cbcvebase.

Microsoft Windows 11 Version 23H2 vulnerabilities

1,661 known vulnerabilities affecting microsoft/windows_11_version_23h2.

Total CVEs
1,661
CISA KEV
59
actively exploited
Public exploits
42
Exploited in wild
71
Severity breakdown
CRITICAL25HIGH1170MEDIUM458LOW8

Vulnerabilities

Page 62 of 84
CVE-2024-43523P4MEDIUMCVSS 6.8≥ 10.0.22631.0, < 10.0.22631.43172024-10-08
CVE-2024-43523 [MEDIUM] CWE-20 CVE-2024-43523: Windows Mobile Broadband Driver Remote Code Execution Vulnerability Windows Mobile Broadband Driver Remote Code Execution Vulnerability
nvd
CVE-2024-43524P4MEDIUMCVSS 6.8≥ 10.0.22631.0, < 10.0.22631.43172024-10-08
CVE-2024-43524 [MEDIUM] CWE-118 CVE-2024-43524: Windows Mobile Broadband Driver Remote Code Execution Vulnerability Windows Mobile Broadband Driver Remote Code Execution Vulnerability
nvd
CVE-2024-43525P4MEDIUMCVSS 6.8≥ 10.0.22631.0, < 10.0.22631.43172024-10-08
CVE-2024-43525 [MEDIUM] CWE-20 CVE-2024-43525: Windows Mobile Broadband Driver Remote Code Execution Vulnerability Windows Mobile Broadband Driver Remote Code Execution Vulnerability
nvd
CVE-2024-43526P4MEDIUMCVSS 6.8≥ 10.0.22631.0, < 10.0.22631.43172024-10-08
CVE-2024-43526 [MEDIUM] CWE-20 CVE-2024-43526: Windows Mobile Broadband Driver Remote Code Execution Vulnerability Windows Mobile Broadband Driver Remote Code Execution Vulnerability
nvd
CVE-2024-43543P4MEDIUMCVSS 6.8≥ 10.0.22631.0, < 10.0.22631.43172024-10-08
CVE-2024-43543 [MEDIUM] CWE-601 CVE-2024-43543: Windows Mobile Broadband Driver Remote Code Execution Vulnerability Windows Mobile Broadband Driver Remote Code Execution Vulnerability
nvd
CVE-2024-43536P4MEDIUMCVSS 6.8≥ 10.0.22631.0, < 10.0.22631.43172024-10-08
CVE-2024-43536 [MEDIUM] CWE-601 CVE-2024-43536: Windows Mobile Broadband Driver Remote Code Execution Vulnerability Windows Mobile Broadband Driver Remote Code Execution Vulnerability
nvd
CVE-2024-21431P4MEDIUMCVSS 6.7≥ 10.0.22631.0, < 10.0.22631.32962024-03-12
CVE-2024-21431 [MEDIUM] CWE-732 CVE-2024-21431: Hypervisor-Protected Code Integrity (HVCI) Security Feature Bypass Vulnerability Hypervisor-Protected Code Integrity (HVCI) Security Feature Bypass Vulnerability
nvd
CVE-2025-49743P4MEDIUMCVSS 6.7≥ 10.0.22631.0, < 10.0.22631.57682025-08-12
CVE-2025-49743 [MEDIUM] CWE-362 CVE-2025-49743: Concurrent execution using shared resource with improper synchronization ('race condition') in Micro Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally.
nvd
CVE-2025-48811P4MEDIUMCVSS 6.7≥ 10.0.22631.0, < 10.0.22631.56242025-07-08
CVE-2025-48811 [MEDIUM] CWE-353 CVE-2025-48811: Missing support for integrity check in Windows Virtualization-Based Security (VBS) Enclave allows an Missing support for integrity check in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to elevate privileges locally.
nvd
CVE-2025-48803P4MEDIUMCVSS 6.7≥ 10.0.22631.0, < 10.0.22631.56242025-07-08
CVE-2025-48803 [MEDIUM] CWE-353 CVE-2025-48803: Missing support for integrity check in Windows Virtualization-Based Security (VBS) Enclave allows an Missing support for integrity check in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to elevate privileges locally.
nvd
CVE-2024-26209P4MEDIUMCVSS 5.5≥ 10.0.22631.0, < 10.0.22631.34472024-04-09
CVE-2024-26209 [MEDIUM] CWE-908 CVE-2024-26209: Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability
nvd
CVE-2026-40380P4MEDIUMCVSS 6.2≥ 10.0.22631.0, < 10.0.22631.7079≥ 10.0.22631.0, < 10.0.22631.72192026-05-12
CVE-2026-40380 [MEDIUM] CWE-122 CVE-2026-40380: Heap-based buffer overflow in Volume Manager Extension Driver allows an authorized attacker to execu Heap-based buffer overflow in Volume Manager Extension Driver allows an authorized attacker to execute code with a physical attack.
nvd
CVE-2026-32072P4MEDIUMCVSS 6.2≥ 10.0.22631.0, < 10.0.22631.69362026-04-14
CVE-2026-32072 [MEDIUM] CWE-287 CVE-2026-32072: Improper authentication in Windows Active Directory allows an unauthorized attacker to perform spoof Improper authentication in Windows Active Directory allows an unauthorized attacker to perform spoofing locally.
nvd
CVE-2026-20927P4MEDIUMCVSS 5.3≥ 10.0.22631.0, < 10.0.22631.64912026-01-13
CVE-2026-20927 [MEDIUM] CWE-362 CVE-2026-20927: Concurrent execution using shared resource with improper synchronization ('race condition') in Windo Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SMB Server allows an authorized attacker to deny service over a network.
nvd
CVE-2024-26160P4MEDIUMCVSS 5.5≥ 10.0.22631.0, < 10.0.22631.32962024-03-12
CVE-2024-26160 [MEDIUM] CWE-126 CVE-2024-26160: Windows Cloud Files Mini Filter Driver Information Disclosure Vulnerability Windows Cloud Files Mini Filter Driver Information Disclosure Vulnerability
nvd
CVE-2024-21356P4MEDIUMCVSS 6.5≥ 10.0.22631.0, < 10.0.22631.31552024-02-13
CVE-2024-21356 [MEDIUM] CWE-476 CVE-2024-21356: Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability
nvd
CVE-2024-21429P4MEDIUMCVSS 6.8≥ 10.0.22631.0, < 10.0.22631.32962024-03-12
CVE-2024-21429 [MEDIUM] CWE-197 CVE-2024-21429: Windows USB Hub Driver Remote Code Execution Vulnerability Windows USB Hub Driver Remote Code Execution Vulnerability
nvd
CVE-2024-21405P4HIGHCVSS 7.0≥ 10.0.22631.0, < 10.0.22631.31552024-02-13
CVE-2024-21405 [HIGH] CWE-591 CVE-2024-21405: Microsoft Message Queuing (MSMQ) Elevation of Privilege Vulnerability Microsoft Message Queuing (MSMQ) Elevation of Privilege Vulnerability
nvd
CVE-2024-21355P4HIGHCVSS 7.0≥ 10.0.22631.0, < 10.0.22631.31552024-02-13
CVE-2024-21355 [HIGH] CWE-591 CVE-2024-21355: Microsoft Message Queuing (MSMQ) Elevation of Privilege Vulnerability Microsoft Message Queuing (MSMQ) Elevation of Privilege Vulnerability
nvd
CVE-2024-26252P4MEDIUMCVSS 6.8≥ 10.0.22631.0, < 10.0.22631.34472024-04-09
CVE-2024-26252 [MEDIUM] CWE-822 CVE-2024-26252: Windows rndismp6.sys Remote Code Execution Vulnerability Windows rndismp6.sys Remote Code Execution Vulnerability
nvd
← Previous62 / 84Next →
Microsoft Windows 11 Version 23H2 vulnerabilities | cvebase