Microsoft Windows 10 21H2 vulnerabilities

CVE-2023-1018 [MEDIUM] CWE-125 CVE-2023-1018: An out-of-bounds read vulnerability exists in TPM2.0's Module Library allowing a 2-byte read past th An out-of-bounds read vulnerability exists in TPM2.0's Module Library allowing a 2-byte read past the end of a TPM2.0 command in the CryptParameterDecryption routine. An attacker who can successfully exploit this vulnerability can read or access sensitive data stored in the TPM.

CVE-2023-28222 [HIGH] CWE-59 CVE-2023-28222: Windows Kernel Elevation of Privilege Vulnerability Windows Kernel Elevation of Privilege Vulnerability

CVE-2024-21356 [MEDIUM] CWE-476 CVE-2024-21356: Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability

CVE-2023-21739 [HIGH] CWE-591 CVE-2023-21739: Windows Bluetooth Driver Elevation of Privilege Vulnerability Windows Bluetooth Driver Elevation of Privilege Vulnerability

CVE-2023-36902 [HIGH] CWE-416 CVE-2023-36902: Windows Runtime Remote Code Execution Vulnerability Windows Runtime Remote Code Execution Vulnerability

CVE-2023-28221 [HIGH] CWE-200 CVE-2023-28221: Windows Error Reporting Service Elevation of Privilege Vulnerability Windows Error Reporting Service Elevation of Privilege Vulnerability

CVE-2023-36721 [HIGH] CWE-269 CVE-2023-36721: Windows Error Reporting Service Elevation of Privilege Vulnerability Windows Error Reporting Service Elevation of Privilege Vulnerability

CVE-2024-21429 [MEDIUM] CWE-197 CVE-2024-21429: Windows USB Hub Driver Remote Code Execution Vulnerability Windows USB Hub Driver Remote Code Execution Vulnerability

CVE-2024-21405 [HIGH] CWE-591 CVE-2024-21405: Microsoft Message Queuing (MSMQ) Elevation of Privilege Vulnerability Microsoft Message Queuing (MSMQ) Elevation of Privilege Vulnerability

CVE-2023-29368 [HIGH] CWE-415 CVE-2023-29368: Windows Filtering Platform Elevation of Privilege Vulnerability Windows Filtering Platform Elevation of Privilege Vulnerability

CVE-2023-28216 [HIGH] CVE-2023-28216: Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability

CVE-2023-35378 [HIGH] CWE-367 CVE-2023-35378: Windows Projected File System Elevation of Privilege Vulnerability Windows Projected File System Elevation of Privilege Vulnerability

CVE-2024-21355 [HIGH] CWE-591 CVE-2024-21355: Microsoft Message Queuing (MSMQ) Elevation of Privilege Vulnerability Microsoft Message Queuing (MSMQ) Elevation of Privilege Vulnerability

CVE-2023-24861 [HIGH] CWE-367 CVE-2023-24861: Windows Graphics Component Elevation of Privilege Vulnerability Windows Graphics Component Elevation of Privilege Vulnerability

CVE-2023-23393 [HIGH] CWE-591 CVE-2023-23393: Windows BrokerInfrastructure Service Elevation of Privilege Vulnerability Windows BrokerInfrastructure Service Elevation of Privilege Vulnerability

CVE-2024-26252 [MEDIUM] CWE-822 CVE-2024-26252: Windows rndismp6.sys Remote Code Execution Vulnerability Windows rndismp6.sys Remote Code Execution Vulnerability

CVE-2024-26253 [MEDIUM] CWE-20 CVE-2024-26253: Windows rndismp6.sys Remote Code Execution Vulnerability Windows rndismp6.sys Remote Code Execution Vulnerability

CVE-2023-21694 [MEDIUM] CWE-122 CVE-2023-21694: Windows Fax Service Remote Code Execution Vulnerability Windows Fax Service Remote Code Execution Vulnerability

CVE-2025-48800 [MEDIUM] CWE-693 CVE-2025-48800: Protection mechanism failure in Windows BitLocker allows an unauthorized attacker to bypass a securi Protection mechanism failure in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack.

CVE-2025-48003 [MEDIUM] CWE-693 CVE-2025-48003: Protection mechanism failure in Windows BitLocker allows an unauthorized attacker to bypass a securi Protection mechanism failure in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack.