cbcvebase.

Microsoft Windows 11 Version 23H2 vulnerabilities

1,661 known vulnerabilities affecting microsoft/windows_11_version_23h2.

Total CVEs
1,661
CISA KEV
59
actively exploited
Public exploits
42
Exploited in wild
71
Severity breakdown
CRITICAL25HIGH1170MEDIUM458LOW8

Vulnerabilities

Page 65 of 84
CVE-2025-55229P4MEDIUMCVSS 5.3≥ 10.0.22631.0, < 10.0.22631.53352025-08-21
CVE-2025-55229 [MEDIUM] CWE-347 CVE-2025-55229: Improper verification of cryptographic signature in Windows Certificates allows an unauthorized atta Improper verification of cryptographic signature in Windows Certificates allows an unauthorized attacker to perform spoofing over a network.
nvd
CVE-2026-40401P4HIGHCVSS 7.1≥ 10.0.22631.0, < 10.0.22631.70792026-05-12
CVE-2026-40401 [HIGH] CWE-476 CVE-2026-40401: Null pointer dereference in Windows TCP/IP allows an unauthorized attacker to deny service locally. Null pointer dereference in Windows TCP/IP allows an unauthorized attacker to deny service locally.
cvelistv5nvd
CVE-2024-49110P4MEDIUMCVSS 6.8≥ 10.0.22631.0, < 10.0.22631.46022024-12-12
CVE-2024-49110 [MEDIUM] CWE-125 CVE-2024-49110: Windows Mobile Broadband Driver Elevation of Privilege Vulnerability Windows Mobile Broadband Driver Elevation of Privilege Vulnerability
nvd
CVE-2024-49073P4MEDIUMCVSS 6.8≥ 10.0.22631.0, < 10.0.22631.46022024-12-12
CVE-2024-49073 [MEDIUM] CWE-20 CVE-2024-49073: Windows Mobile Broadband Driver Elevation of Privilege Vulnerability Windows Mobile Broadband Driver Elevation of Privilege Vulnerability
nvd
CVE-2024-49077P4MEDIUMCVSS 6.8≥ 10.0.22631.0, < 10.0.22631.46022024-12-12
CVE-2024-49077 [MEDIUM] CWE-125 CVE-2024-49077: Windows Mobile Broadband Driver Elevation of Privilege Vulnerability Windows Mobile Broadband Driver Elevation of Privilege Vulnerability
nvd
CVE-2024-49078P4MEDIUMCVSS 6.8≥ 10.0.22631.0, < 10.0.22631.46022024-12-12
CVE-2024-49078 [MEDIUM] CWE-125 CVE-2024-49078: Windows Mobile Broadband Driver Elevation of Privilege Vulnerability Windows Mobile Broadband Driver Elevation of Privilege Vulnerability
nvd
CVE-2024-49083P4MEDIUMCVSS 6.8≥ 10.0.22631.0, < 10.0.22631.46022024-12-12
CVE-2024-49083 [MEDIUM] CWE-125 CVE-2024-49083: Windows Mobile Broadband Driver Elevation of Privilege Vulnerability Windows Mobile Broadband Driver Elevation of Privilege Vulnerability
nvd
CVE-2024-49092P4MEDIUMCVSS 6.8≥ 10.0.22631.0, < 10.0.22631.46022024-12-12
CVE-2024-49092 [MEDIUM] CWE-125 CVE-2024-49092: Windows Mobile Broadband Driver Elevation of Privilege Vulnerability Windows Mobile Broadband Driver Elevation of Privilege Vulnerability
nvd
CVE-2024-43634P4MEDIUMCVSS 6.8≥ 10.0.22631.0, < 10.0.22631.44602024-11-12
CVE-2024-43634 [MEDIUM] CWE-125 CVE-2024-43634: Windows USB Video Class System Driver Elevation of Privilege Vulnerability Windows USB Video Class System Driver Elevation of Privilege Vulnerability
nvd
CVE-2024-43449P4MEDIUMCVSS 6.8≥ 10.0.22631.0, < 10.0.22631.44602024-11-12
CVE-2024-43449 [MEDIUM] CWE-125 CVE-2024-43449: Windows USB Video Class System Driver Elevation of Privilege Vulnerability Windows USB Video Class System Driver Elevation of Privilege Vulnerability
nvd
