |||
| CVE-2024-38115 | 0.01 | — | 0.02 | Aug 13, 2024 | Windows IP Routing Management Snapin Remote Code Execution Vulnerability | |||
| CVE-2024-38114 | 0.01 | — | 0.01 | Aug 13, 2024 | Windows IP Routing Management Snapin Remote Code Execution Vulnerability | |||
| CVE-2024-38196 | 0.01 | — | 0.06 | Aug 13, 2024 | Windows Common Log File System Driver Elevation of Privilege Vulnerability | |||
| CVE-2026-23674 | 0.00 | — | 0.01 | Mar 10, 2026 | Improper resolution of path equivalence in Windows MapUrlToZone allows an unauthorized attacker to bypass a security feature over a network. | |||
| CVE-2026-26132 | 0.00 | — | 0.02 | Mar 10, 2026 | Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally. | |||
| CVE-2026-26111 | 0.00 | — | 0.01 | Mar 10, 2026 | Integer overflow or wraparound in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to execute code over a network. | |||
| CVE-2026-25190 | 0.00 | — | 0.01 | Mar 10, 2026 | Untrusted search path in Windows GDI allows an unauthorized attacker to execute code locally. | |||
| CVE-2026-25188 | 0.00 | — | 0.01 | Mar 10, 2026 | Heap-based buffer overflow in Windows Telephony Service allows an unauthorized attacker to elevate privileges over an adjacent network. | |||
| CVE-2026-25186 | 0.00 | — | 0.01 | Mar 10, 2026 | Exposure of sensitive information to an unauthorized actor in Windows Accessibility Infrastructure (ATBroker.exe) allows an authorized attacker to disclose information locally. | |||
| CVE-2026-25185 | 0.00 | — | 0.01 | Mar 10, 2026 | Exposure of sensitive information to an unauthorized actor in Windows Shell Link Processing allows an unauthorized attacker to perform spoofing over a network. |
- CVE-2024-38180Aug 13, 2024risk 0.01cvss —epss 0.02
Windows SmartScreen Security Feature Bypass Vulnerability
- CVE-2024-38150Aug 13, 2024risk 0.01cvss —epss 0.04
Windows DWM Core Library Elevation of Privilege Vulnerability
- CVE-2024-38146Aug 13, 2024risk 0.01cvss —epss 0.02
Windows Layer-2 Bridge Network Driver Denial of Service Vulnerability
- CVE-2024-38145Aug 13, 2024risk 0.01cvss —epss 0.02
Windows Layer-2 Bridge Network Driver Denial of Service Vulnerability
- CVE-2024-38141Aug 13, 2024risk 0.01cvss —epss 0.04
Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
- CVE-2024-38132Aug 13, 2024risk 0.01cvss —epss 0.03
Windows Network Address Translation (NAT) Denial of Service Vulnerability
- CVE-2024-38127Aug 13, 2024risk 0.01cvss —epss 0.02
Windows Hyper-V Elevation of Privilege Vulnerability
- CVE-2024-38126Aug 13, 2024risk 0.01cvss —epss 0.03
Windows Network Address Translation (NAT) Denial of Service Vulnerability
- CVE-2024-38125Aug 13, 2024risk 0.01cvss —epss 0.06
Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability
- CVE-2024-38116Aug 13, 2024risk 0.01cvss —epss 0.02
Windows IP Routing Management Snapin Remote Code Execution Vulnerability
- CVE-2024-38115Aug 13, 2024risk 0.01cvss —epss 0.02
Windows IP Routing Management Snapin Remote Code Execution Vulnerability
- CVE-2024-38114Aug 13, 2024risk 0.01cvss —epss 0.01
Windows IP Routing Management Snapin Remote Code Execution Vulnerability
- CVE-2024-38196Aug 13, 2024risk 0.01cvss —epss 0.06
Windows Common Log File System Driver Elevation of Privilege Vulnerability
- CVE-2026-23674Mar 10, 2026risk 0.00cvss —epss 0.01
Improper resolution of path equivalence in Windows MapUrlToZone allows an unauthorized attacker to bypass a security feature over a network.
- CVE-2026-26132Mar 10, 2026risk 0.00cvss —epss 0.02
Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally.
- CVE-2026-26111Mar 10, 2026risk 0.00cvss —epss 0.01
Integer overflow or wraparound in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to execute code over a network.
- CVE-2026-25190Mar 10, 2026risk 0.00cvss —epss 0.01
Untrusted search path in Windows GDI allows an unauthorized attacker to execute code locally.
- CVE-2026-25188Mar 10, 2026risk 0.00cvss —epss 0.01
Heap-based buffer overflow in Windows Telephony Service allows an unauthorized attacker to elevate privileges over an adjacent network.
- CVE-2026-25186Mar 10, 2026risk 0.00cvss —epss 0.01
Exposure of sensitive information to an unauthorized actor in Windows Accessibility Infrastructure (ATBroker.exe) allows an authorized attacker to disclose information locally.
- CVE-2026-25185Mar 10, 2026risk 0.00cvss —epss 0.01
Exposure of sensitive information to an unauthorized actor in Windows Shell Link Processing allows an unauthorized attacker to perform spoofing over a network.
Page 20 of 67