Windows 11 24h2 Security Vulnerabilities and Issues — Windows 11 24h2 CVE List

Lucene search

MicrosoftWindows 11 24h2

675 matches found

CVE•added 2013/12/11 12:55 a.m.•3094 views

CVE-2013-3900

Why is Microsoft republishing a CVE from 2013?We are republishing CVE-2013-3900 in the Security Update Guide to update the Security Updates table and to inform customers that the EnableCertPaddingCheck is available in all currently supported versions of Windows 10 and Windows 11. While the format i...

8.8CVSS7.4AI score0.70928EPSS

CVE•added 2025/01/14 6:15 p.m.•940 views

CVE-2025-21333

Windows Hyper-V NT Kernel Integration VSP Elevation of Privilege Vulnerability

7.8CVSS7.7AI score0.61397EPSS

CVE•added 2024/08/13 6:15 p.m.•923 views

CVE-2024-38063

Windows TCP/IP Remote Code Execution Vulnerability

9.8CVSS9.8AI score0.88095EPSS

CVE•added 2025/01/14 6:15 p.m.•862 views

CVE-2025-21298

Windows OLE Remote Code Execution Vulnerability

9.8CVSS9.8AI score0.70558EPSS

CVE•added 2024/10/08 6:15 p.m.•638 views

CVE-2024-43572

Microsoft Management Console Remote Code Execution Vulnerability

7.8CVSS8.6AI score0.55754EPSS

CVE•added 2023/05/09 6:15 p.m.•618 views

CVE-2023-24932

Secure Boot Security Feature Bypass Vulnerability

6.7CVSS6.9AI score0.00708EPSS

CVE•added 2025/04/08 6:16 p.m.•571 views

CVE-2025-29824

Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally.

7.8CVSS7.5AI score0.03006EPSS

CVE•added 2024/08/08 2:15 a.m.•531 views

CVE-2024-21302

Summary:As of July 8, 2025 Microsoft has completed mitigations to address this vulnerability. See KB5042562: Guidance for blocking rollback of virtualization-based security related updates and the Recommended Actions section of this CVE for guidance on how to protect your systems from this vulnerab...

6.7CVSS5.8AI score0.00598EPSS

CVE•added 2024/11/12 6:15 p.m.•492 views

CVE-2024-38203

Windows Package Library Manager Information Disclosure Vulnerability

6.2CVSS5.8AI score0.00165EPSS

CVE•added 2024/12/12 2:4 a.m.•459 views

CVE-2024-49138

Windows Common Log File System Driver Elevation of Privilege Vulnerability

7.8CVSS7.5AI score0.83797EPSS

CVE•added 2024/09/10 5:15 p.m.•452 views

CVE-2024-38014

Windows Installer Elevation of Privilege Vulnerability

7.8CVSS8.7AI score0.10523EPSS

CVE•added 2024/10/08 6:15 p.m.•447 views

CVE-2024-43573

Windows MSHTML Platform Spoofing Vulnerability

8.1CVSS7.4AI score0.08507EPSS

CVE•added 2025/02/11 6:15 p.m.•442 views

CVE-2025-21391

Windows Storage Elevation of Privilege Vulnerability

7.1CVSS7.7AI score0.04061EPSS

CVE•added 2024/11/12 6:15 p.m.•384 views

CVE-2024-49039

Windows Task Scheduler Elevation of Privilege Vulnerability

8.8CVSS8.6AI score0.37414EPSS

CVE•added 2025/05/13 5:15 p.m.•363 views

CVE-2025-29974

Integer underflow (wrap or wraparound) in Windows Kernel allows an unauthorized attacker to disclose information over an adjacent network.

5.7CVSS5.6AI score0.00087EPSS

CVE•added 2025/03/11 5:16 p.m.•352 views

CVE-2025-24071

Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an unauthorized attacker to perform spoofing over a network.

6.5CVSS7.3AI score0.51253EPSS

CVE•added 2025/02/11 6:15 p.m.•350 views

CVE-2025-21337

Windows NTFS Elevation of Privilege Vulnerability

3.3CVSS6AI score0.00083EPSS

CVE•added 2024/10/08 6:15 p.m.•339 views

CVE-2024-43583

Winlogon Elevation of Privilege Vulnerability

7.8CVSS8.4AI score0.08214EPSS

CVE•added 2024/11/12 6:15 p.m.•337 views

CVE-2024-43451

NTLM Hash Disclosure Spoofing Vulnerability

6.5CVSS6.5AI score0.89638EPSS

CVE•added 2024/10/08 6:15 p.m.•335 views

CVE-2024-30092

Windows Hyper-V Remote Code Execution Vulnerability

8CVSS8.3AI score0.00441EPSS

CVE•added 2025/02/11 6:15 p.m.•329 views

CVE-2025-21420

Windows Disk Cleanup Tool Elevation of Privilege Vulnerability

7.8CVSS8.1AI score0.31526EPSS

CVE•added 2024/12/12 2:4 a.m.•319 views

CVE-2024-49112

Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability

9.8CVSS9.7AI score0.87124EPSS

CVE•added 2025/01/14 6:15 p.m.•318 views

CVE-2025-21189

MapUrlToZone Security Feature Bypass Vulnerability

4.3CVSS4.6AI score0.00174EPSS

CVE•added 2024/09/10 5:15 p.m.•317 views

CVE-2024-43461

Windows MSHTML Platform Spoofing Vulnerability

8.8CVSS9.3AI score0.05914EPSS

CVE•added 2025/06/10 5:22 p.m.•301 views

CVE-2025-33065

Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.

