Microsoft Windows 11
By the Year
In 2024 there have been 336 vulnerabilities in Microsoft Windows 11 with an average score of 7.4 out of ten. Last year Windows 11 had 539 security vulnerabilities published. Right now, Windows 11 is on track to have less security vulnerabilities in 2024 than it did last year. Last year, the average CVE base score was greater by 0.16
Year | Vulnerabilities | Average Score |
---|---|---|
2024 | 336 | 7.38 |
2023 | 539 | 7.53 |
2022 | 501 | 7.44 |
2021 | 89 | 7.22 |
2020 | 0 | 0.00 |
2019 | 1 | 8.00 |
2018 | 0 | 0.00 |
It may take a day or so for new Windows 11 vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Microsoft Windows 11 Security Vulnerabilities
Windows Resilient File System (ReFS) Information Disclosure Vulnerability
CVE-2024-43500
5.5 - Medium
- October 08, 2024
Windows Resilient File System (ReFS) Information Disclosure Vulnerability
Buffer Over-read
Windows Common Log File System Driver Elevation of Privilege Vulnerability
CVE-2024-43501
7.8 - High
- October 08, 2024
Windows Common Log File System Driver Elevation of Privilege Vulnerability
insecure temporary file
BranchCache Denial of Service Vulnerability
CVE-2024-43506
7.5 - High
- October 08, 2024
BranchCache Denial of Service Vulnerability
Resource Exhaustion
Windows Graphics Component Information Disclosure Vulnerability
CVE-2024-43508
5.5 - Medium
- October 08, 2024
Windows Graphics Component Information Disclosure Vulnerability
Windows Graphics Component Elevation of Privilege Vulnerability
CVE-2024-43509
7.8 - High
- October 08, 2024
Windows Graphics Component Elevation of Privilege Vulnerability
Dangling pointer
Windows Kernel Elevation of Privilege Vulnerability
CVE-2024-43511
7 - High
- October 08, 2024
Windows Kernel Elevation of Privilege Vulnerability
TOCTTOU
BitLocker Security Feature Bypass Vulnerability
CVE-2024-43513
6.4 - Medium
- October 08, 2024
BitLocker Security Feature Bypass Vulnerability
Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability
CVE-2024-43514
7.8 - High
- October 08, 2024
Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability
Double-free
Internet Small Computer Systems Interface (iSCSI) Denial of Service Vulnerability
CVE-2024-43515
7.5 - High
- October 08, 2024
Internet Small Computer Systems Interface (iSCSI) Denial of Service Vulnerability
Resource Exhaustion
Windows Secure Kernel Mode Elevation of Privilege Vulnerability
CVE-2024-43516
7.8 - High
- October 08, 2024
Windows Secure Kernel Mode Elevation of Privilege Vulnerability
Untrusted Pointer Dereference
Microsoft ActiveX Data Objects Remote Code Execution Vulnerability
CVE-2024-43517
8.8 - High
- October 08, 2024
Microsoft ActiveX Data Objects Remote Code Execution Vulnerability
Heap-based Buffer Overflow
Windows Telephony Server Remote Code Execution Vulnerability
CVE-2024-43518
8.8 - High
- October 08, 2024
Windows Telephony Server Remote Code Execution Vulnerability
Heap-based Buffer Overflow
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
CVE-2024-43519
8.8 - High
- October 08, 2024
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
Numeric Truncation Error
Windows Kernel Denial of Service Vulnerability
CVE-2024-43520
5 - Medium
- October 08, 2024
Windows Kernel Denial of Service Vulnerability
NULL Pointer Dereference
Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability
CVE-2024-43522
7 - High
- October 08, 2024
Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability
Heap-based Buffer Overflow
Windows Mobile Broadband Driver Remote Code Execution Vulnerability
CVE-2024-43523
6.8 - Medium
- October 08, 2024
Windows Mobile Broadband Driver Remote Code Execution Vulnerability
Improper Input Validation
Windows Mobile Broadband Driver Remote Code Execution Vulnerability
CVE-2024-43524
6.8 - Medium
- October 08, 2024
Windows Mobile Broadband Driver Remote Code Execution Vulnerability
Range Error
Windows Mobile Broadband Driver Remote Code Execution Vulnerability
CVE-2024-43525
6.8 - Medium
- October 08, 2024
Windows Mobile Broadband Driver Remote Code Execution Vulnerability
