Microsoft Windows 11 Version 21H2 vulnerabilities

1,560 known vulnerabilities affecting microsoft/windows_11_version_21h2.

Total CVEs

1,560

CISA KEV

actively exploited

Public exploits

Exploited in wild

Severity breakdown

CRITICAL51HIGH1137MEDIUM368LOW4

Vulnerabilities

Page 23 of 78

CVE-2024-21316MEDIUMCVSS 6.1≥ 10.0.0, < 10.0.22000.27132024-01-09

CVE-2024-21316 [MEDIUM] CWE-20 CVE-2024-21316: Windows Server Key Distribution Service Security Feature Bypass Windows Server Key Distribution Service Security Feature Bypass

cvelistv5nvd

CVE-2024-21320MEDIUMCVSS 6.5PoC≥ 10.0.0, < 10.0.22000.27132024-01-09

CVE-2024-21320 [MEDIUM] CWE-200 Windows Themes Spoofing Vulnerability Windows Themes Spoofing Vulnerability Windows Themes Spoofing Vulnerability

cvelistv5

CVE-2024-20691MEDIUMCVSS 4.7≥ 10.0.0, < 10.0.22000.27132024-01-09

CVE-2024-20691 [MEDIUM] CWE-125 CVE-2024-20691: Windows Themes Information Disclosure Vulnerability Windows Themes Information Disclosure Vulnerability

cvelistv5nvd

CVE-2024-20690MEDIUMCVSS 6.5≥ 10.0.0, < 10.0.22000.27132024-01-09

CVE-2024-20690 [MEDIUM] CWE-310 Windows Nearby Sharing Spoofing Vulnerability Windows Nearby Sharing Spoofing Vulnerability Windows Nearby Sharing Spoofing Vulnerability

cvelistv5

CVE-2024-20666MEDIUMCVSS 6.6≥ 10.0.0, < 10.0.22000.27132024-01-09

CVE-2024-20666 [MEDIUM] CWE-20 BitLocker Security Feature Bypass Vulnerability BitLocker Security Feature Bypass Vulnerability BitLocker Security Feature Bypass Vulnerability

cvelistv5

CVE-2024-21313MEDIUMCVSS 5.3≥ 10.0.0, < 10.0.22000.27132024-01-09

CVE-2024-21313 [MEDIUM] CWE-209 CVE-2024-21313: Windows TCP/IP Information Disclosure Vulnerability Windows TCP/IP Information Disclosure Vulnerability

cvelistv5nvd

CVE-2024-21305MEDIUMCVSS 4.4≥ 10.0.0, < 10.0.22000.27132024-01-09

CVE-2024-21305 [MEDIUM] CWE-732 CVE-2024-21305: Hypervisor-Protected Code Integrity (HVCI) Security Feature Bypass Vulnerability Hypervisor-Protected Code Integrity (HVCI) Security Feature Bypass Vulnerability

cvelistv5nvd

CVE-2024-20694MEDIUMCVSS 5.5≥ 10.0.0, < 10.0.22000.27132024-01-09

CVE-2024-20694 [MEDIUM] CWE-908 CVE-2024-20694: Windows CoreMessaging Information Disclosure Vulnerability Windows CoreMessaging Information Disclosure Vulnerability

cvelistv5nvd

CVE-2024-20660MEDIUMCVSS 6.5≥ 10.0.0, < 10.0.22000.27132024-01-09

CVE-2024-20660 [MEDIUM] CWE-125 CVE-2024-20660: Microsoft Message Queuing Information Disclosure Vulnerability Microsoft Message Queuing Information Disclosure Vulnerability

cvelistv5nvd

CVE-2024-20663MEDIUMCVSS 6.5≥ 10.0.0, < 10.0.22000.27132024-01-09

CVE-2024-20663 [MEDIUM] CWE-822 CVE-2024-20663: Windows Message Queuing Client (MSMQC) Information Disclosure Windows Message Queuing Client (MSMQC) Information Disclosure

cvelistv5nvd

CVE-2024-20699MEDIUMCVSS 5.5≥ 10.0.0, < 10.0.22000.27132024-01-09

CVE-2024-20699 [MEDIUM] CWE-755 Windows Hyper-V Denial of Service Vulnerability Windows Hyper-V Denial of Service Vulnerability Windows Hyper-V Denial of Service Vulnerability

cvelistv5

CVE-2022-44684MEDIUMCVSS 6.5≥ 10.0.0, < 10.0.22000.13352023-12-20

CVE-2022-44684 [MEDIUM] CVE-2022-44684: Windows Local Session Manager (LSM) Denial of Service Vulnerability Windows Local Session Manager (LSM) Denial of Service Vulnerability

cvelistv5nvd

CVE-2023-35630HIGHCVSS 8.8≥ 10.0.0, < 10.0.22000.26522023-12-12

CVE-2023-35630 [HIGH] CWE-122 CVE-2023-35630: Internet Connection Sharing (ICS) Remote Code Execution Vulnerability Internet Connection Sharing (ICS) Remote Code Execution Vulnerability

cvelistv5nvd

CVE-2023-35641HIGHCVSS 8.8≥ 10.0.0, < 10.0.22000.26522023-12-12

CVE-2023-35641 [HIGH] CWE-682 CVE-2023-35641: Internet Connection Sharing (ICS) Remote Code Execution Vulnerability Internet Connection Sharing (ICS) Remote Code Execution Vulnerability

cvelistv5nvd

CVE-2023-35644HIGHCVSS 7.8≥ 10.0.0, < 10.0.22000.26522023-12-12

CVE-2023-35644 [HIGH] CWE-190 CVE-2023-35644: Windows Sysmain Service Elevation of Privilege Vulnerability Windows Sysmain Service Elevation of Privilege Vulnerability

cvelistv5nvd

CVE-2023-35628HIGHCVSS 8.1≥ 10.0.0, < 10.0.22000.26522023-12-12

CVE-2023-35628 [HIGH] CWE-416 CVE-2023-35628: Windows MSHTML Platform Remote Code Execution Vulnerability Windows MSHTML Platform Remote Code Execution Vulnerability

cvelistv5nvd

CVE-2023-36011HIGHCVSS 7.8≥ 10.0.0, < 10.0.22000.26522023-12-12

CVE-2023-36011 [HIGH] CWE-822 Win32k Elevation of Privilege Vulnerability Win32k Elevation of Privilege Vulnerability Win32k Elevation of Privilege Vulnerability

cvelistv5

CVE-2023-36003HIGHCVSS 7.3≥ 10.0.0, < 10.0.22000.26522023-12-12

CVE-2023-36003 [HIGH] CWE-426 CVE-2023-36003: XAML Diagnostics Elevation of Privilege Vulnerability XAML Diagnostics Elevation of Privilege Vulnerability

cvelistv5nvd

CVE-2023-35634HIGHCVSS 8.8≥ 10.0.0, < 10.0.22000.26522023-12-12

CVE-2023-35634 [HIGH] CWE-121 CVE-2023-35634: Windows Bluetooth Driver Remote Code Execution Vulnerability Windows Bluetooth Driver Remote Code Execution Vulnerability

cvelistv5nvd

CVE-2023-36006HIGHCVSS 8.8≥ 10.0.0, < 10.0.22000.26522023-12-12

CVE-2023-36006 [HIGH] CWE-121 CVE-2023-36006: Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability

cvelistv5nvd

← Previous23 / 78Next →