Microsoft Windows 11 22H2 vulnerabilities

1,431 known vulnerabilities affecting microsoft/windows_11_22h2.

Total CVEs
1,431
CISA KEV
67
actively exploited
Public exploits
28
Exploited in wild
44
Severity breakdown
CRITICAL39HIGH1000MEDIUM387LOW5

Vulnerabilities

Page 70 of 72
CVE-2023-24865MEDIUMCVSS 6.5fixed in 10.0.22000.14132023-03-14
CVE-2023-24865 [MEDIUM] CWE-20 CVE-2023-24865: Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability
nvd
CVE-2023-24862MEDIUMCVSS 5.5fixed in 10.0.22000.14132023-03-14
CVE-2023-24862 [MEDIUM] CWE-125 CVE-2023-24862: Windows Secure Channel Denial of Service Vulnerability Windows Secure Channel Denial of Service Vulnerability
nvd
CVE-2023-24906MEDIUMCVSS 6.5fixed in 10.0.22000.14132023-03-14
CVE-2023-24906 [MEDIUM] CWE-190 CVE-2023-24906: Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability
nvd
CVE-2023-24911MEDIUMCVSS 4.3fixed in 10.0.22000.14132023-03-14
CVE-2023-24911 [MEDIUM] CWE-191 CVE-2023-24911: Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability
nvd
CVE-2023-24880MEDIUMCVSS 4.4KEVfixed in 10.0.22000.14132023-03-14
CVE-2023-24880 [MEDIUM] CWE-863 CVE-2023-24880: Windows SmartScreen Security Feature Bypass Vulnerability Windows SmartScreen Security Feature Bypass Vulnerability
nvd
CVE-2023-23394MEDIUMCVSS 5.5fixed in 10.0.22000.14132023-03-14
CVE-2023-23394 [MEDIUM] CWE-822 CVE-2023-23394: Client Server Run-Time Subsystem (CSRSS) Information Disclosure Vulnerability Client Server Run-Time Subsystem (CSRSS) Information Disclosure Vulnerability
nvd
CVE-2023-24866MEDIUMCVSS 6.5fixed in 10.0.22000.14132023-03-14
CVE-2023-24866 [MEDIUM] CWE-20 CVE-2023-24866: Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability
nvd
CVE-2023-24857MEDIUMCVSS 6.5fixed in 10.0.22000.14132023-03-14
CVE-2023-24857 [MEDIUM] CWE-126 CVE-2023-24857: Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability
nvd
CVE-2023-24863MEDIUMCVSS 6.5fixed in 10.0.22000.14132023-03-14
CVE-2023-24863 [MEDIUM] CWE-190 CVE-2023-24863: Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability
nvd
CVE-2023-24870MEDIUMCVSS 6.5fixed in 10.0.22000.14132023-03-14
CVE-2023-24870 [MEDIUM] CWE-126 CVE-2023-24870: Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability
nvd
CVE-2023-23409MEDIUMCVSS 5.5fixed in 10.0.22000.14132023-03-14
CVE-2023-23409 [MEDIUM] CWE-20 CVE-2023-23409: Client Server Run-Time Subsystem (CSRSS) Information Disclosure Vulnerability Client Server Run-Time Subsystem (CSRSS) Information Disclosure Vulnerability
nvd
CVE-2023-1017HIGHCVSS 7.8fixed in 10.0.22621.14132023-02-28
CVE-2023-1017 [HIGH] CWE-787 CVE-2023-1017: An out-of-bounds write vulnerability exists in TPM2.0's Module Library allowing writing of a 2-byte An out-of-bounds write vulnerability exists in TPM2.0's Module Library allowing writing of a 2-byte data past the end of TPM2.0 command in the CryptParameterDecryption routine. An attacker who can successfully exploit this vulnerability can lead to denial of service (crashing the TPM chip/process or rendering it unusable) and/or arbitrary code execution
nvd
CVE-2023-1018MEDIUMCVSS 5.5fixed in 10.0.22621.14132023-02-28
CVE-2023-1018 [MEDIUM] CWE-125 CVE-2023-1018: An out-of-bounds read vulnerability exists in TPM2.0's Module Library allowing a 2-byte read past th An out-of-bounds read vulnerability exists in TPM2.0's Module Library allowing a 2-byte read past the end of a TPM2.0 command in the CryptParameterDecryption routine. An attacker who can successfully exploit this vulnerability can read or access sensitive data stored in the TPM.
nvd
CVE-2023-21689CRITICALCVSS 9.8fixed in 10.0.22621.12652023-02-14
CVE-2023-21689 [CRITICAL] CWE-122 CVE-2023-21689: Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability
nvd
CVE-2023-21690CRITICALCVSS 9.8fixed in 10.0.22621.12652023-02-14
CVE-2023-21690 [CRITICAL] CWE-122 CVE-2023-21690: Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability
nvd
CVE-2023-21692CRITICALCVSS 9.8fixed in 10.0.22621.12652023-02-14
CVE-2023-21692 [CRITICAL] CWE-122 CVE-2023-21692: Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability
nvd
CVE-2023-21816HIGHCVSS 7.5fixed in 10.0.22621.12652023-02-14
CVE-2023-21816 [HIGH] CWE-20 CVE-2023-21816: Windows Active Directory Domain Services API Denial of Service Vulnerability Windows Active Directory Domain Services API Denial of Service Vulnerability
nvd
CVE-2023-21823HIGHCVSS 7.8KEVfixed in 10.0.22621.12652023-02-14
CVE-2023-21823 [HIGH] CWE-190 CVE-2023-21823: Windows Graphics Component Remote Code Execution Vulnerability Windows Graphics Component Remote Code Execution Vulnerability
nvd
CVE-2023-21817HIGHCVSS 7.8fixed in 10.0.22621.12652023-02-14
CVE-2023-21817 [HIGH] CWE-287 CVE-2023-21817: Windows Kerberos Elevation of Privilege Vulnerability Windows Kerberos Elevation of Privilege Vulnerability
nvd
CVE-2023-21691HIGHCVSS 7.5fixed in 10.0.22621.12652023-02-14
CVE-2023-21691 [HIGH] CWE-125 CVE-2023-21691: Microsoft Protected Extensible Authentication Protocol (PEAP) Information Disclosure Vulnerability Microsoft Protected Extensible Authentication Protocol (PEAP) Information Disclosure Vulnerability
nvd
← Previous70 / 72Next →
Microsoft Windows 11 22H2 vulnerabilities | cvebase