Improper Input Validation
Windows Mobile Broadband Driver Remote Code Execution Vulnerability
CVE-2024-43526
6.8 - Medium
- October 08, 2024
Windows Mobile Broadband Driver Remote Code Execution Vulnerability
Improper Input Validation
Windows Mobile Broadband Driver Denial of Service Vulnerability
CVE-2024-43538
6.5 - Medium
- October 08, 2024
Windows Mobile Broadband Driver Denial of Service Vulnerability
Improper Input Validation
Windows Mobile Broadband Driver Denial of Service Vulnerability
CVE-2024-43540
6.5 - Medium
- October 08, 2024
Windows Mobile Broadband Driver Denial of Service Vulnerability
Improper Input Validation
Windows Cryptographic Information Disclosure Vulnerability
CVE-2024-43546
5.6 - Medium
- October 08, 2024
Windows Cryptographic Information Disclosure Vulnerability
Side Channel Attack
Windows Kerberos Information Disclosure Vulnerability
CVE-2024-43547
5.9 - Medium
- October 08, 2024
Windows Kerberos Information Disclosure Vulnerability
Missing Cryptographic Step
Windows Secure Channel Spoofing Vulnerability
CVE-2024-43550
7.4 - High
- October 08, 2024
Windows Secure Channel Spoofing Vulnerability
Improper Certificate Validation
Windows Storage Elevation of Privilege Vulnerability
CVE-2024-43551
7.8 - High
- October 08, 2024
Windows Storage Elevation of Privilege Vulnerability
insecure temporary file
Windows Shell Remote Code Execution Vulnerability
CVE-2024-43552
7.3 - High
- October 08, 2024
Windows Shell Remote Code Execution Vulnerability
Dangling pointer
NT OS Kernel Elevation of Privilege Vulnerability
CVE-2024-43553
7 - High
- October 08, 2024
NT OS Kernel Elevation of Privilege Vulnerability
Untrusted Pointer Dereference
Windows Kernel-Mode Driver Information Disclosure Vulnerability
CVE-2024-43554
5.5 - Medium
- October 08, 2024
Windows Kernel-Mode Driver Information Disclosure Vulnerability
Windows Mobile Broadband Driver Denial of Service Vulnerability
CVE-2024-43555
6.5 - Medium
- October 08, 2024
Windows Mobile Broadband Driver Denial of Service Vulnerability
Windows Graphics Component Elevation of Privilege Vulnerability
CVE-2024-43556
7.8 - High
- October 08, 2024
Windows Graphics Component Elevation of Privilege Vulnerability
Dangling pointer
Microsoft Windows Storage Port Driver Elevation of Privilege Vulnerability
CVE-2024-43560
7.8 - High
- October 08, 2024
Microsoft Windows Storage Port Driver Elevation of Privilege Vulnerability
Heap-based Buffer Overflow
Windows Mobile Broadband Driver Denial of Service Vulnerability
CVE-2024-43561
6.5 - Medium
- October 08, 2024
Windows Mobile Broadband Driver Denial of Service Vulnerability
Improper Input Validation
Windows Network Address Translation (NAT) Denial of Service Vulnerability
CVE-2024-43562
7.5 - High
- October 08, 2024
Windows Network Address Translation (NAT) Denial of Service Vulnerability
Out-of-bounds Read
Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
CVE-2024-43563
7.8 - High
- October 08, 2024
Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
Sensitive Data Storage in Improperly Locked Memory
Windows Network Address Translation (NAT) Denial of Service Vulnerability
CVE-2024-43565
7.5 - High
- October 08, 2024
Windows Network Address Translation (NAT) Denial of Service Vulnerability
Out-of-bounds Read
Microsoft Speech Application Programming Interface (SAPI) Remote Code Execution Vulnerability
CVE-2024-43574
8.3 - High
- October 08, 2024
Microsoft Speech Application Programming Interface (SAPI) Remote Code Execution Vulnerability
Dangling pointer
Remote Desktop Client Remote Code Execution Vulnerability
CVE-2024-43599
8.8 - High
- October 08, 2024
Remote Desktop Client Remote Code Execution Vulnerability
Dangling pointer
Windows Mobile Broadband Driver Denial of Service Vulnerability
CVE-2024-43542
6.5 - Medium
- October 08, 2024
Windows Mobile Broadband Driver Denial of Service Vulnerability
Improper Input Validation
Windows Mobile Broadband Driver Remote Code Execution Vulnerability
CVE-2024-43543
6.8 - Medium
- October 08, 2024
