📦 Windows 11 21h2
by Microsoft
🔍 What is Windows 11 21h2?
Description coming soon...
🛡️ Security Overview
Click on a severity to filter vulnerabilities
⚠️ Known Vulnerabilities
This critical vulnerability allows remote attackers to execute arbitrary code on Windows systems running the Line Printer Daemon (LPD) service. Attackers can exploit this without authentication by sen...
This vulnerability allows remote attackers to execute arbitrary code on affected Windows systems by sending specially crafted packets to the Reliable Multicast Transport driver. It affects Windows sys...
This critical vulnerability in Windows TCP/IP stack allows remote attackers to execute arbitrary code without authentication by sending specially crafted packets. It affects Windows systems with TCP/I...
CVE-2024-30080 is a critical remote code execution vulnerability in Microsoft Message Queuing (MSMQ) that allows unauthenticated attackers to execute arbitrary code with SYSTEM privileges by sending s...
This vulnerability allows remote attackers to execute arbitrary code on affected Windows systems by sending specially crafted PGM (Pragmatic General Multicast) protocol packets. It affects Windows sys...
This vulnerability allows remote attackers to execute arbitrary code on systems running Microsoft Message Queuing (MSMQ) by sending specially crafted packets. Attackers can gain SYSTEM privileges with...
This vulnerability allows remote attackers to execute arbitrary code on systems running Microsoft Message Queuing (MSMQ) by sending specially crafted packets. It affects Windows servers and workstatio...
This vulnerability allows remote attackers to execute arbitrary code on Windows systems running Routing and Remote Access Service (RRAS) without authentication. Attackers can exploit improper input va...
This vulnerability allows remote attackers to execute arbitrary code on Windows systems running the Routing and Remote Access Service (RRAS) without authentication. It affects Windows servers and work...
This vulnerability allows remote attackers to execute arbitrary code on systems running Microsoft Message Queuing (MSMQ) by sending specially crafted packets. It affects Windows systems with MSMQ enab...
This vulnerability allows remote attackers to execute arbitrary code on affected Windows systems by sending specially crafted PGM (Pragmatic General Multicast) packets. It affects Windows systems with...
This vulnerability allows remote attackers to execute arbitrary code on affected Windows systems by sending specially crafted PGM (Pragmatic General Multicast) packets. It affects Windows systems with...
CVE-2022-35744 is a critical remote code execution vulnerability in Windows Point-to-Point Protocol (PPP) that allows unauthenticated attackers to execute arbitrary code on affected systems. This affe...
This vulnerability allows remote attackers to execute arbitrary code on affected Windows systems by sending specially crafted PGM (Pragmatic General Multicast) protocol packets. It affects Windows sys...
This vulnerability allows remote attackers to execute arbitrary code on affected Windows systems by sending specially crafted PGM (Pragmatic General Multicast) packets. It affects Windows systems with...
This vulnerability allows remote attackers to execute arbitrary code on systems running Microsoft Message Queuing (MSMQ) by sending specially crafted packets. It affects Windows servers and workstatio...
This critical vulnerability allows remote attackers to execute arbitrary code on affected systems by sending specially crafted ICMP packets. It affects Windows systems with specific network configurat...
CVE-2023-23392 is a critical remote code execution vulnerability in the Windows HTTP Protocol Stack (http.sys) that allows unauthenticated attackers to execute arbitrary code with SYSTEM privileges by...
This is a critical Remote Procedure Call Runtime vulnerability that allows unauthenticated attackers to execute arbitrary code remotely on affected Windows systems. It affects Windows servers and work...
This vulnerability allows remote attackers to execute arbitrary code on systems running Microsoft's Protected Extensible Authentication Protocol (PEAP) without authentication. It affects Windows syste...
This vulnerability in Microsoft OpenSSH for Windows allows remote attackers to execute arbitrary code on affected systems. Attackers could exploit this to gain control of Windows servers running vulne...
