Microsoft Windows 11 21H2 vulnerabilities

799 known vulnerabilities affecting microsoft/windows_11_21h2.

Total CVEs

799

CISA KEV

actively exploited

Public exploits

Exploited in wild

Severity breakdown

CRITICAL34HIGH572MEDIUM192LOW1

Vulnerabilities

Page 7 of 40

CVE-2024-38161MEDIUMCVSS 6.8fixed in 10.0.22000.30792024-08-13

CVE-2024-38161 [MEDIUM] CWE-122 CVE-2024-38161: Windows Mobile Broadband Driver Remote Code Execution Vulnerability Windows Mobile Broadband Driver Remote Code Execution Vulnerability

nvd

CVE-2024-38155MEDIUMCVSS 5.5fixed in 10.0.22000.31472024-08-13

CVE-2024-38155 [MEDIUM] CWE-125 CVE-2024-38155: Security Center Broker Information Disclosure Vulnerability Security Center Broker Information Disclosure Vulnerability

nvd

CVE-2024-38122MEDIUMCVSS 5.5fixed in 10.0.22000.31472024-08-13

CVE-2024-38122 [MEDIUM] CWE-908 CVE-2024-38122: Microsoft Local Security Authority (LSA) Server Information Disclosure Vulnerability Microsoft Local Security Authority (LSA) Server Information Disclosure Vulnerability

nvd

CVE-2024-38223MEDIUMCVSS 6.8fixed in 10.0.22000.31472024-08-13

CVE-2024-38223 [MEDIUM] CWE-284 CVE-2024-38223: Windows Initial Machine Configuration Elevation of Privilege Vulnerability Windows Initial Machine Configuration Elevation of Privilege Vulnerability

nvd

CVE-2024-38143MEDIUMCVSS 4.2fixed in 10.0.22000.31472024-08-13

CVE-2024-38143 [MEDIUM] CWE-306 CVE-2024-38143: Windows WLAN AutoConfig Service Elevation of Privilege Vulnerability Windows WLAN AutoConfig Service Elevation of Privilege Vulnerability

nvd

CVE-2024-38151MEDIUMCVSS 5.5fixed in 10.0.22000.31472024-08-13

CVE-2024-38151 [MEDIUM] CWE-125 CVE-2024-38151: Windows Kernel Information Disclosure Vulnerability Windows Kernel Information Disclosure Vulnerability

nvd

CVE-2024-21302MEDIUMCVSS 6.7fixed in 10.0.22000.31472024-08-08

CVE-2024-21302 [MEDIUM] CWE-284 CVE-2024-21302: Summary: As of July 8, 2025 Microsoft has completed mitigations to address this vulnerability. See K Summary: As of July 8, 2025 Microsoft has completed mitigations to address this vulnerability. See KB5042562: Guidance for blocking rollback of virtualization-based security related updates and the Recommended Actions section of this CVE for guidance on how to protect your systems from this vulnerability. An elevation of privilege vulnerability exis

nvd

CVE-2024-21417HIGHCVSS 8.8fixed in 10.0.22000.30792024-07-10

CVE-2024-21417 [HIGH] CWE-862 CVE-2024-21417: Windows Text Services Framework Elevation of Privilege Vulnerability Windows Text Services Framework Elevation of Privilege Vulnerability

nvd

CVE-2024-38022HIGHCVSS 7.0fixed in 10.0.22000.30792024-07-09

CVE-2024-38022 [HIGH] CWE-59 CVE-2024-38022: Windows Image Acquisition Elevation of Privilege Vulnerability Windows Image Acquisition Elevation of Privilege Vulnerability

nvd

CVE-2024-38052HIGHCVSS 7.8fixed in 10.0.22000.30792024-07-09

CVE-2024-38052 [HIGH] CWE-20 CVE-2024-38052: Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability

nvd

CVE-2024-38064HIGHCVSS 7.5fixed in 10.0.22000.30792024-07-09

CVE-2024-38064 [HIGH] CWE-908 CVE-2024-38064: Windows TCP/IP Information Disclosure Vulnerability Windows TCP/IP Information Disclosure Vulnerability

nvd

CVE-2024-38032HIGHCVSS 7.1fixed in 10.0.22000.30792024-07-09

CVE-2024-38032 [HIGH] CWE-122 CVE-2024-38032: Microsoft Xbox Remote Code Execution Vulnerability Microsoft Xbox Remote Code Execution Vulnerability

nvd

CVE-2024-38079HIGHCVSS 7.8fixed in 10.0.22000.30792024-07-09

CVE-2024-38079 [HIGH] CWE-122 CVE-2024-38079: Windows Graphics Component Elevation of Privilege Vulnerability Windows Graphics Component Elevation of Privilege Vulnerability

nvd

CVE-2024-38019HIGHCVSS 7.2fixed in 10.0.22000.30792024-07-09

CVE-2024-38019 [HIGH] CWE-190 CVE-2024-38019: Microsoft Windows Performance Data Helper Library Remote Code Execution Vulnerability Microsoft Windows Performance Data Helper Library Remote Code Execution Vulnerability

nvd

CVE-2024-38034HIGHCVSS 7.8fixed in 10.0.22000.30792024-07-09

CVE-2024-38034 [HIGH] CWE-190 CVE-2024-38034: Windows Filtering Platform Elevation of Privilege Vulnerability Windows Filtering Platform Elevation of Privilege Vulnerability

nvd

CVE-2024-38057HIGHCVSS 7.8fixed in 10.0.22000.30792024-07-09

CVE-2024-38057 [HIGH] CWE-125 CVE-2024-38057: Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability

nvd

CVE-2024-38028HIGHCVSS 7.2fixed in 10.0.22000.30792024-07-09

CVE-2024-38028 [HIGH] CWE-125 CVE-2024-38028: Microsoft Windows Performance Data Helper Library Remote Code Execution Vulnerability Microsoft Windows Performance Data Helper Library Remote Code Execution Vulnerability

nvd

CVE-2024-38091HIGHCVSS 7.5fixed in 10.0.22000.30792024-07-09

CVE-2024-38091 [HIGH] CWE-166 CVE-2024-38091: Microsoft WS-Discovery Denial of Service Vulnerability Microsoft WS-Discovery Denial of Service Vulnerability

nvd

CVE-2024-38060HIGHCVSS 8.8fixed in 10.0.22000.30792024-07-09

CVE-2024-38060 [HIGH] CWE-122 CVE-2024-38060: Windows Imaging Component Remote Code Execution Vulnerability Windows Imaging Component Remote Code Execution Vulnerability

nvd

CVE-2024-38061HIGHCVSS 7.5fixed in 10.0.22000.30792024-07-09

CVE-2024-38061 [HIGH] CWE-284 CVE-2024-38061: DCOM Remote Cross-Session Activation Elevation of Privilege Vulnerability DCOM Remote Cross-Session Activation Elevation of Privilege Vulnerability

nvd

← Previous7 / 40Next →