Microsoft Windows 11 21H2 vulnerabilities

CVE-2023-35628 [HIGH] CWE-416 CVE-2023-35628: Windows MSHTML Platform Remote Code Execution Vulnerability Windows MSHTML Platform Remote Code Execution Vulnerability

CVE-2023-35634 [HIGH] CWE-121 CVE-2023-35634: Windows Bluetooth Driver Remote Code Execution Vulnerability Windows Bluetooth Driver Remote Code Execution Vulnerability

CVE-2023-35630 [HIGH] CWE-122 CVE-2023-35630: Internet Connection Sharing (ICS) Remote Code Execution Vulnerability Internet Connection Sharing (ICS) Remote Code Execution Vulnerability

CVE-2023-36006 [HIGH] CWE-121 CVE-2023-36006: Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability

CVE-2023-35639 [HIGH] CWE-122 CVE-2023-35639: Microsoft ODBC Driver Remote Code Execution Vulnerability Microsoft ODBC Driver Remote Code Execution Vulnerability

CVE-2023-36003 [HIGH] CWE-426 CVE-2023-36003: XAML Diagnostics Elevation of Privilege Vulnerability XAML Diagnostics Elevation of Privilege Vulnerability

CVE-2023-36696 [HIGH] CWE-125 CVE-2023-36696: Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability

CVE-2023-36005 [HIGH] CWE-591 CVE-2023-36005: Windows Telephony Server Elevation of Privilege Vulnerability Windows Telephony Server Elevation of Privilege Vulnerability

CVE-2023-36004 [HIGH] CWE-287 CVE-2023-36004: Windows DPAPI (Data Protection Application Programming Interface) Spoofing Vulnerability Windows DPAPI (Data Protection Application Programming Interface) Spoofing Vulnerability

CVE-2023-35642 [MEDIUM] CWE-682 CVE-2023-35642: Internet Connection Sharing (ICS) Denial of Service Vulnerability Internet Connection Sharing (ICS) Denial of Service Vulnerability

CVE-2023-24023 [MEDIUM] CVE-2023-24023: Bluetooth BR/EDR devices with Secure Simple Pairing and Secure Connections pairing in Bluetooth Core Bluetooth BR/EDR devices with Secure Simple Pairing and Secure Connections pairing in Bluetooth Core Specification 4.2 through 5.4 allow certain man-in-the-middle attacks that force a short key length, and might lead to discovery of the encryption key and live injection, aka BLUFFS.

CVE-2023-36028 [CRITICAL] CWE-122 CVE-2023-36028: Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability

CVE-2023-36397 [CRITICAL] CWE-126 CVE-2023-36397: Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability

CVE-2023-36407 [HIGH] CWE-20 CVE-2023-36407: Windows Hyper-V Elevation of Privilege Vulnerability Windows Hyper-V Elevation of Privilege Vulnerability

CVE-2023-36046 [HIGH] CWE-59 CVE-2023-36046: Windows Authentication Denial of Service Vulnerability Windows Authentication Denial of Service Vulnerability

CVE-2023-36401 [HIGH] CWE-190 CVE-2023-36401: Microsoft Remote Registry Service Remote Code Execution Vulnerability Microsoft Remote Registry Service Remote Code Execution Vulnerability

CVE-2023-36405 [HIGH] CWE-362 CVE-2023-36405: Windows Kernel Elevation of Privilege Vulnerability Windows Kernel Elevation of Privilege Vulnerability

CVE-2023-36394 [HIGH] CWE-59 CVE-2023-36394: Windows Search Service Elevation of Privilege Vulnerability Windows Search Service Elevation of Privilege Vulnerability

CVE-2023-36705 [HIGH] CWE-59 CVE-2023-36705: Windows Installer Elevation of Privilege Vulnerability Windows Installer Elevation of Privilege Vulnerability

CVE-2023-36427 [HIGH] CVE-2023-36427: Windows Hyper-V Elevation of Privilege Vulnerability Windows Hyper-V Elevation of Privilege Vulnerability