This vulnerability allows attackers to bypass security features in the Windows Scripting Engine, potentially executing malicious scripts with elevated privileges. It affects Windows systems with the v...
This vulnerability in Microsoft Speech API (SAPI) allows remote attackers to execute arbitrary code on affected systems by sending specially crafted requests. It affects systems running vulnerable ver...
This vulnerability allows remote attackers to execute arbitrary code on Windows systems running vulnerable Remote Desktop Protocol (RDP) servers. Attackers can exploit this without authentication to g...
This vulnerability allows remote code execution through Microsoft Management Console (MMC). Attackers can exploit it to execute arbitrary code on affected systems, potentially gaining full control. Or...
This vulnerability in Windows Network Address Translation (NAT) allows attackers to cause a denial of service condition by sending specially crafted network packets. It affects Windows systems with NA...
This vulnerability in the Microsoft Windows Storage Port Driver allows an authenticated attacker to execute arbitrary code with SYSTEM privileges. It affects Windows systems where an attacker has loca...
This CVE describes a Windows NT kernel elevation of privilege vulnerability that allows authenticated attackers to gain SYSTEM-level privileges on affected systems. It affects Windows operating system...
This vulnerability in the Windows Graphics Component allows an authenticated attacker to execute arbitrary code with SYSTEM privileges by exploiting a use-after-free condition. It affects Windows syst...
This Windows Storage Elevation of Privilege vulnerability allows authenticated attackers to gain SYSTEM-level privileges on affected systems. It affects Windows operating systems where an attacker wit...
This vulnerability allows attackers to elevate privileges on Windows systems by exploiting the Print Spooler service. Attackers could gain SYSTEM-level access on affected machines. All Windows systems...
This vulnerability allows attackers to execute arbitrary code on systems running vulnerable Remote Desktop Client software by sending specially crafted requests. It affects users of Microsoft Remote D...
This vulnerability allows attackers to gain elevated privileges on Windows systems by exploiting a use-after-free bug in the kernel-mode driver. It affects Windows systems with the vulnerable driver i...
This vulnerability allows an authenticated attacker to execute arbitrary code in Windows Secure Kernel Mode, potentially gaining SYSTEM privileges. It affects Windows systems with Secure Kernel Mode e...
This vulnerability allows remote attackers to execute arbitrary code on Windows systems running the Telephony Server service. Attackers can exploit this heap-based buffer overflow (CWE-122) to gain SY...
This Windows Graphics Component vulnerability allows an authenticated attacker to execute arbitrary code with SYSTEM privileges by exploiting a use-after-free memory corruption flaw. It affects Window...
This vulnerability allows an authenticated attacker to exploit a double-free condition (CWE-415) in Windows Resilient File System (ReFS) to gain SYSTEM privileges. It affects Windows systems using ReF...
This vulnerability in the Windows Common Log File System (CLFS) driver allows attackers to gain SYSTEM privileges by exploiting improper link resolution. It affects Windows systems where an attacker a...
This vulnerability allows attackers to cause a denial of service (DoS) in BranchCache, a Windows feature that caches content from remote servers. Attackers can send specially crafted requests to Branc...
This vulnerability allows attackers to bypass security features in Windows Hyper-V, potentially enabling unauthorized access or privilege escalation within virtualized environments. It affects systems...
This vulnerability in Microsoft's AllJoyn API allows attackers to read sensitive information from memory without proper authorization. It affects systems running vulnerable versions of Windows that ha...
This vulnerability allows remote attackers to execute arbitrary code on affected systems through the Microsoft Management Console (MMC). Attackers could gain SYSTEM privileges on Windows systems runni...
This Windows Graphics Component vulnerability allows an attacker to gain SYSTEM-level privileges on affected systems by exploiting a buffer overflow condition. It affects Windows operating systems wit...
This CVE describes an elevation of privilege vulnerability in the Windows Win32 Kernel Subsystem. An attacker who successfully exploits this vulnerability could gain SYSTEM-level privileges on a vulne...
