cbcvebase.

Microsoft Windows 11 Version 23H2 vulnerabilities

1,661 known vulnerabilities affecting microsoft/windows_11_version_23h2.

Total CVEs
1,661
CISA KEV
59
actively exploited
Public exploits
42
Exploited in wild
71
Severity breakdown
CRITICAL25HIGH1170MEDIUM458LOW8

Vulnerabilities

Page 53 of 84
CVE-2025-21270P3HIGHCVSS 7.5≥ 10.0.22631.0, < 10.0.22631.47512025-01-14
CVE-2025-21270 [HIGH] CWE-400 CVE-2025-21270: Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
nvd
CVE-2024-43565P3HIGHCVSS 7.5≥ 10.0.22631.0, < 10.0.22631.43172024-10-08
CVE-2024-43565 [HIGH] CWE-125 CVE-2024-43565: Windows Network Address Translation (NAT) Denial of Service Vulnerability Windows Network Address Translation (NAT) Denial of Service Vulnerability
nvd
CVE-2024-43562P3HIGHCVSS 7.5≥ 10.0.22631.0, < 10.0.22631.43172024-10-08
CVE-2024-43562 [HIGH] CWE-125 CVE-2024-43562: Windows Network Address Translation (NAT) Denial of Service Vulnerability Windows Network Address Translation (NAT) Denial of Service Vulnerability
nvd
CVE-2024-38091P3HIGHCVSS 7.5≥ 10.0.22631.0, < 10.0.22631.38802024-07-09
CVE-2024-38091 [HIGH] CWE-166 CVE-2024-38091: Microsoft WS-Discovery Denial of Service Vulnerability Microsoft WS-Discovery Denial of Service Vulnerability
nvd
CVE-2025-21330P3HIGHCVSS 7.5≥ 10.0.22631.0, < 10.0.22631.47512025-01-14
CVE-2025-21330 [HIGH] CWE-400 CVE-2025-21330: Windows Remote Desktop Services Denial of Service Vulnerability Windows Remote Desktop Services Denial of Service Vulnerability
nvd
CVE-2024-21343P3HIGHCVSS 7.5≥ 10.0.22631.0, < 10.0.22631.31552024-02-13
CVE-2024-21343 [HIGH] CWE-125 CVE-2024-21343: Windows Network Address Translation (NAT) Denial of Service Vulnerability Windows Network Address Translation (NAT) Denial of Service Vulnerability
nvd
CVE-2024-30093P3HIGHCVSS 7.3≥ 10.0.22631.0, < 10.0.22631.37372024-06-11
CVE-2024-30093 [HIGH] CWE-59 CVE-2024-30093: Windows Storage Elevation of Privilege Vulnerability Windows Storage Elevation of Privilege Vulnerability
nvd
CVE-2024-43529P3HIGHCVSS 7.3≥ 10.0.22631.0, < 10.0.22631.43172024-10-08
CVE-2024-43529 [HIGH] CWE-822 CVE-2024-43529: Windows Print Spooler Elevation of Privilege Vulnerability Windows Print Spooler Elevation of Privilege Vulnerability
nvd
CVE-2024-30050P3MEDIUMCVSS 5.4≥ 10.0.22631.0, < 10.0.22631.35932024-05-14
CVE-2024-30050 [MEDIUM] CWE-693 CVE-2024-30050: Windows Mark of the Web Security Feature Bypass Vulnerability Windows Mark of the Web Security Feature Bypass Vulnerability
nvd
CVE-2025-26651P3MEDIUMCVSS 6.5≥ 10.0.22631.0, < 10.0.22631.51892025-04-08
CVE-2025-26651 [MEDIUM] CWE-749 CVE-2025-26651: Exposed dangerous method or function in Windows Local Session Manager (LSM) allows an authorized att Exposed dangerous method or function in Windows Local Session Manager (LSM) allows an authorized attacker to deny service over a network.
nvd
CVE-2025-59208P3HIGHCVSS 7.1≥ 10.0.22631.0, < 10.0.22631.60602025-10-14
CVE-2025-59208 [HIGH] CWE-125 CVE-2025-59208: Out-of-bounds read in Windows MapUrlToZone allows an unauthorized attacker to disclose information o Out-of-bounds read in Windows MapUrlToZone allows an unauthorized attacker to disclose information over a network.
nvd
CVE-2025-59282P3HIGHCVSS 7.0≥ 10.0.22631.0, < 10.0.22631.60602025-10-14
CVE-2025-59282 [HIGH] CWE-362 CVE-2025-59282: Concurrent execution using shared resource with improper synchronization ('race condition') in Inbox Concurrent execution using shared resource with improper synchronization ('race condition') in Inbox COM Objects allows an unauthorized attacker to execute code locally.
nvd
CVE-2025-55680P3HIGHCVSS 7.0≥ 10.0.22631.0, < 10.0.22631.60602025-10-14
CVE-2025-55680 [HIGH] CWE-367 CVE-2025-55680: Time-of-check time-of-use (toctou) race condition in Windows Cloud Files Mini Filter Driver allows a Time-of-check time-of-use (toctou) race condition in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally.
nvd
CVE-2025-53147P3HIGHCVSS 7.0≥ 10.0.22631.0, < 10.0.22631.57682025-08-12
CVE-2025-53147 [HIGH] CWE-416 CVE-2025-53147: Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to ele Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
nvd
CVE-2025-53137P3HIGHCVSS 7.0≥ 10.0.22631.0, < 10.0.22631.57682025-08-12
CVE-2025-53137 [HIGH] CWE-416 CVE-2025-53137: Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to ele Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
nvd
CVE-2025-50167P3HIGHCVSS 7.0≥ 10.0.22631.0, < 10.0.22631.57682025-08-12
CVE-2025-50167 [HIGH] CWE-362 CVE-2025-50167: Concurrent execution using shared resource with improper synchronization ('race condition') in Windo Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Hyper-V allows an authorized attacker to elevate privileges locally.
nvd
CVE-2025-53802P3HIGHCVSS 7.0≥ 10.0.22631.0, < 10.0.22631.59092025-09-09
CVE-2025-53802 [HIGH] CWE-416 CVE-2025-53802: Use after free in Windows Bluetooth Service allows an authorized attacker to elevate privileges loca Use after free in Windows Bluetooth Service allows an authorized attacker to elevate privileges locally.
nvd
CVE-2025-54093P3HIGHCVSS 7.0≥ 10.0.22631.0, < 10.0.22631.59092025-09-09
CVE-2025-54093 [HIGH] CWE-367 CVE-2025-54093: Time-of-check time-of-use (toctou) race condition in Windows TCP/IP allows an authorized attacker to Time-of-check time-of-use (toctou) race condition in Windows TCP/IP allows an authorized attacker to elevate privileges locally.
nvd
CVE-2025-53718P3HIGHCVSS 7.0≥ 10.0.22631.0, < 10.0.22631.57682025-08-12
CVE-2025-53718 [HIGH] CWE-416 CVE-2025-53718: Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to ele Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
nvd
CVE-2025-53721P3HIGHCVSS 7.0≥ 10.0.22631.0, < 10.0.22631.57682025-08-12
CVE-2025-53721 [HIGH] CWE-416 CVE-2025-53721: Use after free in Windows Connected Devices Platform Service allows an authorized attacker to elevat Use after free in Windows Connected Devices Platform Service allows an authorized attacker to elevate privileges locally.
nvd
← Previous53 / 84Next →
Microsoft Windows 11 Version 23H2 vulnerabilities | cvebase