Microsoft Windows 11 21H2 vulnerabilities

799 known vulnerabilities affecting microsoft/windows_11_21h2.

Total CVEs

799

CISA KEV

actively exploited

Public exploits

Exploited in wild

Severity breakdown

CRITICAL34HIGH572MEDIUM192LOW1

Vulnerabilities

Page 24 of 40

CVE-2023-36722MEDIUMCVSS 4.4fixed in 10.0.22000.25382023-10-10

CVE-2023-36722 [MEDIUM] CWE-284 CVE-2023-36722: Active Directory Domain Services Information Disclosure Vulnerability Active Directory Domain Services Information Disclosure Vulnerability

nvd

CVE-2023-36563MEDIUMCVSS 5.5KEVfixed in 10.0.22000.25382023-10-10

CVE-2023-36563 [MEDIUM] CWE-20 CVE-2023-36563: Microsoft WordPad Information Disclosure Vulnerability Microsoft WordPad Information Disclosure Vulnerability

nvd

CVE-2023-36576MEDIUMCVSS 5.5fixed in 10.0.22000.25382023-10-10

CVE-2023-36576 [MEDIUM] CWE-190 CVE-2023-36576: Windows Kernel Information Disclosure Vulnerability Windows Kernel Information Disclosure Vulnerability

nvd

CVE-2023-38039HIGHCVSS 7.5fixed in 10.0.22000.26002023-09-15

CVE-2023-38039 [HIGH] CWE-770 CVE-2023-38039: When curl retrieves an HTTP response, it stores the incoming headers so that they can be accessed la When curl retrieves an HTTP response, it stores the incoming headers so that they can be accessed later via the libcurl headers API. However, curl did not have a limit in how many or how large headers it would accept in a response, allowing a malicious server to stream an endless series of headers and eventually cause curl to run out of heap memory.

nvd

CVE-2023-38146HIGHCVSS 8.8PoCfixed in 10.0.22000.24162023-09-12

CVE-2023-38146 [HIGH] CWE-367 CVE-2023-38146: Windows Themes Remote Code Execution Vulnerability Windows Themes Remote Code Execution Vulnerability

nvd

CVE-2023-38150HIGHCVSS 7.8fixed in 10.0.22000.24162023-09-12

CVE-2023-38150 [HIGH] CWE-190 CVE-2023-38150: Windows Kernel Elevation of Privilege Vulnerability Windows Kernel Elevation of Privilege Vulnerability

nvd

CVE-2023-38147HIGHCVSS 8.8fixed in 10.0.22000.24162023-09-12

CVE-2023-38147 [HIGH] CWE-122 CVE-2023-38147: Windows Miracast Wireless Display Remote Code Execution Vulnerability Windows Miracast Wireless Display Remote Code Execution Vulnerability

nvd

CVE-2023-38142HIGHCVSS 7.8fixed in 10.0.22000.24162023-09-12

CVE-2023-38142 [HIGH] CWE-190 CVE-2023-38142: Windows Kernel Elevation of Privilege Vulnerability Windows Kernel Elevation of Privilege Vulnerability

nvd

CVE-2023-38144HIGHCVSS 7.8fixed in 10.0.22000.24162023-09-12

CVE-2023-38144 [HIGH] CWE-126 CVE-2023-38144: Windows Common Log File System Driver Elevation of Privilege Vulnerability Windows Common Log File System Driver Elevation of Privilege Vulnerability

nvd

CVE-2023-38148HIGHCVSS 8.8fixed in 10.0.22000.24162023-09-12

CVE-2023-38148 [HIGH] CWE-121 CVE-2023-38148: Internet Connection Sharing (ICS) Remote Code Execution Vulnerability Internet Connection Sharing (ICS) Remote Code Execution Vulnerability

nvd

CVE-2023-36802HIGHCVSS 7.8KEVfixed in 10.0.22000.24162023-09-12

CVE-2023-36802 [HIGH] CWE-416 CVE-2023-36802: Microsoft Streaming Service Proxy Elevation of Privilege Vulnerability Microsoft Streaming Service Proxy Elevation of Privilege Vulnerability

nvd

CVE-2023-38141HIGHCVSS 7.8fixed in 10.0.22000.24162023-09-12

CVE-2023-38141 [HIGH] CWE-367 CVE-2023-38141: Windows Kernel Elevation of Privilege Vulnerability Windows Kernel Elevation of Privilege Vulnerability

nvd

CVE-2023-35355HIGHCVSS 7.8fixed in 10.0.22000.24162023-09-12

CVE-2023-35355 [HIGH] CWE-121 CVE-2023-35355: Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability

nvd

CVE-2023-36805HIGHCVSS 7.0fixed in 10.0.22000.24162023-09-12

CVE-2023-36805 [HIGH] CWE-77 CVE-2023-36805: Windows MSHTML Platform Security Feature Bypass Vulnerability Windows MSHTML Platform Security Feature Bypass Vulnerability

nvd

CVE-2023-38139HIGHCVSS 7.8fixed in 10.0.22000.24162023-09-12

CVE-2023-38139 [HIGH] CWE-416 CVE-2023-38139: Windows Kernel Elevation of Privilege Vulnerability Windows Kernel Elevation of Privilege Vulnerability

nvd

CVE-2023-38143HIGHCVSS 7.8fixed in 10.0.22000.24162023-09-12

CVE-2023-38143 [HIGH] CWE-122 CVE-2023-38143: Windows Common Log File System Driver Elevation of Privilege Vulnerability Windows Common Log File System Driver Elevation of Privilege Vulnerability

nvd

CVE-2023-38140MEDIUMCVSS 5.5fixed in 10.0.22000.24162023-09-12

CVE-2023-38140 [MEDIUM] CWE-908 CVE-2023-38140: Windows Kernel Information Disclosure Vulnerability Windows Kernel Information Disclosure Vulnerability

nvd

CVE-2023-36803MEDIUMCVSS 5.5fixed in 10.0.22000.24162023-09-12

CVE-2023-36803 [MEDIUM] CWE-126 CVE-2023-36803: Windows Kernel Information Disclosure Vulnerability Windows Kernel Information Disclosure Vulnerability

nvd

CVE-2023-38160MEDIUMCVSS 5.5fixed in 10.0.22000.24162023-09-12

CVE-2023-38160 [MEDIUM] CWE-416 CVE-2023-38160: Windows TCP/IP Information Disclosure Vulnerability Windows TCP/IP Information Disclosure Vulnerability

nvd

CVE-2023-36903CRITICALCVSS 9.8fixed in 10.0.22000.22952023-08-08

CVE-2023-36903 [CRITICAL] CWE-59 CVE-2023-36903: Windows System Assessment Tool Elevation of Privilege Vulnerability Windows System Assessment Tool Elevation of Privilege Vulnerability

nvd

← Previous24 / 40Next →