Windows 11 21h2 Security Vulnerabilities and Issues — Page 2 of Windows 11 21h2 CVE List

Summary:As of July 8, 2025 Microsoft has completed mitigations to address this vulnerability. See KB5042562: Guidance for blocking rollback of virtualization-based security related updates and the Recommended Actions section of this CVE for guidance on how to protect your systems from this vulnerab...

6.7CVSS5.8AI score0.00762EPSS

CVE•added 2023/07/11 6:15 p.m.•530 views

CVE-2023-32049

Windows SmartScreen Security Feature Bypass Vulnerability

8.8CVSS9.3AI score0.11689EPSS

In wild

CVE•added 2023/07/11 6:15 p.m.•512 views

CVE-2023-32046

Windows MSHTML Platform Elevation of Privilege Vulnerability

7.8CVSS8.7AI score0.78924EPSS

In wild

CVE•added 2023/03/14 5:15 p.m.•509 views

CVE-2023-23392

HTTP Protocol Stack Remote Code Execution Vulnerability

9.8CVSS9.7AI score0.05566EPSS

CVE•added 2023/09/12 5:15 p.m.•502 views

CVE-2023-38144

Windows Common Log File System Driver Elevation of Privilege Vulnerability

7.8CVSS7.8AI score0.01242EPSS

CVE•added 2023/11/14 6:15 p.m.•500 views

CVE-2023-36025

Windows SmartScreen Security Feature Bypass Vulnerability

8.8CVSS9.5AI score0.90393EPSS

In wild

CVE•added 2023/04/11 9:15 p.m.•490 views

CVE-2023-28229

Windows CNG Key Isolation Service Elevation of Privilege Vulnerability

7CVSS7AI score0.07065EPSS

In wild

CVE•added 2023/11/14 6:15 p.m.•484 views

CVE-2023-36033

Windows DWM Core Library Elevation of Privilege Vulnerability

7.8CVSS8.6AI score0.00197EPSS

In wild

CVE•added 2023/09/12 5:15 p.m.•471 views

CVE-2023-38161

Windows GDI Elevation of Privilege Vulnerability

7.8CVSS7.8AI score0.00071EPSS

CVE•added 2023/09/12 5:15 p.m.•470 views

CVE-2023-38146

Windows Themes Remote Code Execution Vulnerability

8.8CVSS8.8AI score0.84782EPSS

Web

CVE•added 2023/11/14 6:15 p.m.•462 views

CVE-2023-36036

Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability

7.8CVSS8.7AI score0.00997EPSS

In wild

CVE•added 2023/09/12 5:15 p.m.•461 views

CVE-2023-38149

Windows TCP/IP Denial of Service Vulnerability

7.5CVSS7.9AI score0.05411EPSS

CVE•added 2024/03/12 5:15 p.m.•461 views

CVE-2024-26169

Windows Error Reporting Service Elevation of Privilege Vulnerability

7.8CVSS7.9AI score0.28716EPSS

In wild

CVE•added 2024/09/10 5:15 p.m.•461 views

CVE-2024-38014

Windows Installer Elevation of Privilege Vulnerability

7.8CVSS8.7AI score0.0957EPSS

In wild

CVE•added 2023/09/15 4:15 a.m.•457 views

CVE-2023-38039

When curl retrieves an HTTP response, it stores the incoming headers so thatthey can be accessed later via the libcurl headers API. However, curl did not have a limit in how many or how large headers it wouldaccept in a response, allowing a malicious server to stream an endless seriesof headers and...

7.5CVSS7.5AI score0.17815EPSS

CVE•added 2024/08/08 2:15 a.m.•456 views

CVE-2024-38202

SummaryMicrosoft was notified that an elevation of privilege vulnerability exists in Windows Update, potentially enabling an attacker with basic user privileges to reintroduce previously mitigated vulnerabilities or circumvent some features of Virtualization Based Security (VBS). However, an attack...

