Microsoft Windows 11
By the Year
In 2023 there have been 13 vulnerabilities in Microsoft Windows 11 with an average score of 6.8 out of ten. Last year Windows 11 had 501 security vulnerabilities published. Right now, Windows 11 is on track to have less security vulnerabilities in 2023 than it did last year. Last year, the average CVE base score was greater by 0.62
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2023 | 13 | 6.82 |
| 2022 | 501 | 7.45 |
| 2021 | 88 | 7.37 |
| 2020 | 0 | 0.00 |
| 2019 | 0 | 0.00 |
| 2018 | 0 | 0.00 |
It may take a day or so for new Windows 11 vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Microsoft Windows 11 Security Vulnerabilities
Windows Kernel Information Disclosure Vulnerability
CVE-2023-21776
5.5 - Medium
- January 10, 2023
Windows Kernel Information Disclosure Vulnerability
Windows NTLM Elevation of Privilege Vulnerability
CVE-2023-21746
7.8 - High
- January 10, 2023
Windows NTLM Elevation of Privilege Vulnerability
Windows Backup Service Elevation of Privilege Vulnerability
CVE-2023-21752
7.1 - High
- January 10, 2023
Windows Backup Service Elevation of Privilege Vulnerability
Windows Layer 2 Tunneling Protocol (L2TP) Denial of Service Vulnerability
CVE-2023-21757
7.5 - High
- January 10, 2023
Windows Layer 2 Tunneling Protocol (L2TP) Denial of Service Vulnerability
Windows Internet Key Exchange (IKE) Extension Denial of Service Vulnerability
CVE-2023-21758
7.5 - High
- January 10, 2023
Windows Internet Key Exchange (IKE) Extension Denial of Service Vulnerability
Windows Smart Card Resource Management Server Security Feature Bypass Vulnerability
CVE-2023-21759
3.3 - Low
- January 10, 2023
Windows Smart Card Resource Management Server Security Feature Bypass Vulnerability
Windows Print Spooler Elevation of Privilege Vulnerability
CVE-2023-21760
7.1 - High
- January 10, 2023
Windows Print Spooler Elevation of Privilege Vulnerability
Windows Print Spooler Elevation of Privilege Vulnerability
CVE-2023-21765
7.8 - High
- January 10, 2023
Windows Print Spooler Elevation of Privilege Vulnerability
Windows Error Reporting Service Elevation of Privilege Vulnerability
CVE-2023-21558
7.8 - High
- January 10, 2023
Windows Error Reporting Service Elevation of Privilege Vulnerability
Windows Overlay Filter Information Disclosure Vulnerability
CVE-2023-21766
4.7 - Medium
- January 10, 2023
Windows Overlay Filter Information Disclosure Vulnerability
Race Condition
Windows Overlay Filter Elevation of Privilege Vulnerability
CVE-2023-21767
7.8 - High
- January 10, 2023
Windows Overlay Filter Elevation of Privilege Vulnerability
Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
CVE-2023-21768
7.8 - High
- January 10, 2023
Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
Windows Local Session Manager (LSM) Elevation of Privilege Vulnerability
CVE-2023-21771
7 - High
- January 10, 2023
Windows Local Session Manager (LSM) Elevation of Privilege Vulnerability
Race Condition
Windows Error Reporting Elevation of Privilege Vulnerability
CVE-2022-44669
7 - High
- December 13, 2022
Windows Error Reporting Elevation of Privilege Vulnerability
Race Condition
Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability
CVE-2022-44670
8.1 - High
- December 13, 2022
Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability
TOCTTOU
Windows Hyper-V Denial of Service Vulnerability
CVE-2022-44682
6.8 - Medium
- December 13, 2022
Windows Hyper-V Denial of Service Vulnerability
Windows SmartScreen Security Feature Bypass Vulnerability
CVE-2022-44698
5.4 - Medium
- December 13, 2022
Windows SmartScreen Security Feature Bypass Vulnerability
AuthZ
Windows Kernel Denial of Service Vulnerability
CVE-2022-44707
6.5 - Medium
- December 13, 2022
Windows Kernel Denial of Service Vulnerability
DirectX Graphics Kernel Elevation of Privilege Vulnerability
CVE-2022-44710
7.8 - High
- December 13, 2022
DirectX Graphics Kernel Elevation of Privilege Vulnerability
Improper Privilege Management
Windows Graphics Component Elevation of Privilege Vulnerability
CVE-2022-44671
7.8 - High
- December 13, 2022
Windows Graphics Component Elevation of Privilege Vulnerability
Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability
CVE-2022-44676
8.1 - High
- December 13, 2022
Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability
Race Condition
Windows Projected File System Elevation of Privilege Vulnerability
CVE-2022-44677
7.8 - High
- December 13, 2022
Windows Projected File System Elevation of Privilege Vulnerability
Windows Print Spooler Elevation of Privilege Vulnerability
CVE-2022-44678
7.8 - High
- December 13, 2022
Windows Print Spooler Elevation of Privilege Vulnerability
Windows Graphics Component Information Disclosure Vulnerability
CVE-2022-44679
6.5 - Medium
- December 13, 2022
Windows Graphics Component Information Disclosure Vulnerability
Windows Graphics Component Elevation of Privilege Vulnerability
CVE-2022-44680
7.8 - High
- December 13, 2022
Windows Graphics Component Elevation of Privilege Vulnerability
Windows Print Spooler Elevation of Privilege Vulnerability
CVE-2022-44681
7.8 - High
- December 13, 2022
Windows Print Spooler Elevation of Privilege Vulnerability
Windows Kernel Elevation of Privilege Vulnerability
CVE-2022-44683
7.8 - High
- December 13, 2022
Windows Kernel Elevation of Privilege Vulnerability
Dangling pointer
Windows Subsystem for Linux (WSL2) Kernel Elevation of Privilege Vulnerability.
CVE-2022-44689
7.8 - High
- December 13, 2022
Windows Subsystem for Linux (WSL2) Kernel Elevation of Privilege Vulnerability.
Windows Graphics Component Elevation of Privilege Vulnerability
CVE-2022-44697
7.8 - High
- December 13, 2022
Windows Graphics Component Elevation of Privilege Vulnerability
Windows Graphics Component Information Disclosure Vulnerability
CVE-2022-41074
5.5 - Medium
- December 13, 2022
Windows Graphics Component Information Disclosure Vulnerability
PowerShell Remote Code Execution Vulnerability.
CVE-2022-41076
8.5 - High
- December 13, 2022
PowerShell Remote Code Execution Vulnerability.
Windows Fax Compose Form Elevation of Privilege Vulnerability
CVE-2022-41077
7.8 - High
- December 13, 2022
Windows Fax Compose Form Elevation of Privilege Vulnerability
Windows Hyper-V Elevation of Privilege Vulnerability
CVE-2022-41094
7.8 - High
- December 13, 2022
Windows Hyper-V Elevation of Privilege Vulnerability
Windows Graphics Component Elevation of Privilege Vulnerability
CVE-2022-41121
7.8 - High
- December 13, 2022
Windows Graphics Component Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-44671, CVE-2022-44680, CVE-2022-44697.
Windows Contacts Remote Code Execution Vulnerability
CVE-2022-44666
7.8 - High
- December 13, 2022
Windows Contacts Remote Code Execution Vulnerability
Windows Media Remote Code Execution Vulnerability
CVE-2022-44667
7.8 - High
- December 13, 2022
Windows Media Remote Code Execution Vulnerability
Windows Media Remote Code Execution Vulnerability
CVE-2022-44668
7.8 - High
- December 13, 2022
Windows Media Remote Code Execution Vulnerability
Windows Bluetooth Driver Information Disclosure Vulnerability
CVE-2022-44674
5.5 - Medium
- December 13, 2022
Windows Bluetooth Driver Information Disclosure Vulnerability
Windows Bluetooth Driver Elevation of Privilege Vulnerability
CVE-2022-44675
7.8 - High
- December 13, 2022
Windows Bluetooth Driver Elevation of Privilege Vulnerability
Windows GDI+ Information Disclosure Vulnerability
CVE-2022-41098
5.5 - Medium
- November 09, 2022
Windows GDI+ Information Disclosure Vulnerability
Windows Scripting Languages Remote Code Execution Vulnerability
CVE-2022-41128
8.8 - High
- November 09, 2022
Windows Scripting Languages Remote Code Execution Vulnerability
Windows CNG Key Isolation Service Elevation of Privilege Vulnerability
CVE-2022-41125
7.8 - High
- November 09, 2022
Windows CNG Key Isolation Service Elevation of Privilege Vulnerability
Windows Scripting Languages Remote Code Execution Vulnerability
CVE-2022-41118
7.5 - High
- November 09, 2022
Windows Scripting Languages Remote Code Execution Vulnerability
Race Condition
Windows Group Policy Elevation of Privilege Vulnerability
CVE-2022-41086
6.4 - Medium
- November 09, 2022
Windows Group Policy Elevation of Privilege Vulnerability
Race Condition
Windows Network Address Translation (NAT) Denial of Service Vulnerability
CVE-2022-41058
7.5 - High
- November 09, 2022
Windows Network Address Translation (NAT) Denial of Service Vulnerability
Windows HTTP.sys Elevation of Privilege Vulnerability
CVE-2022-41057
7.8 - High
- November 09, 2022
Windows HTTP.sys Elevation of Privilege Vulnerability
Network Policy Server (NPS) RADIUS Protocol Denial of Service Vulnerability
CVE-2022-41056
7.5 - High
- November 09, 2022
Network Policy Server (NPS) RADIUS Protocol Denial of Service Vulnerability
Windows Human Interface Device Information Disclosure Vulnerability
CVE-2022-41055
5.5 - Medium
- November 09, 2022
Windows Human Interface Device Information Disclosure Vulnerability
Microsoft ODBC Driver Remote Code Execution Vulnerability
CVE-2022-41048
8.8 - High
- November 09, 2022
Microsoft ODBC Driver Remote Code Execution Vulnerability
Microsoft ODBC Driver Remote Code Execution Vulnerability
CVE-2022-41047
8.8 - High
- November 09, 2022
Microsoft ODBC Driver Remote Code Execution Vulnerability
Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability
CVE-2022-41045
7.8 - High
- November 09, 2022
Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability
Race Condition
Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability
CVE-2022-41039
8.1 - High
- November 09, 2022
Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability
Race Condition
Windows Hyper-V Denial of Service Vulnerability
CVE-2022-38015
6.5 - Medium
- November 09, 2022
Windows Hyper-V Denial of Service Vulnerability
Windows Group Policy Elevation of Privilege Vulnerability
CVE-2022-37992
7.8 - High
- November 09, 2022
Windows Group Policy Elevation of Privilege Vulnerability
Windows Bind Filter Driver Elevation of Privilege Vulnerability
CVE-2022-41114
7 - High
- November 09, 2022
Windows Bind Filter Driver Elevation of Privilege Vulnerability
Race Condition
Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability
CVE-2022-41113
7.8 - High
- November 09, 2022
Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability
Windows Win32k Elevation of Privilege Vulnerability
CVE-2022-41109
7.8 - High
- November 09, 2022
Windows Win32k Elevation of Privilege Vulnerability
Windows Overlay Filter Elevation of Privilege Vulnerability
CVE-2022-41102
7.8 - High
- November 09, 2022
Windows Overlay Filter Elevation of Privilege Vulnerability
Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability
CVE-2022-41100
7.8 - High
- November 09, 2022
Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability
Race Condition
BitLocker Security Feature Bypass Vulnerability
