cbcvebase.

Microsoft Windows 11 Version 23H2 vulnerabilities

1,661 known vulnerabilities affecting microsoft/windows_11_version_23h2.

Total CVEs
1,661
CISA KEV
59
actively exploited
Public exploits
42
Exploited in wild
71
Severity breakdown
CRITICAL25HIGH1170MEDIUM458LOW8

Vulnerabilities

Page 72 of 84
CVE-2025-33062P4MEDIUMCVSS 5.5≥ 10.0.22631.0, < 10.0.22631.54722025-06-10
CVE-2025-33062 [MEDIUM] CWE-125 CVE-2025-33062: Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.
nvd
CVE-2025-33063P4MEDIUMCVSS 5.5≥ 10.0.22631.0, < 10.0.22631.54722025-06-10
CVE-2025-33063 [MEDIUM] CWE-125 CVE-2025-33063: Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.
nvd
CVE-2025-33061P4MEDIUMCVSS 5.5≥ 10.0.22631.0, < 10.0.22631.54722025-06-10
CVE-2025-33061 [MEDIUM] CWE-125 CVE-2025-33061: Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.
nvd
CVE-2025-24069P4MEDIUMCVSS 5.5≥ 10.0.22631.0, < 10.0.22631.54722025-06-10
CVE-2025-24069 [MEDIUM] CWE-125 CVE-2025-24069: Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.
nvd
CVE-2025-33058P4MEDIUMCVSS 5.5≥ 10.0.22631.0, < 10.0.22631.54722025-06-10
CVE-2025-33058 [MEDIUM] CWE-125 CVE-2025-33058: Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.
nvd
CVE-2025-33060P4MEDIUMCVSS 5.5≥ 10.0.22631.0, < 10.0.22631.54722025-06-10
CVE-2025-33060 [MEDIUM] CWE-125 CVE-2025-33060: Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.
nvd
CVE-2025-33059P4MEDIUMCVSS 5.5≥ 10.0.22631.0, < 10.0.22631.54722025-06-10
CVE-2025-33059 [MEDIUM] CWE-125 CVE-2025-33059: Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.
nvd
CVE-2025-33065P4MEDIUMCVSS 5.5≥ 10.0.22631.0, < 10.0.22631.54722025-06-10
CVE-2025-33065 [MEDIUM] CWE-125 CVE-2025-33065: Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.
nvd
CVE-2025-24065P4MEDIUMCVSS 5.5≥ 10.0.22631.0, < 10.0.22631.54722025-06-10
CVE-2025-24065 [MEDIUM] CWE-125 CVE-2025-24065: Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.
nvd
CVE-2026-25169P4MEDIUMCVSS 5.5≥ 10.0.22631.0, < 10.0.22631.67832026-03-10
CVE-2026-25169 [MEDIUM] CWE-369 CVE-2026-25169: Divide by zero in Microsoft Graphics Component allows an unauthorized attacker to deny service local Divide by zero in Microsoft Graphics Component allows an unauthorized attacker to deny service locally.
nvd
CVE-2025-32719P4MEDIUMCVSS 5.5≥ 10.0.22631.0, < 10.0.22631.54722025-06-10
CVE-2025-32719 [MEDIUM] CWE-125 CVE-2025-32719: Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.
nvd
CVE-2026-32181P4MEDIUMCVSS 5.5≥ 10.0.22631.0, < 10.0.22631.69362026-04-14
CVE-2026-32181 [MEDIUM] CWE-269 CVE-2026-32181: Improper privilege management in Microsoft Windows allows an authorized attacker to deny service loc Improper privilege management in Microsoft Windows allows an authorized attacker to deny service locally.
nvd
CVE-2026-34339P4MEDIUMCVSS 5.5≥ 10.0.22631.0, < 10.0.22631.7079≥ 10.0.22631.0, < 10.0.22631.72192026-05-12
CVE-2026-34339 [MEDIUM] CWE-476 CVE-2026-34339: Null pointer dereference in Windows LDAP - Lightweight Directory Access Protocol allows an authorize Null pointer dereference in Windows LDAP - Lightweight Directory Access Protocol allows an authorized attacker to deny service locally.
nvd
CVE-2025-21268P4MEDIUMCVSS 4.3≥ 10.0.22631.0, < 10.0.22631.47512025-01-14
CVE-2025-21268 [MEDIUM] CWE-41 CVE-2025-21268: MapUrlToZone Security Feature Bypass Vulnerability MapUrlToZone Security Feature Bypass Vulnerability
nvd
CVE-2026-20834P4MEDIUMCVSS 4.6≥ 10.0.22631.0, < 10.0.22631.64912026-01-13
CVE-2026-20834 [MEDIUM] CWE-36 CVE-2026-20834: Absolute path traversal in Windows Shell allows an unauthorized attacker to perform spoofing with a Absolute path traversal in Windows Shell allows an unauthorized attacker to perform spoofing with a physical attack.
nvd
CVE-2025-55332P4MEDIUMCVSS 4.6≥ 10.0.22631.0, < 10.0.22631.60602025-10-14
CVE-2025-55332 [MEDIUM] CWE-841 CVE-2025-55332: Improper enforcement of behavioral workflow in Windows BitLocker allows an unauthorized attacker to Improper enforcement of behavioral workflow in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack.
nvd
CVE-2025-55330P4MEDIUMCVSS 4.6≥ 10.0.22631.0, < 10.0.22631.60602025-10-14
CVE-2025-55330 [MEDIUM] CWE-841 CVE-2025-55330: Improper enforcement of behavioral workflow in Windows BitLocker allows an unauthorized attacker to Improper enforcement of behavioral workflow in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack.
nvd
CVE-2023-35642P4MEDIUMCVSS 6.5≥ 10.0.22631.0, < 10.0.22631.28612023-12-12
CVE-2023-35642 [MEDIUM] CWE-682 CVE-2023-35642: Internet Connection Sharing (ICS) Denial of Service Vulnerability Internet Connection Sharing (ICS) Denial of Service Vulnerability
nvd
CVE-2025-21321P4MEDIUMCVSS 5.5≥ 10.0.22631.0, < 10.0.22631.47512025-01-14
CVE-2025-21321 [MEDIUM] CWE-532 CVE-2025-21321: Windows Kernel Memory Information Disclosure Vulnerability Windows Kernel Memory Information Disclosure Vulnerability
nvd
CVE-2025-21320P4MEDIUMCVSS 5.5≥ 10.0.22631.0, < 10.0.22631.47512025-01-14
CVE-2025-21320 [MEDIUM] CWE-532 CVE-2025-21320: Windows Kernel Memory Information Disclosure Vulnerability Windows Kernel Memory Information Disclosure Vulnerability
nvd
← Previous72 / 84Next →
Microsoft Windows 11 Version 23H2 vulnerabilities | cvebase