Windows 11 22h2 Security Vulnerabilities and Issues — Page 3 of Windows 11 22h2 CVE List

Lucene search

MicrosoftWindows 11 22h2

396 matches found

CVE•added 2025/02/11 6:15 p.m.•92 views

CVE-2025-21373

Windows Installer Elevation of Privilege Vulnerability

7.8CVSS8.1AI score0.00141EPSS

CVE•added 2025/04/08 6:15 p.m.•92 views

CVE-2025-26635

Weak authentication in Windows Hello allows an authorized attacker to bypass a security feature over a network.

6.5CVSS7.4AI score0.0008EPSS

CVE•added 2025/04/08 6:15 p.m.•92 views

CVE-2025-27478

Heap-based buffer overflow in Windows Local Security Authority (LSA) allows an authorized attacker to elevate privileges locally.

7CVSS7.6AI score0.00046EPSS

CVE•added 2025/04/08 6:16 p.m.•92 views

CVE-2025-27727

Improper link resolution before file access ('link following') in Windows Installer allows an authorized attacker to elevate privileges locally.

7.8CVSS7.1AI score0.00221EPSS

CVE•added 2025/01/14 6:15 p.m.•91 views

CVE-2025-21261

Windows Digital Media Elevation of Privilege Vulnerability

6.6CVSS6.5AI score0.00132EPSS

CVE•added 2025/01/14 6:15 p.m.•91 views

CVE-2025-21285

Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability

7.5CVSS7.4AI score0.03034EPSS

CVE•added 2025/02/11 6:15 p.m.•91 views

CVE-2025-21375

Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability

7.8CVSS8.1AI score0.00149EPSS

CVE•added 2025/01/14 6:16 p.m.•91 views

CVE-2025-21409

Windows Telephony Service Remote Code Execution Vulnerability

8.8CVSS9AI score0.02401EPSS

CVE•added 2025/02/11 6:15 p.m.•90 views

CVE-2025-21200

Windows Telephony Service Remote Code Execution Vulnerability

8.8CVSS8.8AI score0.00381EPSS

CVE•added 2025/03/11 5:16 p.m.•90 views

CVE-2025-24061

Protection mechanism failure in Windows Mark of the Web (MOTW) allows an unauthorized attacker to bypass a security feature locally.

7.8CVSS7.5AI score0.00148EPSS

CVE•added 2025/04/08 6:15 p.m.•90 views

CVE-2025-26648

Sensitive data storage in improperly locked memory in Windows Kernel allows an authorized attacker to elevate privileges locally.

7.8CVSS7.1AI score0.00051EPSS

CVE•added 2025/01/14 6:15 p.m.•89 views

CVE-2025-21280

Windows Virtual Trusted Platform Module Denial of Service Vulnerability

5.5CVSS5.5AI score0.00182EPSS

CVE•added 2025/04/08 6:15 p.m.•89 views

CVE-2025-27475

Sensitive data storage in improperly locked memory in Windows Update Stack allows an authorized attacker to elevate privileges locally.

7CVSS7.1AI score0.00036EPSS

CVE•added 2025/03/11 5:16 p.m.•88 views

CVE-2025-21180

Heap-based buffer overflow in Windows exFAT File System allows an unauthorized attacker to execute code locally.

7.8CVSS8AI score0.00149EPSS

CVE•added 2025/01/14 6:15 p.m.•88 views

CVE-2025-21219

MapUrlToZone Security Feature Bypass Vulnerability

4.3CVSS4.6AI score0.00142EPSS

CVE•added 2025/01/14 6:15 p.m.•88 views

CVE-2025-21229

Windows Digital Media Elevation of Privilege Vulnerability

6.6CVSS6.5AI score0.00133EPSS

CVE•added 2025/01/14 6:15 p.m.•88 views

CVE-2025-21232

Windows Digital Media Elevation of Privilege Vulnerability

6.6CVSS6.5AI score0.00133EPSS

CVE•added 2025/04/08 6:16 p.m.•88 views

CVE-2025-29809

Insecure storage of sensitive information in Windows Kerberos allows an authorized attacker to bypass a security feature locally.

7.1CVSS6.8AI score0.00259EPSS

CVE•added 2025/01/14 6:15 p.m.•87 views

CVE-2025-21328

MapUrlToZone Security Feature Bypass Vulnerability

4.3CVSS4.6AI score0.00096EPSS

CVE•added 2025/02/11 6:15 p.m.•87 views

CVE-2025-21358

Windows Core Messaging Elevation of Privileges Vulnerability

7.8CVSS8AI score0.00159EPSS

CVE•added 2025/02/11 6:15 p.m.•87 views

CVE-2025-21406

Windows Telephony Service Remote Code Execution Vulnerability

8.8CVSS8.8AI score0.00381EPSS

CVE•added 2025/02/11 6:15 p.m.•87 views

CVE-2025-21407

Windows Telephony Service Remote Code Execution Vulnerability

8.8CVSS8.8AI score0.00381EPSS

CVE•added 2025/04/08 6:15 p.m.•87 views

CVE-2025-24060

Improper input validation in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.

7.8CVSS7.1AI score0.001EPSS

CVE•added 2025/03/11 5:16 p.m.•87 views

CVE-2025-24084

Untrusted pointer dereference in Windows Subsystem for Linux allows an unauthorized attacker to execute code locally.

8.4CVSS7.3AI score0.00267EPSS

CVE•added 2025/04/08 6:15 p.m.•87 views

CVE-2025-27490

Heap-based buffer overflow in Windows Bluetooth Service allows an authorized attacker to elevate privileges locally.