CVE-2022-41099
4.6 - Medium
- November 09, 2022
BitLocker Security Feature Bypass Vulnerability
Windows Overlay Filter Elevation of Privilege Vulnerability
CVE-2022-41101
7.8 - High
- November 09, 2022
Windows Overlay Filter Elevation of Privilege Vulnerability
Network Policy Server (NPS) RADIUS Protocol Information Disclosure Vulnerability
CVE-2022-41097
6.5 - Medium
- November 09, 2022
Network Policy Server (NPS) RADIUS Protocol Information Disclosure Vulnerability
Microsoft DWM Core Library Elevation of Privilege Vulnerability
CVE-2022-41096
7.8 - High
- November 09, 2022
Microsoft DWM Core Library Elevation of Privilege Vulnerability
Windows Digital Media Receiver Elevation of Privilege Vulnerability
CVE-2022-41095
7.8 - High
- November 09, 2022
Windows Digital Media Receiver Elevation of Privilege Vulnerability
Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability
CVE-2022-41093
7.8 - High
- November 09, 2022
Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability
Race Condition
Windows Win32k Elevation of Privilege Vulnerability
CVE-2022-41092
7.8 - High
- November 09, 2022
Windows Win32k Elevation of Privilege Vulnerability
Windows Mark of the Web Security Feature Bypass Vulnerability
CVE-2022-41091
5.4 - Medium
- November 09, 2022
Windows Mark of the Web Security Feature Bypass Vulnerability
Windows Point-to-Point Tunneling Protocol Denial of Service Vulnerability
CVE-2022-41090
5.9 - Medium
- November 09, 2022
Windows Point-to-Point Tunneling Protocol Denial of Service Vulnerability
Race Condition
Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability
CVE-2022-41088
8.1 - High
- November 09, 2022
Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability
Race Condition
Windows Print Spooler Elevation of Privilege Vulnerability
CVE-2022-41073
7.8 - High
- November 09, 2022
Windows Print Spooler Elevation of Privilege Vulnerability
Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability
CVE-2022-41054
7.8 - High
- November 09, 2022
Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability
Windows Kerberos Denial of Service Vulnerability
CVE-2022-41053
7.5 - High
- November 09, 2022
Windows Kerberos Denial of Service Vulnerability
Windows Graphics Component Remote Code Execution Vulnerability
CVE-2022-41052
7.8 - High
- November 09, 2022
Windows Graphics Component Remote Code Execution Vulnerability
Windows Extensible File Allocation Table Elevation of Privilege Vulnerability
CVE-2022-41050
7.8 - High
- November 09, 2022
Windows Extensible File Allocation Table Elevation of Privilege Vulnerability
Windows Mark of the Web Security Feature Bypass Vulnerability
CVE-2022-41049
5.4 - Medium
- November 09, 2022
Windows Mark of the Web Security Feature Bypass Vulnerability
Connected User Experiences and Telemetry Elevation of Privilege Vulnerability.
CVE-2022-38021
7 - High
- October 11, 2022
Connected User Experiences and Telemetry Elevation of Privilege Vulnerability.
Race Condition
Windows Kernel Elevation of Privilege Vulnerability
CVE-2022-38022
3.3 - Low
- October 11, 2022
Windows Kernel Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-37988, CVE-2022-37990, CVE-2022-37991, CVE-2022-37995, CVE-2022-38037, CVE-2022-38038, CVE-2022-38039.
Windows Distributed File System (DFS) Information Disclosure Vulnerability.
CVE-2022-38025
5.5 - Medium
- October 11, 2022
Windows Distributed File System (DFS) Information Disclosure Vulnerability.
Windows DHCP Client Information Disclosure Vulnerability.
CVE-2022-38026
5.5 - Medium
- October 11, 2022
Windows DHCP Client Information Disclosure Vulnerability.
Windows Storage Elevation of Privilege Vulnerability.
CVE-2022-38027
7 - High
- October 11, 2022
Windows Storage Elevation of Privilege Vulnerability.
Race Condition
Windows Print Spooler Elevation of Privilege Vulnerability.
CVE-2022-38028
7.8 - High
- October 11, 2022
Windows Print Spooler Elevation of Privilege Vulnerability.
Windows ALPC Elevation of Privilege Vulnerability.
CVE-2022-38029
7 - High
- October 11, 2022
Windows ALPC Elevation of Privilege Vulnerability.
Race Condition
Windows USB Serial Driver Information Disclosure Vulnerability.
CVE-2022-38030
4.3 - Medium
- October 11, 2022
Windows USB Serial Driver Information Disclosure Vulnerability.
