Microsoft Windows 10 21H2 vulnerabilities

CVE-2024-49112 [CRITICAL] CWE-190 CVE-2024-49112: Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability

CVE-2023-38545 [CRITICAL] CWE-787 CVE-2023-38545: This flaw makes curl overflow a heap based buffer in the SOCKS5 proxy handshake. When curl is asked This flaw makes curl overflow a heap based buffer in the SOCKS5 proxy handshake. When curl is asked to pass along the host name to the SOCKS5 proxy to allow that to resolve the address instead of it getting done by curl itself, the maximum length that host name can be is 255 bytes. If the host name is detected to be longer, curl switches to local

CVE-2023-35628 [HIGH] CWE-416 CVE-2023-35628: Windows MSHTML Platform Remote Code Execution Vulnerability Windows MSHTML Platform Remote Code Execution Vulnerability

CVE-2025-50154 [MEDIUM] CWE-200 CVE-2025-50154: Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an unauth Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an unauthorized attacker to perform spoofing over a network.

CVE-2025-53778 [HIGH] CWE-287 CVE-2025-53778: Improper authentication in Windows NTLM allows an authorized attacker to elevate privileges over a n Improper authentication in Windows NTLM allows an authorized attacker to elevate privileges over a network.

CVE-2024-30085 [HIGH] CWE-122 CVE-2024-30085: Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability

CVE-2025-47987 [HIGH] CWE-122 CVE-2025-47987: Heap-based buffer overflow in Windows Cred SSProvider Protocol allows an authorized attacker to elev Heap-based buffer overflow in Windows Cred SSProvider Protocol allows an authorized attacker to elevate privileges locally.

CVE-2025-55234 [CRITICAL] CWE-287 CVE-2025-55234: SMB Server might be susceptible to relay attacks depending on the configuration. An attacker who suc SMB Server might be susceptible to relay attacks depending on the configuration. An attacker who successfully exploited these vulnerabilities could perform relay attacks and make the users subject to elevation of privilege attacks. The SMB Server already supports mechanisms for hardening against relay attacks: SMB Server signing SMB Server Extend

CVE-2023-21690 [CRITICAL] CWE-122 CVE-2023-21690: Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability

CVE-2023-21689 [CRITICAL] CWE-122 CVE-2023-21689: Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability

CVE-2025-54918 [HIGH] CWE-287 CVE-2025-54918: Improper authentication in Windows NTLM allows an authorized attacker to elevate privileges over a n Improper authentication in Windows NTLM allows an authorized attacker to elevate privileges over a network.

CVE-2023-21692 [CRITICAL] CWE-122 CVE-2023-21692: Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability

CVE-2026-33824 [CRITICAL] CWE-415 CVE-2026-33824: Double free in Windows IKE Extension allows an unauthorized attacker to execute code over a network. Double free in Windows IKE Extension allows an unauthorized attacker to execute code over a network.

CVE-2025-59254 [HIGH] CWE-122 CVE-2025-59254: Heap-based buffer overflow in Windows DWM Core Library allows an authorized attacker to elevate priv Heap-based buffer overflow in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.

CVE-2025-47981 [CRITICAL] CWE-122 CVE-2025-47981: Heap-based buffer overflow in Windows SPNEGO Extended Negotiation allows an unauthorized attacker to Heap-based buffer overflow in Windows SPNEGO Extended Negotiation allows an unauthorized attacker to execute code over a network.

CVE-2023-36397 [CRITICAL] CWE-126 CVE-2023-36397: Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability

CVE-2026-21244 [HIGH] CWE-122 CVE-2026-21244: Heap-based buffer overflow in Windows Hyper-V allows an authorized attacker to execute code locally. Heap-based buffer overflow in Windows Hyper-V allows an authorized attacker to execute code locally.

CVE-2026-21248 [HIGH] CWE-122 CVE-2026-21248: Heap-based buffer overflow in Windows Hyper-V allows an authorized attacker to execute code locally. Heap-based buffer overflow in Windows Hyper-V allows an authorized attacker to execute code locally.

CVE-2024-38144 [HIGH] CWE-190 CVE-2024-38144: Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability

CVE-2025-49683 [HIGH] CWE-122 CVE-2025-49683: Integer overflow or wraparound in Virtual Hard Disk (VHDX) allows an unauthorized attacker to execut Integer overflow or wraparound in Virtual Hard Disk (VHDX) allows an unauthorized attacker to execute code locally.