7.3CVSS8.2AI score0.04136EPSS

CVE•added 2024/10/08 6:15 p.m.•456 views

CVE-2024-43573

Windows MSHTML Platform Spoofing Vulnerability

8.1CVSS7.4AI score0.08507EPSS

In wild

CVE•added 2023/09/12 5:15 p.m.•454 views

CVE-2023-36804

Windows GDI Elevation of Privilege Vulnerability

7.8CVSS7.7AI score0.00071EPSS

CVE•added 2023/09/12 5:15 p.m.•451 views

CVE-2023-38143

Windows Common Log File System Driver Elevation of Privilege Vulnerability

7.8CVSS7.8AI score0.01242EPSS

CVE•added 2023/09/12 5:15 p.m.•447 views

CVE-2023-38141

Windows Kernel Elevation of Privilege Vulnerability

7.8CVSS7.8AI score0.00315EPSS

CVE•added 2023/09/12 5:15 p.m.•442 views

CVE-2023-38140

Windows Kernel Information Disclosure Vulnerability

5.5CVSS6.5AI score0.00361EPSS

CVE•added 2023/10/10 6:15 p.m.•440 views

CVE-2023-35349

Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability

9.8CVSS9.6AI score0.01159EPSS

CVE•added 2023/09/12 5:15 p.m.•440 views

CVE-2023-38139

Windows Kernel Elevation of Privilege Vulnerability

7.8CVSS7.8AI score0.00584EPSS

CVE•added 2023/06/14 12:15 a.m.•436 views

CVE-2023-29360

Microsoft Streaming Service Elevation of Privilege Vulnerability

8.4CVSS9.1AI score0.18195EPSS

In wild

CVE•added 2023/09/12 5:15 p.m.•429 views

CVE-2023-38150

Windows Kernel Elevation of Privilege Vulnerability

7.8CVSS7.7AI score0.00535EPSS

CVE•added 2024/02/13 6:15 p.m.•425 views

CVE-2024-21351

Windows SmartScreen Security Feature Bypass Vulnerability

7.6CVSS8.5AI score0.06234EPSS

In wild

CVE•added 2023/10/10 6:15 p.m.•422 views

CVE-2023-36577

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability

8.8CVSS9.5AI score0.00191EPSS

CVE•added 2023/10/10 6:15 p.m.•419 views

CVE-2023-36435

Microsoft QUIC Denial of Service Vulnerability

7.5CVSS7.4AI score0.01201EPSS

CVE•added 2024/06/11 5:15 p.m.•418 views

CVE-2024-30088

Windows Kernel Elevation of Privilege Vulnerability

7CVSS6.9AI score0.87206EPSS

In wild

CVE•added 2024/05/14 5:17 p.m.•413 views

CVE-2024-30051

Windows DWM Core Library Elevation of Privilege Vulnerability

7.8CVSS6.4AI score0.50935EPSS

In wild

CVE•added 2024/03/12 5:15 p.m.•412 views

CVE-2024-21429

Windows USB Hub Driver Remote Code Execution Vulnerability

6.8CVSS7.2AI score0.00233EPSS

CVE•added 2024/02/13 6:15 p.m.•409 views

CVE-2024-21340

Windows Kernel Information Disclosure Vulnerability

4.6CVSS5.3AI score0.00131EPSS

CVE•added 2023/10/10 6:15 p.m.•405 views

CVE-2023-38159

Windows Graphics Component Elevation of Privilege Vulnerability

7CVSS8.1AI score0.01021EPSS

CVE•added 2023/10/10 6:15 p.m.•400 views

CVE-2023-36722

Active Directory Domain Services Information Disclosure Vulnerability

4.4CVSS6.5AI score0.00068EPSS

CVE•added 2023/10/10 6:15 p.m.•398 views

CVE-2023-36702

Microsoft DirectMusic Remote Code Execution Vulnerability

7.8CVSS8.8AI score0.00273EPSS

CVE•added 2023/10/10 6:15 p.m.•397 views

CVE-2023-36589

Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability

7.3CVSS8.4AI score0.00423EPSS

CVE•added 2023/10/10 6:15 p.m.•397 views

CVE-2023-36602

Windows TCP/IP Denial of Service Vulnerability

7.5CVSS8.4AI score0.03748EPSS

CVE•added 2023/10/10 6:15 p.m.•397 views

CVE-2023-36711

Windows Runtime C++ Template Library Elevation of Privilege Vulnerability

7.8CVSS8.6AI score0.00108EPSS

CVE•added 2023/10/10 6:15 p.m.•395 views

CVE-2023-36567

Windows Deployment Services Information Disclosure Vulnerability

7.5CVSS8.2AI score0.05289EPSS

CVE•added 2023/10/10 6:15 p.m.•395 views

CVE-2023-41767

Layer 2 Tunneling Protocol Remote Code Execution Vulnerability

8.1CVSS9AI score0.00218EPSS

CVE•added 2023/08/08 6:15 p.m.•394 views

CVE-2023-20569

A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. This may result in speculative execution at an attacker-controlled address, potentially leading to information disclosure.

4.7CVSS6.6AI score0.00633EPSS

CVE•added 2023/10/10 6:15 p.m.•392 views

CVE-2023-36436

Windows MSHTML Platform Remote Code Execution Vulnerability

7.8CVSS8.8AI score0.00298EPSS

CVE•added 2023/10/10 6:15 p.m.•392 views

CVE-2023-36596

Remote Procedure Call Information Disclosure Vulnerability

7.5CVSS8.3AI score0.00303EPSS

CVE•added 2023/10/10 6:15 p.m.•389 views

CVE-2023-36571

Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability