cbcvebase.

Microsoft Windows 11 Version 23H2 vulnerabilities

1,661 known vulnerabilities affecting microsoft/windows_11_version_23h2.

Total CVEs
1,661
CISA KEV
59
actively exploited
Public exploits
42
Exploited in wild
71
Severity breakdown
CRITICAL25HIGH1170MEDIUM458LOW8

Vulnerabilities

Page 48 of 84
CVE-2024-20687P3HIGHCVSS 7.5≥ 10.0.22631.0, < 10.0.22631.30072024-01-09
CVE-2024-20687 [HIGH] CWE-125 CVE-2024-20687: Microsoft AllJoyn API Denial of Service Vulnerability Microsoft AllJoyn API Denial of Service Vulnerability
nvd
CVE-2023-36003P3HIGHCVSS 7.3≥ 10.0.22631.0, < 10.0.22631.28612023-12-12
CVE-2023-36003 [HIGH] CWE-426 CVE-2023-36003: XAML Diagnostics Elevation of Privilege Vulnerability XAML Diagnostics Elevation of Privilege Vulnerability
nvd
CVE-2024-49121P3HIGHCVSS 7.5≥ 10.0.22631.0, < 10.0.22631.46022024-12-12
CVE-2024-49121 [HIGH] CWE-476 CVE-2024-49121: Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability
nvd
CVE-2024-43515P3HIGHCVSS 7.5≥ 10.0.22631.0, < 10.0.22631.43172024-10-08
CVE-2024-43515 [HIGH] CWE-400 CVE-2024-43515: Internet Small Computer Systems Interface (iSCSI) Denial of Service Vulnerability Internet Small Computer Systems Interface (iSCSI) Denial of Service Vulnerability
nvd
CVE-2025-21351P3HIGHCVSS 7.5≥ 10.0.22631.0, < 10.0.22631.48902025-02-11
CVE-2025-21351 [HIGH] CWE-400 CVE-2025-21351: Windows Active Directory Domain Services API Denial of Service Vulnerability Windows Active Directory Domain Services API Denial of Service Vulnerability
nvd
CVE-2024-38202P3HIGHCVSS 7.3≥ 10.0.22631.0, < 10.0.22631.43172024-08-08
CVE-2024-38202 [HIGH] CWE-284 CVE-2024-38202: Summary Microsoft was notified that an elevation of privilege vulnerability exists in Windows Update Summary Microsoft was notified that an elevation of privilege vulnerability exists in Windows Update, potentially enabling an attacker with basic user privileges to reintroduce previously mitigated vulnerabilities or circumvent some features of Virtualization Based Security (VBS). However, an attacker attempting to exploit this vulnerability requires
nvd
CVE-2024-21443P3HIGHCVSS 7.3≥ 10.0.22631.0, < 10.0.22631.32962024-03-12
CVE-2024-21443 [HIGH] CWE-416 CVE-2024-21443: Windows Kernel Elevation of Privilege Vulnerability Windows Kernel Elevation of Privilege Vulnerability
nvd
CVE-2024-43581P3HIGHCVSS 7.1≥ 10.0.22631.0, < 10.0.22631.43172024-10-08
CVE-2024-43581 [HIGH] CWE-73 CVE-2024-43581: Microsoft OpenSSH for Windows Remote Code Execution Vulnerability Microsoft OpenSSH for Windows Remote Code Execution Vulnerability
nvd
CVE-2024-43615P3HIGHCVSS 7.1≥ 10.0.22631.0, < 10.0.22631.43172024-10-08
CVE-2024-43615 [HIGH] CWE-73 CVE-2024-43615: Microsoft OpenSSH for Windows Remote Code Execution Vulnerability Microsoft OpenSSH for Windows Remote Code Execution Vulnerability
nvd
CVE-2026-24285P3HIGHCVSS 7.0≥ 10.0.22631.0, < 10.0.22631.67832026-03-10
CVE-2026-24285 [HIGH] CWE-416 CVE-2026-24285: Use after free in Windows Win32K allows an authorized attacker to elevate privileges locally. Use after free in Windows Win32K allows an authorized attacker to elevate privileges locally.
nvd
CVE-2026-20842P3HIGHCVSS 7.0≥ 10.0.22631.0, < 10.0.22631.64912026-01-13