Windows Mobile Broadband Driver Remote Code Execution Vulnerability
Open Redirect
Windows Mobile Broadband Driver Denial of Service Vulnerability
CVE-2024-43557
6.5 - Medium
- October 08, 2024
Windows Mobile Broadband Driver Denial of Service Vulnerability
Improper Input Validation
Windows Mobile Broadband Driver Denial of Service Vulnerability
CVE-2024-43558
6.5 - Medium
- October 08, 2024
Windows Mobile Broadband Driver Denial of Service Vulnerability
Improper Input Validation
Windows Mobile Broadband Driver Denial of Service Vulnerability
CVE-2024-43559
6.5 - Medium
- October 08, 2024
Windows Mobile Broadband Driver Denial of Service Vulnerability
NULL Pointer Dereference
Windows Secure Kernel Mode Elevation of Privilege Vulnerability
CVE-2024-43528
7.8 - High
- October 08, 2024
Windows Secure Kernel Mode Elevation of Privilege Vulnerability
Heap-based Buffer Overflow
Windows Print Spooler Elevation of Privilege Vulnerability
CVE-2024-43529
7.3 - High
- October 08, 2024
Windows Print Spooler Elevation of Privilege Vulnerability
Untrusted Pointer Dereference
Remote Registry Service Elevation of Privilege Vulnerability
CVE-2024-43532
8.8 - High
- October 08, 2024
Remote Registry Service Elevation of Privilege Vulnerability
Failing Open
Remote Desktop Client Remote Code Execution Vulnerability
CVE-2024-43533
8.8 - High
- October 08, 2024
Remote Desktop Client Remote Code Execution Vulnerability
Dangling pointer
Windows Graphics Component Information Disclosure Vulnerability
CVE-2024-43534
6.5 - Medium
- October 08, 2024
Windows Graphics Component Information Disclosure Vulnerability
Out-of-bounds Read
Windows Kernel-Mode Driver Elevation of Privilege Vulnerability
CVE-2024-43535
7 - High
- October 08, 2024
Windows Kernel-Mode Driver Elevation of Privilege Vulnerability
Dangling pointer
Windows Mobile Broadband Driver Remote Code Execution Vulnerability
CVE-2024-43536
6.8 - Medium
- October 08, 2024
Windows Mobile Broadband Driver Remote Code Execution Vulnerability
Windows Mobile Broadband Driver Denial of Service Vulnerability
CVE-2024-43537
6.5 - Medium
- October 08, 2024
Windows Mobile Broadband Driver Denial of Service Vulnerability
Out-of-bounds Read
Windows Kernel Elevation of Privilege Vulnerability
CVE-2024-43570
7 - High
- October 08, 2024
Windows Kernel Elevation of Privilege Vulnerability
Dangling pointer
Microsoft OpenSSH for Windows Remote Code Execution Vulnerability
CVE-2024-43581
7.1 - High
- October 08, 2024
Microsoft OpenSSH for Windows Remote Code Execution Vulnerability
External Control of File Name or Path
Remote Desktop Protocol Server Remote Code Execution Vulnerability
CVE-2024-43582
8.1 - High
- October 08, 2024
Remote Desktop Protocol Server Remote Code Execution Vulnerability
Dangling pointer
Winlogon Elevation of Privilege Vulnerability
CVE-2024-43583
7.8 - High
- October 08, 2024
Winlogon Elevation of Privilege Vulnerability
Execution with Unnecessary Privileges
Windows Scripting Engine Security Feature Bypass Vulnerability
CVE-2024-43584
8.4 - High
- October 08, 2024
Windows Scripting Engine Security Feature Bypass Vulnerability
Code Integrity Guard Security Feature Bypass Vulnerability
CVE-2024-43585
5.5 - Medium
- October 08, 2024
Code Integrity Guard Security Feature Bypass Vulnerability
Protection Mechanism Failure
Windows Resume Extensible Firmware Interface Security Feature Bypass Vulnerability
CVE-2024-37976
6.7 - Medium
- October 08, 2024
Windows Resume Extensible Firmware Interface Security Feature Bypass Vulnerability
Integer Overflow or Wraparound
Windows Resume Extensible Firmware Interface Security Feature Bypass Vulnerability
CVE-2024-37982
7.8 - High
- October 08, 2024
Windows Resume Extensible Firmware Interface Security Feature Bypass Vulnerability
Untrusted Pointer Dereference
Windows Resume Extensible Firmware Interface Security Feature Bypass Vulnerability
CVE-2024-37983
6.7 - Medium
- October 08, 2024
Windows Resume Extensible Firmware Interface Security Feature Bypass Vulnerability
Untrusted Pointer Dereference
Microsoft Management Console Remote Code Execution Vulnerability
CVE-2024-43572
7.8 - High
- October 08, 2024
Microsoft Management Console Remote Code Execution Vulnerability
Improper Neutralization
Windows MSHTML Platform Spoofing Vulnerability
CVE-2024-43573
8.1 - High
- October 08, 2024
Windows MSHTML Platform Spoofing Vulnerability
XSS
Windows Kernel Information Disclosure Vulnerability
CVE-2024-37985
5.6 - Medium
- September 17, 2024
Windows Kernel Information Disclosure Vulnerability
Processor Optimization Removal or Modification of Security-critical Code
Windows Authentication Information Disclosure Vulnerability
CVE-2024-38254
6.2 - Medium
- September 10, 2024
Windows Authentication Information Disclosure Vulnerability
Use of Uninitialized Resource
Windows Mark of the Web Security Feature Bypass Vulnerability
CVE-2024-38217
5.4 - Medium
- September 10, 2024
Windows Mark of the Web Security Feature Bypass Vulnerability
Protection Mechanism Failure
Windows Installer Elevation of Privilege Vulnerability
CVE-2024-38014
7.8 - High
- September 10, 2024
Windows Installer Elevation of Privilege Vulnerability
Improper Privilege Management
Microsoft Management Console Remote Code Execution Vulnerability
CVE-2024-38259
8.8 - High
- September 10, 2024
Microsoft Management Console Remote Code Execution Vulnerability
Dangling pointer
Microsoft AllJoyn API Information Disclosure Vulnerability
CVE-2024-38257
7.5 - High
- September 10, 2024
Microsoft AllJoyn API Information Disclosure Vulnerability
Use of Uninitialized Resource
Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability
CVE-2024-38253
7.8 - High
- September 10, 2024
Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability
Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability
CVE-2024-38252
7.8 - High
- September 10, 2024
Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability
Dangling pointer
Windows MSHTML Platform Spoofing Vulnerability
CVE-2024-43461
8.8 - High
- September 10, 2024
Windows MSHTML Platform Spoofing Vulnerability
User Interface (UI) Misrepresentation of Critical Information
Windows Graphics Component Elevation of Privilege Vulnerability
CVE-2024-38250
7.8 - High
- September 10, 2024
Windows Graphics Component Elevation of Privilege Vulnerability
Buffer Over-read
Windows Graphics Component Elevation of Privilege Vulnerability
CVE-2024-38249
7.8 - High
- September 10, 2024
Windows Graphics Component Elevation of Privilege Vulnerability
Dangling pointer
Windows Storage Elevation of Privilege Vulnerability
CVE-2024-38248
7 - High
- September 10, 2024
Windows Storage Elevation of Privilege Vulnerability
Dangling pointer
Windows Graphics Component Elevation of Privilege Vulnerability
CVE-2024-38247
7.8 - High
- September 10, 2024
Windows Graphics Component Elevation of Privilege Vulnerability
Double-free
Win32k Elevation of Privilege Vulnerability
CVE-2024-38246
7 - High
- September 10, 2024
Win32k Elevation of Privilege Vulnerability
Stack Overflow
Kernel Streaming Service Driver Elevation of Privilege Vulnerability
CVE-2024-38245
7.8 - High
- September 10, 2024
Kernel Streaming Service Driver Elevation of Privilege Vulnerability
Kernel Streaming Service Driver Elevation of Privilege Vulnerability
CVE-2024-38244
7.8 - High
- September 10, 2024
Kernel Streaming Service Driver Elevation of Privilege Vulnerability
Improper Input Validation
Kernel Streaming Service Driver Elevation of Privilege Vulnerability
CVE-2024-38243
7.8 - High
- September 10, 2024
Kernel Streaming Service Driver Elevation of Privilege Vulnerability
Improper Input Validation
Kernel Streaming Service Driver Elevation of Privilege Vulnerability
CVE-2024-38242
7.8 - High
- September 10, 2024
Kernel Streaming Service Driver Elevation of Privilege Vulnerability
Heap-based Buffer Overflow
Windows Remote Access Connection Manager Elevation of Privilege Vulnerability
CVE-2024-38240
9.8 - Critical
- September 10, 2024
Windows Remote Access Connection Manager Elevation of Privilege Vulnerability
Out-of-bounds Read