5.5CVSS5.2AI score0.00048EPSS

CVE•added 2025/02/11 6:15 p.m.•298 views

CVE-2025-21418

Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

7.8CVSS8.2AI score0.11464EPSS

CVE•added 2025/06/10 5:22 p.m.•298 views

CVE-2025-33052

Use of uninitialized resource in Windows DWM Core Library allows an authorized attacker to disclose information locally.

5.5CVSS5.3AI score0.00124EPSS

CVE•added 2025/03/11 5:16 p.m.•296 views

CVE-2025-26633

Improper neutralization in Microsoft Management Console allows an unauthorized attacker to bypass a security feature locally.

7CVSS6.8AI score0.06122EPSS

CVE•added 2025/06/10 5:22 p.m.•292 views

CVE-2025-33053

External control of file name or path in Internet Shortcut Files allows an unauthorized attacker to execute code over a network.

8.8CVSS8.8AI score0.25355EPSS

CVE•added 2025/01/14 6:15 p.m.•286 views

CVE-2025-21335

Windows Hyper-V NT Kernel Integration VSP Elevation of Privilege Vulnerability

7.8CVSS7.7AI score0.05766EPSS

CVE•added 2025/01/14 6:15 p.m.•285 views

CVE-2025-21334

Windows Hyper-V NT Kernel Integration VSP Elevation of Privilege Vulnerability

7.8CVSS7.7AI score0.04579EPSS

CVE•added 2024/10/08 6:15 p.m.•275 views

CVE-2024-43584

Windows Scripting Engine Security Feature Bypass Vulnerability

8.4CVSS7.8AI score0.00371EPSS

CVE•added 2024/08/13 6:15 p.m.•270 views

CVE-2024-38193

Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

7.8CVSS7.7AI score0.70132EPSS

CVE•added 2024/09/10 5:15 p.m.•267 views

CVE-2024-21416

Windows TCP/IP Remote Code Execution Vulnerability

9.8CVSS9AI score0.05048EPSS

CVE•added 2024/08/13 6:15 p.m.•263 views

CVE-2024-38178

Scripting Engine Memory Corruption Vulnerability

7.5CVSS7.4AI score0.1704EPSS

CVE•added 2025/03/11 5:16 p.m.•258 views

CVE-2025-24054

External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing over a network.

6.5CVSS6.5AI score0.29691EPSS

CVE•added 2024/08/13 6:15 p.m.•249 views

CVE-2024-38118

Microsoft Local Security Authority (LSA) Server Information Disclosure Vulnerability

5.5CVSS5.2AI score0.00458EPSS

CVE•added 2024/09/10 5:15 p.m.•246 views

CVE-2024-38217

Windows Mark of the Web Security Feature Bypass Vulnerability

5.4CVSS7.3AI score0.14086EPSS

CVE•added 2025/03/11 5:16 p.m.•246 views

CVE-2025-24985

Integer overflow or wraparound in Windows Fast FAT Driver allows an unauthorized attacker to execute code locally.

7.8CVSS7.8AI score0.01081EPSS

CVE•added 2024/08/13 6:15 p.m.•245 views

CVE-2024-38106

Windows Kernel Elevation of Privilege Vulnerability

7CVSS6.9AI score0.00367EPSS

CVE•added 2024/10/08 6:15 p.m.•240 views

CVE-2024-37976

Windows Resume Extensible Firmware Interface Security Feature Bypass Vulnerability

6.7CVSS7.3AI score0.0035EPSS

CVE•added 2025/03/11 5:16 p.m.•236 views

CVE-2025-24993

Heap-based buffer overflow in Windows NTFS allows an unauthorized attacker to execute code locally.

7.8CVSS8AI score0.03615EPSS

CVE•added 2024/08/13 6:15 p.m.•234 views

CVE-2024-38107

Windows Power Dependency Coordinator Elevation of Privilege Vulnerability

7.8CVSS7.7AI score0.03662EPSS

CVE•added 2025/02/11 6:15 p.m.•234 views

CVE-2025-21181

Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability

7.5CVSS7.8AI score0.07722EPSS

CVE•added 2025/03/11 5:16 p.m.•232 views

CVE-2025-24984

Insertion of sensitive information into log file in Windows NTFS allows an unauthorized attacker to disclose information with a physical attack.

4.6CVSS6.1AI score0.22265EPSS

CVE•added 2025/03/11 5:16 p.m.•232 views

CVE-2025-24991

Out-of-bounds read in Windows NTFS allows an authorized attacker to disclose information locally.

5.5CVSS6.5AI score0.03771EPSS

CVE•added 2025/06/10 5:23 p.m.•228 views

CVE-2025-33073

Improper access control in Windows SMB allows an authorized attacker to elevate privileges over a network.

8.8CVSS8.7AI score0.00341EPSS

CVE•added 2024/12/12 2:4 a.m.•226 views

CVE-2024-49113

Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability

7.5CVSS7.5AI score0.87357EPSS

CVE•added 2024/08/13 6:15 p.m.•225 views

CVE-2024-38155

Security Center Broker Information Disclosure Vulnerability

5.5CVSS5.3AI score0.00213EPSS

CVE•added 2024/10/08 6:15 p.m.•224 views

CVE-2024-20659

Windows Hyper-V Security Feature Bypass Vulnerability

7.1CVSS7.7AI score0.00816EPSS

Total number of security vulnerabilities675