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
CVE-2022-38031
8.8 - High
- October 11, 2022
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-37982.
Windows Portable Device Enumerator Service Security Feature Bypass Vulnerability.
CVE-2022-38032
6.6 - Medium
- October 11, 2022
Windows Portable Device Enumerator Service Security Feature Bypass Vulnerability.
Windows Server Remotely Accessible Registry Keys Information Disclosure Vulnerability.
CVE-2022-38033
6.5 - Medium
- October 11, 2022
Windows Server Remotely Accessible Registry Keys Information Disclosure Vulnerability.
Windows Workstation Service Elevation of Privilege Vulnerability.
CVE-2022-38034
8.8 - High
- October 11, 2022
Windows Workstation Service Elevation of Privilege Vulnerability.
Internet Key Exchange (IKE) Protocol Denial of Service Vulnerability.
CVE-2022-38036
7.5 - High
- October 11, 2022
Internet Key Exchange (IKE) Protocol Denial of Service Vulnerability.
Windows Kernel Elevation of Privilege Vulnerability
CVE-2022-38037
7.8 - High
- October 11, 2022
Windows Kernel Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-37988, CVE-2022-37990, CVE-2022-37991, CVE-2022-37995, CVE-2022-38022, CVE-2022-38038, CVE-2022-38039.
Windows Kernel Elevation of Privilege Vulnerability
CVE-2022-38038
7.8 - High
- October 11, 2022
Windows Kernel Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-37988, CVE-2022-37990, CVE-2022-37991, CVE-2022-37995, CVE-2022-38022, CVE-2022-38037, CVE-2022-38039.
Windows Kernel Elevation of Privilege Vulnerability
CVE-2022-38039
7.8 - High
- October 11, 2022
Windows Kernel Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-37988, CVE-2022-37990, CVE-2022-37991, CVE-2022-37995, CVE-2022-38022, CVE-2022-38037, CVE-2022-38038.
Microsoft ODBC Driver Remote Code Execution Vulnerability.
CVE-2022-38040
8.8 - High
- October 11, 2022
Microsoft ODBC Driver Remote Code Execution Vulnerability.
Windows Group Policy Preference Client Elevation of Privilege Vulnerability
CVE-2022-37994
7.8 - High
- October 11, 2022
Windows Group Policy Preference Client Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-37993, CVE-2022-37999.
Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability
CVE-2022-37989
7.8 - High
- October 11, 2022
Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-37987.
Windows Kernel Elevation of Privilege Vulnerability
CVE-2022-37990
7.8 - High
- October 11, 2022
Windows Kernel Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-37988, CVE-2022-37991, CVE-2022-37995, CVE-2022-38022, CVE-2022-38037, CVE-2022-38038, CVE-2022-38039.
Windows Kernel Elevation of Privilege Vulnerability
CVE-2022-37991
7.8 - High
- October 11, 2022
Windows Kernel Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-37988, CVE-2022-37990, CVE-2022-37995, CVE-2022-38022, CVE-2022-38037, CVE-2022-38038, CVE-2022-38039.
Windows Group Policy Preference Client Elevation of Privilege Vulnerability
CVE-2022-37993
7.8 - High
- October 11, 2022
Windows Group Policy Preference Client Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-37994, CVE-2022-37999.
Windows Kernel Memory Information Disclosure Vulnerability.
CVE-2022-37996
5.5 - Medium
- October 11, 2022
Windows Kernel Memory Information Disclosure Vulnerability.
Windows Active Directory Certificate Services Security Feature Bypass.
CVE-2022-37978
7.5 - High
- October 11, 2022
Windows Active Directory Certificate Services Security Feature Bypass.
Windows Kernel Elevation of Privilege Vulnerability
CVE-2022-37988
7.8 - High
- October 11, 2022
Windows Kernel Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-37990, CVE-2022-37991, CVE-2022-37995, CVE-2022-38022, CVE-2022-38037, CVE-2022-38038, CVE-2022-38039.
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Microsoft Windows Server 2022 or by Microsoft? Click the Watch button to subscribe.