CVE-2026-20842 [HIGH] CWE-416 CVE-2026-20842: Use after free in Windows DWM allows an authorized attacker to elevate privileges locally. Use after free in Windows DWM allows an authorized attacker to elevate privileges locally.
nvd
CVE-2026-32073P3HIGHCVSS 7.0≥ 10.0.22631.0, < 10.0.22631.69362026-04-14
CVE-2026-32073 [HIGH] CWE-416 CVE-2026-32073: Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to ele Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
nvd
CVE-2026-21242P3HIGHCVSS 7.0≥ 10.0.22631.0, < 10.0.22631.66492026-02-10
CVE-2026-21242 [HIGH] CWE-416 CVE-2026-21242: Use after free in Windows Subsystem for Linux allows an authorized attacker to elevate privileges lo Use after free in Windows Subsystem for Linux allows an authorized attacker to elevate privileges locally.
nvd
CVE-2025-60716P3HIGHCVSS 7.0≥ 10.0.22631.0, < 10.0.22631.61992025-11-11
CVE-2025-60716 [HIGH] CWE-416 CVE-2025-60716: Use after free in Windows DirectX allows an authorized attacker to elevate privileges locally. Use after free in Windows DirectX allows an authorized attacker to elevate privileges locally.
nvd
CVE-2025-53140P3HIGHCVSS 7.0≥ 10.0.22631.0, < 10.0.22631.57682025-08-12
CVE-2025-53140 [HIGH] CWE-416 CVE-2025-53140: Use after free in Kernel Transaction Manager allows an authorized attacker to elevate privileges loc Use after free in Kernel Transaction Manager allows an authorized attacker to elevate privileges locally.
nvd
CVE-2025-59202P3HIGHCVSS 7.0≥ 10.0.22631.0, < 10.0.22631.60602025-10-14
CVE-2025-59202 [HIGH] CWE-416 CVE-2025-59202: Use after free in Windows Remote Desktop Services allows an authorized attacker to elevate privilege Use after free in Windows Remote Desktop Services allows an authorized attacker to elevate privileges locally.
nvd
CVE-2025-55685P3HIGHCVSS 7.0≥ 10.0.22631.0, < 10.0.22631.60602025-10-14
CVE-2025-55685 [HIGH] CWE-416 CVE-2025-55685: Use after free in Windows PrintWorkflowUserSvc allows an authorized attacker to elevate privileges l Use after free in Windows PrintWorkflowUserSvc allows an authorized attacker to elevate privileges locally.
nvd
CVE-2025-55689P3HIGHCVSS 7.0≥ 10.0.22631.0, < 10.0.22631.60602025-10-14
CVE-2025-55689 [HIGH] CWE-416 CVE-2025-55689: Use after free in Windows PrintWorkflowUserSvc allows an authorized attacker to elevate privileges l Use after free in Windows PrintWorkflowUserSvc allows an authorized attacker to elevate privileges locally.
nvd
CVE-2025-55686P3HIGHCVSS 7.0≥ 10.0.22631.0, < 10.0.22631.60602025-10-14
CVE-2025-55686 [HIGH] CWE-416 CVE-2025-55686: Use after free in Windows PrintWorkflowUserSvc allows an authorized attacker to elevate privileges l Use after free in Windows PrintWorkflowUserSvc allows an authorized attacker to elevate privileges locally.
nvd
CVE-2025-55331P3HIGHCVSS 7.0≥ 10.0.22631.0, < 10.0.22631.60602025-10-14
CVE-2025-55331 [HIGH] CWE-416 CVE-2025-55331: Use after free in Windows PrintWorkflowUserSvc allows an authorized attacker to elevate privileges l Use after free in Windows PrintWorkflowUserSvc allows an authorized attacker to elevate privileges locally.
nvd
← Previous48 / 84Next →
Microsoft Windows 11 Version 23H2 vulnerabilities | cvebase