7.8CVSS7.6AI score0.00066EPSS

CVE•added 2025/06/10 5:22 p.m.•87 views

CVE-2025-32720

Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.

5.5CVSS5.2AI score0.00071EPSS

CVE•added 2025/03/11 5:16 p.m.•86 views

CVE-2025-24055

Out-of-bounds read in Windows USB Video Driver allows an authorized attacker to disclose information with a physical attack.

4.3CVSS4.1AI score0.00083EPSS

CVE•added 2025/03/11 5:16 p.m.•86 views

CVE-2025-24066

Heap-based buffer overflow in Windows Kernel-Mode Drivers allows an authorized attacker to elevate privileges locally.

7.8CVSS7.9AI score0.0009EPSS

CVE•added 2025/04/08 6:15 p.m.•86 views

CVE-2025-26668

Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.

7.5CVSS8.1AI score0.0006EPSS

CVE•added 2025/04/08 6:16 p.m.•86 views

CVE-2025-27730

Use after free in Windows Digital Media allows an authorized attacker to elevate privileges locally.

7.8CVSS7.5AI score0.00066EPSS

CVE•added 2025/02/11 6:15 p.m.•85 views

CVE-2025-21216

Internet Connection Sharing (ICS) Denial of Service Vulnerability

6.5CVSS7.3AI score0.00134EPSS

CVE•added 2025/04/08 6:15 p.m.•85 views

CVE-2025-21221

Heap-based buffer overflow in Windows Telephony Service allows an unauthorized attacker to execute code over a network.

8.8CVSS8AI score0.00083EPSS

CVE•added 2025/03/11 5:16 p.m.•85 views

CVE-2025-21247

Improper resolution of path equivalence in Windows MapUrlToZone allows an unauthorized attacker to bypass a security feature over a network.

4.3CVSS4.7AI score0.00167EPSS

CVE•added 2025/01/14 6:15 p.m.•85 views

CVE-2025-21292

Windows Search Service Elevation of Privilege Vulnerability

8.8CVSS8.8AI score0.00126EPSS

CVE•added 2025/01/14 6:15 p.m.•85 views

CVE-2025-21319

Windows Kernel Memory Information Disclosure Vulnerability

5.5CVSS5.3AI score0.00092EPSS

CVE•added 2025/01/14 6:16 p.m.•85 views

CVE-2025-21370

Windows Virtualization-Based Security (VBS) Enclave Elevation of Privilege Vulnerability

8.8CVSS7.7AI score0.00236EPSS

CVE•added 2025/03/11 5:16 p.m.•85 views

CVE-2025-24992

Buffer over-read in Windows NTFS allows an unauthorized attacker to disclose information locally.

5.5CVSS6.5AI score0.00104EPSS

CVE•added 2025/04/08 6:15 p.m.•85 views

CVE-2025-26672

Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network.

6.5CVSS6.8AI score0.00074EPSS

CVE•added 2025/04/08 6:15 p.m.•85 views

CVE-2025-27471

Sensitive data storage in improperly locked memory in Microsoft Streaming Service allows an unauthorized attacker to deny service over a network.

5.9CVSS6.9AI score0.00056EPSS

CVE•added 2025/04/08 6:15 p.m.•85 views

CVE-2025-27473

Uncontrolled resource consumption in Windows HTTP.sys allows an unauthorized attacker to deny service over a network.

7.5CVSS7AI score0.12218EPSS

CVE•added 2025/04/08 6:16 p.m.•85 views

CVE-2025-27732

Sensitive data storage in improperly locked memory in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally.

7CVSS7.1AI score0.00036EPSS

CVE•added 2025/04/08 6:16 p.m.•85 views

CVE-2025-27739

Untrusted pointer dereference in Windows Kernel allows an authorized attacker to elevate privileges locally.

7.8CVSS7.1AI score0.00066EPSS

CVE•added 2025/04/08 6:16 p.m.•85 views

CVE-2025-29812

Untrusted pointer dereference in Windows Kernel Memory allows an authorized attacker to elevate privileges locally.

7.8CVSS7.1AI score0.0012EPSS

CVE•added 2025/01/14 6:15 p.m.•84 views

CVE-2025-21233

Windows Telephony Service Remote Code Execution Vulnerability

8.8CVSS9AI score0.00461EPSS

CVE•added 2025/01/14 6:15 p.m.•84 views

CVE-2025-21316

Windows Kernel Memory Information Disclosure Vulnerability

5.5CVSS5.3AI score0.00158EPSS

CVE•added 2025/01/14 6:15 p.m.•84 views

CVE-2025-21338

GDI+ Remote Code Execution Vulnerability

7.8CVSS7.9AI score0.00266EPSS

CVE•added 2025/02/11 6:15 p.m.•84 views

CVE-2025-21371

Windows Telephony Service Remote Code Execution Vulnerability

8.8CVSS8.8AI score0.00675EPSS

CVE•added 2025/04/08 6:15 p.m.•83 views

CVE-2025-24062

Improper input validation in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.

7.8CVSS7.1AI score0.001EPSS

CVE•added 2025/03/11 5:16 p.m.•83 views

CVE-2025-24988

Out-of-bounds read in Windows USB Video Driver allows an authorized attacker to elevate privileges with a physical attack.

6.8CVSS6.2AI score0.00118EPSS

CVE•added 2025/04/08 6:15 p.m.•83 views

CVE-2025-26640

Use after free in Windows Digital Media allows an authorized attacker to elevate privileges locally.

7CVSS7.5AI score0.00046EPSS

Total number of security vulnerabilities396