Filtered by vendor Microsoft
Subscriptions
Filtered by product Windows 11
Subscriptions
Total
646 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-21852 | 1 Microsoft | 4 Windows 10, Windows 11, Windows Server and 1 more | 2025-01-02 | 7.8 High |
| Windows DWM Core Library Elevation of Privilege Vulnerability | ||||
| CVE-2023-21776 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2025-01-01 | 5.5 Medium |
| Windows Kernel Information Disclosure Vulnerability | ||||
| CVE-2023-21768 | 1 Microsoft | 2 Windows 11, Windows Server 2022 | 2025-01-01 | 7.8 High |
| Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability | ||||
| CVE-2023-21767 | 1 Microsoft | 8 Windows 10, Windows 11, Windows 8.1 and 5 more | 2025-01-01 | 7.8 High |
| Windows Overlay Filter Elevation of Privilege Vulnerability | ||||
| CVE-2023-21766 | 1 Microsoft | 5 Windows 10, Windows 11, Windows Server 2016 and 2 more | 2025-01-01 | 4.7 Medium |
| Windows Overlay Filter Information Disclosure Vulnerability | ||||
| CVE-2023-21765 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2025-01-01 | 7.8 High |
| Windows Print Spooler Elevation of Privilege Vulnerability | ||||
| CVE-2023-21760 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2025-01-01 | 7.1 High |
| Windows Print Spooler Elevation of Privilege Vulnerability | ||||
| CVE-2023-21759 | 1 Microsoft | 3 Windows 10, Windows 11, Windows Server 2022 | 2025-01-01 | 3.3 Low |
| Windows Smart Card Resource Management Server Security Feature Bypass Vulnerability | ||||
| CVE-2023-21758 | 1 Microsoft | 5 Windows 10, Windows 11, Windows Server 2016 and 2 more | 2025-01-01 | 7.5 High |
| Windows Internet Key Exchange (IKE) Extension Denial of Service Vulnerability | ||||
| CVE-2023-21757 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2025-01-01 | 7.5 High |
| Windows Layer 2 Tunneling Protocol (L2TP) Denial of Service Vulnerability | ||||
| CVE-2023-21752 | 1 Microsoft | 3 Windows 10, Windows 11, Windows 7 | 2025-01-01 | 7.1 High |
| Windows Backup Service Elevation of Privilege Vulnerability | ||||
| CVE-2023-21746 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2025-01-01 | 7.8 High |
| Windows NTLM Elevation of Privilege Vulnerability | ||||
| CVE-2023-21558 | 1 Microsoft | 8 Windows 10, Windows 11, Windows 8.1 and 5 more | 2025-01-01 | 7.8 High |
| Windows Error Reporting Service Elevation of Privilege Vulnerability | ||||
| CVE-2022-40732 | 1 Microsoft | 2 Windows 11, Windows Server 2022 | 2024-12-20 | 5 Medium |
| An access violation vulnerability exists in the DirectComposition functionality win32kbase.sys driver version 10.0.22000.593 as part of Windows 11 version 22000.593 and version 10.0.20348.643 as part of Windows Server 2022 version 20348.643. A specially-crafted set of syscalls can lead to a reboot. An unprivileged user can run specially-crafted code to trigger Denial Of Service. | ||||
| CVE-2024-6769 | 1 Microsoft | 5 Windows 10, Windows 11, Windows Server 2016 and 2 more | 2024-11-21 | 6.7 Medium |
| A DLL Hijacking caused by drive remapping combined with a poisoning of the activation cache in Microsoft Windows 10, Windows 11, Windows Server 2016, Windows Server 2019, and Windows Server 2022 allows a malicious authenticated attacker to elevate from a medium integrity process to a high integrity process without the intervention of a UAC prompt. | ||||
| CVE-2023-44216 | 8 Amd, Apple, Canonical and 5 more | 17 Ryzen 5 7600x, Ryzen 7 4800u, M1 Mac Mini and 14 more | 2024-11-21 | 5.3 Medium |
| PVRIC (PowerVR Image Compression) on Imagination 2018 and later GPU devices offers software-transparent compression that enables cross-origin pixel-stealing attacks against feTurbulence and feBlend in the SVG Filter specification, aka a GPU.zip issue. For example, attackers can sometimes accurately determine text contained on a web page from one origin if they control a resource from a different origin. | ||||
| CVE-2023-20564 | 2 Amd, Microsoft | 5 Ryzen, Ryzen Master, Ryzen Master Monitoring Sdk and 2 more | 2024-11-21 | 6.7 Medium |
| Insufficient validation in the IOCTL (Input Output Control) input buffer in AMD Ryzen™ Master may permit a privileged attacker to perform memory reads/writes potentially leading to a loss of confidentiality or arbitrary kernel execution. | ||||
| CVE-2023-20560 | 2 Amd, Microsoft | 4 Ryzen Master, Ryzen Master Monitoring Sdk, Windows 10 and 1 more | 2024-11-21 | 4.4 Medium |
| Insufficient validation of the IOCTL (Input Output Control) input buffer in AMD Ryzen™ Master may allow a privileged attacker to provide a null value potentially resulting in a Windows crash leading to denial of service. | ||||
| CVE-2022-34303 | 3 Eurosoft-uk, Microsoft, Redhat | 10 Uefi Bootloader, Windows 10, Windows 11 and 7 more | 2024-11-21 | 6.7 Medium |
| A flaw was found in Eurosoft bootloaders before 2022-06-01. An attacker may use this bootloader to bypass or tamper with Secure Boot protections. In order to load and execute arbitrary code in the pre-boot stage, an attacker simply needs to replace the existing signed bootloader currently in use with this bootloader. Access to the EFI System Partition is required for booting using external media. | ||||
| CVE-2022-34302 | 3 Horizondatasys, Microsoft, Redhat | 10 Uefi Bootloader, Windows 10, Windows 11 and 7 more | 2024-11-21 | 6.7 Medium |
| A flaw was found in New Horizon Datasys bootloaders before 2022-06-01. An attacker may use this bootloader to bypass or tamper with Secure Boot protections. In order to load and execute arbitrary code in the pre-boot stage, an attacker simply needs to replace the existing signed bootloader currently in use with this bootloader. Access to the EFI System Partition is required for booting using external media. | ||||