Microsoft Windows 11 21H2 vulnerabilities
799 known vulnerabilities affecting microsoft/windows_11_21h2.
Total CVEs
799
CISA KEV
56
actively exploited
Public exploits
18
Exploited in wild
55
Severity breakdown
CRITICAL34HIGH572MEDIUM192LOW1
Vulnerabilities
Page 40 of 40
CVE-2022-41091MEDIUMCVSS 5.4KEVfixed in 10.0.22000.12192022-11-09
CVE-2022-41091 [MEDIUM] CWE-863 CVE-2022-41091: Windows Mark of the Web Security Feature Bypass Vulnerability
Windows Mark of the Web Security Feature Bypass Vulnerability
nvd
CVE-2022-41033HIGHCVSS 7.8KEVfixed in 10.0.22000.10982022-10-11
CVE-2022-41033 [HIGH] CWE-843 CVE-2022-41033: Windows COM+ Event System Service Elevation of Privilege Vulnerability
Windows COM+ Event System Service Elevation of Privilege Vulnerability
nvd
CVE-2022-37969HIGHCVSS 7.8KEVfixed in 10.0.22000.9782022-09-13
CVE-2022-37969 [HIGH] CWE-787 CVE-2022-37969: Windows Common Log File System Driver Elevation of Privilege Vulnerability
Windows Common Log File System Driver Elevation of Privilege Vulnerability
nvd
CVE-2022-34713HIGHCVSS 7.8KEVfixed in 10.0.22000.8562022-08-09
CVE-2022-34713 [HIGH] CVE-2022-34713: Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability
Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability
nvd
CVE-2022-22047HIGHCVSS 7.8KEVfixed in 10.0.22000.7952022-07-12
CVE-2022-22047 [HIGH] CWE-426 CVE-2022-22047: Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability
Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability
nvd
CVE-2022-30190HIGHCVSS 7.8KEVPoCfixed in 10.0.22000.7392022-06-01
CVE-2022-30190 [HIGH] CVE-2022-30190: A remote code execution vulnerability exists when MSDT is called using the URL protocol from a calli
A remote code execution vulnerability exists when MSDT is called using the URL protocol from a calling application such as Word. An attacker who successfully exploits this vulnerability can run arbitrary code with the privileges of the calling application. The attacker can then install programs, view, change, or delete data, or create new accounts in the cont
nvd
CVE-2022-26923HIGHCVSS 8.8KEVPoCfixed in 10.0.22000.18172022-05-10
CVE-2022-26923 [HIGH] CWE-295 CVE-2022-26923: Active Directory Domain Services Elevation of Privilege Vulnerability
Active Directory Domain Services Elevation of Privilege Vulnerability
nvd
CVE-2022-26934MEDIUMCVSS 6.5fixed in 10.0.22000.6752022-05-10
CVE-2022-26934 [MEDIUM] CVE-2022-26934: Windows Graphics Component Information Disclosure Vulnerability
Windows Graphics Component Information Disclosure Vulnerability
nvd
CVE-2022-26904HIGHCVSS 7.0KEVPoCfixed in 10.0.22000.6132022-04-15
CVE-2022-26904 [HIGH] CWE-362 CVE-2022-26904: Windows User Profile Service Elevation of Privilege Vulnerability
Windows User Profile Service Elevation of Privilege Vulnerability
nvd
CVE-2022-24521HIGHCVSS 7.8KEVfixed in 10.0.22000.6132022-04-15
CVE-2022-24521 [HIGH] CWE-787 CVE-2022-24521: Windows Common Log File System Driver Elevation of Privilege Vulnerability
Windows Common Log File System Driver Elevation of Privilege Vulnerability
nvd
CVE-2022-21999HIGHCVSS 7.8KEVPoCfixed in 10.0.22000.4932022-02-09
CVE-2022-21999 [HIGH] CWE-22 CVE-2022-21999: Windows Print Spooler Elevation of Privilege Vulnerability
Windows Print Spooler Elevation of Privilege Vulnerability
nvd
CVE-2022-22718HIGHCVSS 7.8KEVfixed in 10.0.22000.4932022-02-09
CVE-2022-22718 [HIGH] CVE-2022-22718: Windows Print Spooler Elevation of Privilege Vulnerability
Windows Print Spooler Elevation of Privilege Vulnerability
nvd
CVE-2022-21971HIGHCVSS 7.8KEVfixed in 10.0.22000.4932022-02-09
CVE-2022-21971 [HIGH] CWE-824 CVE-2022-21971: Windows Runtime Remote Code Execution Vulnerability
Windows Runtime Remote Code Execution Vulnerability
nvd
CVE-2022-21919HIGHCVSS 7.0KEVPoCfixed in 10.0.22000.4342022-01-11
CVE-2022-21919 [HIGH] CWE-59 CVE-2022-21919: Windows User Profile Service Elevation of Privilege Vulnerability
Windows User Profile Service Elevation of Privilege Vulnerability
nvd
CVE-2022-21871HIGHCVSS 7.8fixed in 10.0.22000.4342022-01-11
CVE-2022-21871 [HIGH] CVE-2022-21871: Microsoft Diagnostics Hub Standard Collector Runtime Elevation of Privilege Vulnerability
Microsoft Diagnostics Hub Standard Collector Runtime Elevation of Privilege Vulnerability
nvd
CVE-2021-43226HIGHCVSS 7.8KEVfixed in 10.0.22000.3762021-12-15
CVE-2021-43226 [HIGH] CVE-2021-43226: Windows Common Log File System Driver Elevation of Privilege Vulnerability
Windows Common Log File System Driver Elevation of Privilege Vulnerability
nvd
CVE-2021-41379HIGHCVSS 7.8KEVfixed in 10.0.22000.3182021-11-10
CVE-2021-41379 [HIGH] CWE-59 CVE-2021-41379: Windows Installer Elevation of Privilege Vulnerability
Windows Installer Elevation of Privilege Vulnerability
nvd
CVE-2021-34527HIGHCVSS 8.8KEVPoCfixed in 10.0.22000.3182021-07-02
CVE-2021-34527 [HIGH] CVE-2021-34527: <p>A remote code execution vulnerability exists when the Windows Print Spooler service improperly pe
A remote code execution vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations. An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
UPDAT
nvd
CVE-2019-0887HIGHCVSS 8.0v10.0.22000.3762019-07-15
CVE-2019-0887 [HIGH] CWE-22 CVE-2019-0887: A remote code execution vulnerability exists in Remote Desktop Services - formerly known as Terminal
A remote code execution vulnerability exists in Remote Desktop Services - formerly known as Terminal Services - when an authenticated attacker abuses clipboard redirection, aka 'Remote Desktop Services Remote Code Execution Vulnerability'.
nvd
← Previous40 / 40