This CVE describes a Win32k elevation of privilege vulnerability in Windows systems. It allows an authenticated attacker to execute arbitrary code with SYSTEM privileges, potentially taking full contr...
This Windows Storage Elevation of Privilege vulnerability allows an authenticated attacker to gain SYSTEM-level privileges by exploiting a use-after-free condition in Windows Storage components. It af...
This vulnerability allows attackers to gain elevated privileges on Windows systems by exploiting a heap-based buffer overflow in the Kernel Streaming Service Driver. It affects Windows systems where a...
This vulnerability allows attackers to elevate privileges on Windows systems by exploiting a flaw in the Kernel Streaming Service Driver. Attackers with initial access to a system can gain SYSTEM-leve...
This is a Windows kernel driver vulnerability in the Kernel Streaming Service that allows local attackers to escalate privileges from a low-privileged account to SYSTEM level. It affects Windows syste...
This vulnerability allows an authenticated attacker to elevate privileges on Windows systems by exploiting a flaw in the Remote Access Connection Manager service. Attackers could gain SYSTEM-level acc...
This PowerShell vulnerability allows authenticated attackers to execute arbitrary code with elevated privileges on affected systems. It affects Windows systems with PowerShell installed, primarily imp...
This vulnerability allows attackers to bypass Windows Security Zone mapping protections, potentially tricking users into executing malicious content from untrusted locations as if they were from trust...
This vulnerability in the Windows Update Stack allows an authenticated attacker to execute arbitrary code with SYSTEM privileges. It affects Windows systems where an attacker has local access and can ...
This vulnerability in the Windows Cloud Files Mini Filter Driver allows an attacker to gain SYSTEM-level privileges on affected systems. It affects Windows 10, 11, Server 2019, and Server 2022. An att...
This vulnerability allows attackers to gain elevated privileges on Windows systems by exploiting the Print Spooler service. Attackers could execute arbitrary code with SYSTEM privileges. All Windows s...
This vulnerability allows an authenticated attacker to exploit a flaw in a Windows kernel-mode driver to gain SYSTEM-level privileges. It affects Windows systems where an attacker already has local us...
This CVE describes an elevation of privilege vulnerability in the Windows Kernel Streaming Service Driver. It allows authenticated attackers to execute arbitrary code with SYSTEM privileges, affecting...
This vulnerability allows attackers to bypass Windows SmartScreen security checks, potentially enabling them to execute malicious files without proper warnings. It affects Windows systems with SmartSc...
This vulnerability allows an authenticated attacker to execute arbitrary code with SYSTEM privileges by exploiting a flaw in the Windows kernel-mode driver. It affects Windows systems where an attacke...
This vulnerability in the Windows Layer-2 Bridge Network Driver allows an attacker to cause a denial of service (system crash/BSOD) by sending specially crafted network packets. It affects Windows sys...
This CVE describes an access violation vulnerability in the DirectComposition functionality of the win32kbase.sys driver on Windows 11 and Windows Server 2022. An unprivileged user can trigger a denia...
This vulnerability in the Windows Mobile Broadband Driver allows an attacker to cause a denial of service (system crash/BSOD) by sending specially crafted network packets. It affects Windows systems w...
This vulnerability in the Windows Mobile Broadband Driver allows attackers to cause a denial of service (system crash/BSOD) by sending specially crafted requests. It affects Windows systems with mobil...
This vulnerability in the Windows Mobile Broadband Driver allows remote attackers to execute arbitrary code on affected systems. Attackers could exploit this by sending specially crafted packets to vu...
This Windows vulnerability allows attackers to obtain cryptographic information that could help them decrypt protected data or bypass security mechanisms. It affects Windows systems with specific cryp...
This vulnerability in the Windows Mobile Broadband Driver allows attackers to cause a denial of service (system crash) by sending specially crafted requests. It affects Windows systems with mobile bro...
This vulnerability in the Windows Mobile Broadband Driver allows attackers to cause a denial of service (system crash/BSOD) by sending specially crafted requests. It affects Windows systems with mobil...