Kernel Streaming Service Driver Elevation of Privilege Vulnerability
CVE-2024-38241
7.8 - High
- September 10, 2024
Kernel Streaming Service Driver Elevation of Privilege Vulnerability
Improper Input Validation
Windows Security Zone Mapping Security Feature Bypass Vulnerability
CVE-2024-30073
7.8 - High
- September 10, 2024
Windows Security Zone Mapping Security Feature Bypass Vulnerability
Improper Resolution of Path Equivalence
Windows TCP/IP Remote Code Execution Vulnerability
CVE-2024-21416
9.8 - Critical
- September 10, 2024
Windows TCP/IP Remote Code Execution Vulnerability
Heap-based Buffer Overflow
Windows TCP/IP Remote Code Execution Vulnerability
CVE-2024-38045
8.1 - High
- September 10, 2024
Windows TCP/IP Remote Code Execution Vulnerability
Heap-based Buffer Overflow
PowerShell Elevation of Privilege Vulnerability
CVE-2024-38046
7.8 - High
- September 10, 2024
PowerShell Elevation of Privilege Vulnerability
Windows libarchive Remote Code Execution Vulnerability
CVE-2024-43495
7.3 - High
- September 10, 2024
Windows libarchive Remote Code Execution Vulnerability
Integer Overflow or Wraparound
Windows Networking Denial of Service Vulnerability
CVE-2024-38234
6.5 - Medium
- September 10, 2024
Windows Networking Denial of Service Vulnerability
Improper Input Validation
Windows Hyper-V Denial of Service Vulnerability
CVE-2024-38235
6.5 - Medium
- September 10, 2024
Windows Hyper-V Denial of Service Vulnerability
Dangling pointer
Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability
CVE-2024-38237
7.8 - High
- September 10, 2024
Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability
Heap-based Buffer Overflow
Kernel Streaming Service Driver Elevation of Privilege Vulnerability
CVE-2024-38238
7.8 - High
- September 10, 2024
Kernel Streaming Service Driver Elevation of Privilege Vulnerability
Heap-based Buffer Overflow
Windows Network Address Translation (NAT) Remote Code Execution Vulnerability
CVE-2024-38119
7.5 - High
- September 10, 2024
Windows Network Address Translation (NAT) Remote Code Execution Vulnerability
Dangling pointer
Windows Kerberos Elevation of Privilege Vulnerability
CVE-2024-38239
7.2 - High
- September 10, 2024
Windows Kerberos Elevation of Privilege Vulnerability
1390
Kernel Streaming Service Driver Elevation of Privilege Vulnerability
CVE-2024-38191
7.8 - High
- August 13, 2024
Kernel Streaming Service Driver Elevation of Privilege Vulnerability
Race Condition
Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability
CVE-2024-38135
7.8 - High
- August 13, 2024
Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability
Buffer Over-read
Windows Resource Manager PSM Service Extension Elevation of Privilege Vulnerability
CVE-2024-38137
7 - High
- August 13, 2024
Windows Resource Manager PSM Service Extension Elevation of Privilege Vulnerability
Race Condition
Windows Resource Manager PSM Service Extension Elevation of Privilege Vulnerability
CVE-2024-38136
7 - High
- August 13, 2024
Windows Resource Manager PSM Service Extension Elevation of Privilege Vulnerability
Race Condition
NTFS Elevation of Privilege Vulnerability
CVE-2024-38117
7.8 - High
- August 13, 2024
NTFS Elevation of Privilege Vulnerability
Out-of-bounds Read
Windows Network Address Translation (NAT) Denial of Service Vulnerability
CVE-2024-38132
7.5 - High
- August 13, 2024
Windows Network Address Translation (NAT) Denial of Service Vulnerability
Out-of-bounds Read
Clipboard Virtual Channel Extension Remote Code Execution Vulnerability
CVE-2024-38131
8.8 - High
- August 13, 2024
Clipboard Virtual Channel Extension Remote Code Execution Vulnerability
Sensitive Data Storage in Improperly Locked Memory
Microsoft Local Security Authority (LSA) Server Information Disclosure Vulnerability
CVE-2024-38118
5.5 - Medium
- August 13, 2024
Microsoft Local Security Authority (LSA) Server Information Disclosure Vulnerability
Use of Uninitialized Resource
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Microsoft Windows 11 24h2 or by Microsoft? Click the Watch button to subscribe.