CVE-2024-43637P4MEDIUMCVSS 6.8≥ 10.0.22631.0, < 10.0.22631.44602024-11-12
CVE-2024-43637 [MEDIUM] CWE-125 CVE-2024-43637: Windows USB Video Class System Driver Elevation of Privilege Vulnerability Windows USB Video Class System Driver Elevation of Privilege Vulnerability
nvd
CVE-2024-43638P4MEDIUMCVSS 6.8≥ 10.0.22631.0, < 10.0.22631.44602024-11-12
CVE-2024-43638 [MEDIUM] CWE-125 CVE-2024-43638: Windows USB Video Class System Driver Elevation of Privilege Vulnerability Windows USB Video Class System Driver Elevation of Privilege Vulnerability
nvd
CVE-2024-43643P4MEDIUMCVSS 6.8≥ 10.0.22631.0, < 10.0.22631.44602024-11-12
CVE-2024-43643 [MEDIUM] CWE-125 CVE-2024-43643: Windows USB Video Class System Driver Elevation of Privilege Vulnerability Windows USB Video Class System Driver Elevation of Privilege Vulnerability
nvd
CVE-2024-38223P4MEDIUMCVSS 6.8≥ 10.0.22631.0, < 10.0.22631.40372024-08-13
CVE-2024-38223 [MEDIUM] CWE-284 CVE-2024-38223: Windows Initial Machine Configuration Elevation of Privilege Vulnerability Windows Initial Machine Configuration Elevation of Privilege Vulnerability
nvd
CVE-2025-24987P4MEDIUMCVSS 6.8≥ 10.0.22631.0, < 10.0.22631.50392025-03-11
CVE-2025-24987 [MEDIUM] CWE-125 CVE-2025-24987: Out-of-bounds read in Windows USB Video Driver allows an authorized attacker to elevate privileges w Out-of-bounds read in Windows USB Video Driver allows an authorized attacker to elevate privileges with a physical attack.
nvd
CVE-2025-24988P4MEDIUMCVSS 6.8≥ 10.0.22631.0, < 10.0.22631.50392025-03-11
CVE-2025-24988 [MEDIUM] CWE-125 CVE-2025-24988: Out-of-bounds read in Windows USB Video Driver allows an authorized attacker to elevate privileges w Out-of-bounds read in Windows USB Video Driver allows an authorized attacker to elevate privileges with a physical attack.
nvd
CVE-2025-47999P4MEDIUMCVSS 6.8≥ 10.0.22631.0, < 10.0.22631.56242025-07-08
CVE-2025-47999 [MEDIUM] CWE-820 CVE-2025-47999: Missing synchronization in Windows Hyper-V allows an authorized attacker to deny service over an adj Missing synchronization in Windows Hyper-V allows an authorized attacker to deny service over an adjacent network.
nvd
CVE-2025-21242P4MEDIUMCVSS 5.9≥ 10.0.22631.0, < 10.0.22631.47512025-01-14
CVE-2025-21242 [MEDIUM] CWE-200 CVE-2025-21242: Windows Kerberos Information Disclosure Vulnerability Windows Kerberos Information Disclosure Vulnerability
nvd
CVE-2025-32722P4MEDIUMCVSS 5.5≥ 10.0.22631.0, < 10.0.22631.54722025-06-10
CVE-2025-32722 [MEDIUM] CWE-284 CVE-2025-32722: Improper access control in Windows Storage Port Driver allows an authorized attacker to disclose inf Improper access control in Windows Storage Port Driver allows an authorized attacker to disclose information locally.
nvd
CVE-2025-59284P4MEDIUMCVSS 5.5≥ 10.0.22631.0, < 10.0.22631.60602025-10-14
CVE-2025-59284 [MEDIUM] CWE-200 CVE-2025-59284: Exposure of sensitive information to an unauthorized actor in Windows NTLM allows an unauthorized at Exposure of sensitive information to an unauthorized actor in Windows NTLM allows an unauthorized attacker to perform spoofing locally.
nvd
← Previous65 / 84Next →
Microsoft Windows 11 Version 23H2 vulnerabilities | cvebase