This vulnerability in the Windows Mobile Broadband Driver allows an attacker to execute arbitrary code remotely on affected systems. Attackers could exploit this to gain control over vulnerable Window...
This Windows kernel vulnerability allows attackers to cause a denial of service (system crash/BSOD) by exploiting a NULL pointer dereference. It affects Windows systems with the vulnerable kernel comp...
This vulnerability in the Windows Mobile Broadband Driver allows attackers to execute arbitrary code remotely on affected systems. It affects Windows devices with mobile broadband hardware/software. A...
This vulnerability allows attackers to bypass security features in Windows Resume Extensible Firmware Interface (Resume EFI) during system resume operations. It affects Windows systems with Resume EFI...
This vulnerability allows attackers to bypass security features in Windows Resume Extensible Firmware Interface (Resume EFI) during system resume operations. It affects Windows systems with Resume EFI...
CVE-2024-38234 is a Windows networking vulnerability that allows attackers to cause denial of service by sending specially crafted network packets to affected systems. This affects Windows servers and...
This vulnerability in the Windows Mobile Broadband Driver allows attackers to execute arbitrary code remotely on affected systems. It affects Windows devices with mobile broadband hardware/software en...
This Windows kernel vulnerability allows attackers to read sensitive kernel memory information, potentially exposing system details or credentials. It affects Windows systems with the vulnerable kerne...
This vulnerability in Microsoft's Local Security Authority (LSA) server allows authenticated attackers to disclose sensitive information from system memory. It affects Windows systems where an attacke...
This vulnerability in Microsoft's Local Security Authority (LSA) Server allows an authenticated attacker to read sensitive information from memory. It affects Windows systems where an attacker has alr...
This vulnerability in the Windows Layer-2 Bridge Network Driver allows an attacker to cause a denial of service (system crash/BSOD) by sending specially crafted network packets. It affects Windows sys...
This vulnerability in Microsoft Windows Codecs Library allows an attacker to read sensitive information from memory that should be inaccessible. It affects Windows systems with the vulnerable codecs l...
CVE-2024-38049 is a remote code execution vulnerability in Windows Distributed Transaction Coordinator (MSDTC) that allows an authenticated attacker to execute arbitrary code with SYSTEM privileges on...
CVE-2024-38041 is a Windows kernel information disclosure vulnerability that allows attackers to read sensitive kernel memory contents. This affects Windows systems where an attacker has local access ...
This vulnerability in the Windows iSCSI service allows attackers to cause a denial of service (DoS) by sending specially crafted packets to affected systems. It affects Windows servers and workstation...
This vulnerability in Windows Remote Access Connection Manager allows an authenticated attacker to read sensitive information from system memory. It affects Windows systems with Remote Access Connecti...
CVE-2024-26184 is a Secure Boot security feature bypass vulnerability that allows attackers to circumvent Secure Boot protections on affected systems. This could enable loading of unauthorized or mali...
This vulnerability in Windows Cryptographic Services allows an attacker to read sensitive information from memory that should be protected. It affects Windows systems where cryptographic operations ar...
This vulnerability allows an authenticated attacker to escalate privileges within Windows Container Manager Service. Attackers could gain SYSTEM-level access on affected Windows systems. Only systems ...
CVE-2024-30066 is a Winlogon elevation of privilege vulnerability in Windows that allows authenticated attackers to gain SYSTEM privileges. This affects Windows systems where an attacker already has l...
This vulnerability in the Windows Common Log File System (CLFS) driver allows an authenticated attacker to gain SYSTEM privileges through a local exploit. It affects Windows systems with the vulnerabl...
CVE-2024-30016 is an information disclosure vulnerability in Windows Cryptographic Services that could allow an attacker to read sensitive information from memory. This affects Windows systems where c...
This vulnerability in the Windows Desktop Window Manager (DWM) Core Library allows an attacker to read sensitive information from memory. It affects Windows systems where an attacker could gain access...