Microsoft Windows 10 22H2 vulnerabilities
1,582 known vulnerabilities affecting microsoft/windows_10_22h2.
Total CVEs
1,582
CISA KEV
73
actively exploited
Public exploits
26
Exploited in wild
42
Severity breakdown
CRITICAL39HIGH1112MEDIUM425LOW6
Vulnerabilities
Page 64 of 80
CVE-2023-36582HIGHCVSS 7.3fixed in 10.0.19045.35702023-10-10
CVE-2023-36582 [HIGH] CWE-190 CVE-2023-36582: Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
nvd
CVE-2023-36718HIGHCVSS 7.8fixed in 10.0.19045.35702023-10-10
CVE-2023-36718 [HIGH] CWE-94 CVE-2023-36718: Microsoft Virtual Trusted Platform Module Remote Code Execution Vulnerability
Microsoft Virtual Trusted Platform Module Remote Code Execution Vulnerability
nvd
CVE-2023-36725HIGHCVSS 7.8fixed in 10.0.19045.35702023-10-10
CVE-2023-36725 [HIGH] CWE-284 CVE-2023-36725: Windows Kernel Elevation of Privilege Vulnerability
Windows Kernel Elevation of Privilege Vulnerability
nvd
CVE-2023-38159HIGHCVSS 7.0fixed in 10.0.19045.35702023-10-10
CVE-2023-38159 [HIGH] CWE-591 CVE-2023-38159: Windows Graphics Component Elevation of Privilege Vulnerability
Windows Graphics Component Elevation of Privilege Vulnerability
nvd
CVE-2023-36575HIGHCVSS 7.3fixed in 10.0.19045.35702023-10-10
CVE-2023-36575 [HIGH] CWE-94 CVE-2023-36575: Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
nvd
CVE-2023-41769HIGHCVSS 8.1fixed in 10.0.19045.35702023-10-10
CVE-2023-41769 [HIGH] CWE-416 CVE-2023-41769: Layer 2 Tunneling Protocol Remote Code Execution Vulnerability
Layer 2 Tunneling Protocol Remote Code Execution Vulnerability
nvd
CVE-2023-41770HIGHCVSS 8.1fixed in 10.0.19045.35702023-10-10
CVE-2023-41770 [HIGH] CWE-416 CVE-2023-41770: Layer 2 Tunneling Protocol Remote Code Execution Vulnerability
Layer 2 Tunneling Protocol Remote Code Execution Vulnerability
nvd
CVE-2023-36572HIGHCVSS 7.3fixed in 10.0.19045.35702023-10-10
CVE-2023-36572 [HIGH] CWE-94 CVE-2023-36572: Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability
nvd
CVE-2023-36581HIGHCVSS 7.5fixed in 10.0.19045.35702023-10-10
CVE-2023-36581 [HIGH] CWE-126 CVE-2023-36581: Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
nvd
CVE-2023-36584MEDIUMCVSS 5.4KEVfixed in 10.0.19041.35702023-10-10
CVE-2023-36584 [MEDIUM] CVE-2023-36584: Windows Mark of the Web Security Feature Bypass Vulnerability
Windows Mark of the Web Security Feature Bypass Vulnerability
nvd
CVE-2023-36698MEDIUMCVSS 4.4fixed in 10.0.19045.35702023-10-10
CVE-2023-36698 [MEDIUM] CWE-362 CVE-2023-36698: Windows Kernel Security Feature Bypass Vulnerability
Windows Kernel Security Feature Bypass Vulnerability
nvd
CVE-2023-36724MEDIUMCVSS 5.5fixed in 10.0.19045.35702023-10-10
CVE-2023-36724 [MEDIUM] CWE-287 CVE-2023-36724: Windows Power Management Service Information Disclosure Vulnerability
Windows Power Management Service Information Disclosure Vulnerability
nvd
CVE-2023-36717MEDIUMCVSS 6.5fixed in 10.0.19045.35702023-10-10
CVE-2023-36717 [MEDIUM] CVE-2023-36717: Windows Virtual Trusted Platform Module Denial of Service Vulnerability
Windows Virtual Trusted Platform Module Denial of Service Vulnerability
nvd
CVE-2023-36564MEDIUMCVSS 6.5fixed in 10.0.19041.35702023-10-10
CVE-2023-36564 [MEDIUM] CVE-2023-36564: Windows Search Security Feature Bypass Vulnerability
Windows Search Security Feature Bypass Vulnerability
nvd
CVE-2023-36713MEDIUMCVSS 5.5fixed in 10.0.19045.35702023-10-10
CVE-2023-36713 [MEDIUM] CWE-908 CVE-2023-36713: Windows Common Log File System Driver Information Disclosure Vulnerability
Windows Common Log File System Driver Information Disclosure Vulnerability
nvd
CVE-2023-36722MEDIUMCVSS 4.4fixed in 10.0.19045.35702023-10-10
CVE-2023-36722 [MEDIUM] CWE-284 CVE-2023-36722: Active Directory Domain Services Information Disclosure Vulnerability
Active Directory Domain Services Information Disclosure Vulnerability
nvd
CVE-2023-36563MEDIUMCVSS 5.5KEVfixed in 10.0.19045.35702023-10-10
CVE-2023-36563 [MEDIUM] CWE-20 CVE-2023-36563: Microsoft WordPad Information Disclosure Vulnerability
Microsoft WordPad Information Disclosure Vulnerability
nvd
CVE-2023-36576MEDIUMCVSS 5.5fixed in 10.0.19041.35702023-10-10
CVE-2023-36576 [MEDIUM] CWE-190 CVE-2023-36576: Windows Kernel Information Disclosure Vulnerability
Windows Kernel Information Disclosure Vulnerability
nvd
CVE-2023-38039HIGHCVSS 7.5fixed in 10.0.19045.36932023-09-15
CVE-2023-38039 [HIGH] CWE-770 CVE-2023-38039: When curl retrieves an HTTP response, it stores the incoming headers so that
they can be accessed la
When curl retrieves an HTTP response, it stores the incoming headers so that
they can be accessed later via the libcurl headers API.
However, curl did not have a limit in how many or how large headers it would
accept in a response, allowing a malicious server to stream an endless series
of headers and eventually cause curl to run out of heap memory.
nvd
CVE-2023-38147HIGHCVSS 8.8fixed in 10.0.19045.34482023-09-12
CVE-2023-38147 [HIGH] CWE-122 CVE-2023-38147: Windows Miracast Wireless Display Remote Code Execution Vulnerability
Windows Miracast Wireless Display Remote Code Execution Vulnerability
nvd