Microsoft Windows 11
By the Year
In 2023 there have been 13 vulnerabilities in Microsoft Windows 11 with an average score of 6.8 out of ten. Last year Windows 11 had 501 security vulnerabilities published. Right now, Windows 11 is on track to have less security vulnerabilities in 2023 than it did last year. Last year, the average CVE base score was greater by 0.63
Year | Vulnerabilities | Average Score |
---|---|---|
2023 | 13 | 6.82 |
2022 | 501 | 7.45 |
2021 | 88 | 7.37 |
2020 | 0 | 0.00 |
2019 | 0 | 0.00 |
2018 | 0 | 0.00 |
It may take a day or so for new Windows 11 vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Microsoft Windows 11 Security Vulnerabilities
Windows Kernel Information Disclosure Vulnerability.
CVE-2023-21776
5.5 - Medium
- January 10, 2023
Windows Kernel Information Disclosure Vulnerability.
Windows NTLM Elevation of Privilege Vulnerability.
CVE-2023-21746
7.8 - High
- January 10, 2023
Windows NTLM Elevation of Privilege Vulnerability.
Windows Backup Service Elevation of Privilege Vulnerability.
CVE-2023-21752
7.1 - High
- January 10, 2023
Windows Backup Service Elevation of Privilege Vulnerability.
Windows Layer 2 Tunneling Protocol (L2TP) Denial of Service Vulnerability.
CVE-2023-21757
7.5 - High
- January 10, 2023
Windows Layer 2 Tunneling Protocol (L2TP) Denial of Service Vulnerability.
Windows Internet Key Exchange (IKE) Extension Denial of Service Vulnerability
CVE-2023-21758
7.5 - High
- January 10, 2023
Windows Internet Key Exchange (IKE) Extension Denial of Service Vulnerability. This CVE ID is unique from CVE-2023-21677, CVE-2023-21683.
Windows Smart Card Resource Management Server Security Feature Bypass Vulnerability.
CVE-2023-21759
3.3 - Low
- January 10, 2023
Windows Smart Card Resource Management Server Security Feature Bypass Vulnerability.
Windows Print Spooler Elevation of Privilege Vulnerability
CVE-2023-21760
7.1 - High
- January 10, 2023
Windows Print Spooler Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2023-21678, CVE-2023-21765.
Windows Print Spooler Elevation of Privilege Vulnerability
CVE-2023-21765
7.8 - High
- January 10, 2023
Windows Print Spooler Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2023-21678, CVE-2023-21760.
Windows Error Reporting Service Elevation of Privilege Vulnerability.
CVE-2023-21558
7.8 - High
- January 10, 2023
Windows Error Reporting Service Elevation of Privilege Vulnerability.
Windows Overlay Filter Information Disclosure Vulnerability.
CVE-2023-21766
4.7 - Medium
- January 10, 2023
Windows Overlay Filter Information Disclosure Vulnerability.
Race Condition
Windows Overlay Filter Elevation of Privilege Vulnerability.
CVE-2023-21767
7.8 - High
- January 10, 2023
Windows Overlay Filter Elevation of Privilege Vulnerability.
Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability.
CVE-2023-21768
7.8 - High
- January 10, 2023
Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability.
Windows Local Session Manager (LSM) Elevation of Privilege Vulnerability.
CVE-2023-21771
7 - High
- January 10, 2023
Windows Local Session Manager (LSM) Elevation of Privilege Vulnerability.
Race Condition
Windows Error Reporting Elevation of Privilege Vulnerability.
CVE-2022-44669
7 - High
- December 13, 2022
Windows Error Reporting Elevation of Privilege Vulnerability.
Race Condition
Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability
CVE-2022-44670
8.1 - High
- December 13, 2022
Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-44676.
TOCTTOU
Windows Hyper-V Denial of Service Vulnerability.
CVE-2022-44682
6.8 - Medium
- December 13, 2022
Windows Hyper-V Denial of Service Vulnerability.
Windows SmartScreen Security Feature Bypass Vulnerability.
CVE-2022-44698
5.4 - Medium
- December 13, 2022
Windows SmartScreen Security Feature Bypass Vulnerability.
AuthZ
Windows Kernel Denial of Service Vulnerability.
CVE-2022-44707
6.5 - Medium
- December 13, 2022
Windows Kernel Denial of Service Vulnerability.
DirectX Graphics Kernel Elevation of Privilege Vulnerability.
CVE-2022-44710
7.8 - High
- December 13, 2022
DirectX Graphics Kernel Elevation of Privilege Vulnerability.
Improper Privilege Management
Windows Graphics Component Elevation of Privilege Vulnerability
CVE-2022-44671
7.8 - High
- December 13, 2022
Windows Graphics Component Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-41121, CVE-2022-44680, CVE-2022-44697.
Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability
CVE-2022-44676
8.1 - High
- December 13, 2022
Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-44670.
Race Condition
Windows Projected File System Elevation of Privilege Vulnerability.
CVE-2022-44677
7.8 - High
- December 13, 2022
Windows Projected File System Elevation of Privilege Vulnerability.
Windows Print Spooler Elevation of Privilege Vulnerability
CVE-2022-44678
7.8 - High
- December 13, 2022
Windows Print Spooler Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-44681.
Windows Graphics Component Information Disclosure Vulnerability
CVE-2022-44679
6.5 - Medium
- December 13, 2022
Windows Graphics Component Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-41074.
Windows Graphics Component Elevation of Privilege Vulnerability
CVE-2022-44680
7.8 - High
- December 13, 2022
Windows Graphics Component Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-41121, CVE-2022-44671, CVE-2022-44697.
Windows Print Spooler Elevation of Privilege Vulnerability
CVE-2022-44681
7.8 - High
- December 13, 2022
Windows Print Spooler Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-44678.
Windows Kernel Elevation of Privilege Vulnerability.
CVE-2022-44683
7.8 - High
- December 13, 2022
Windows Kernel Elevation of Privilege Vulnerability.
Dangling pointer
Windows Subsystem for Linux (WSL2) Kernel Elevation of Privilege Vulnerability.
CVE-2022-44689
7.8 - High
- December 13, 2022
Windows Subsystem for Linux (WSL2) Kernel Elevation of Privilege Vulnerability.
Windows Graphics Component Elevation of Privilege Vulnerability
CVE-2022-44697
7.8 - High
- December 13, 2022
Windows Graphics Component Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-41121, CVE-2022-44671, CVE-2022-44680.
Windows Graphics Component Information Disclosure Vulnerability
CVE-2022-41074
5.5 - Medium
- December 13, 2022
Windows Graphics Component Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-44679.
PowerShell Remote Code Execution Vulnerability.
CVE-2022-41076
8.5 - High
- December 13, 2022
PowerShell Remote Code Execution Vulnerability.
Windows Fax Compose Form Elevation of Privilege Vulnerability.
CVE-2022-41077
7.8 - High
- December 13, 2022
Windows Fax Compose Form Elevation of Privilege Vulnerability.
Windows Hyper-V Elevation of Privilege Vulnerability.
CVE-2022-41094
7.8 - High
- December 13, 2022
Windows Hyper-V Elevation of Privilege Vulnerability.
Windows Graphics Component Elevation of Privilege Vulnerability
CVE-2022-41121
7.8 - High
- December 13, 2022
Windows Graphics Component Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-44671, CVE-2022-44680, CVE-2022-44697.
Windows Contacts Remote Code Execution Vulnerability.
CVE-2022-44666
7.8 - High
- December 13, 2022
Windows Contacts Remote Code Execution Vulnerability.
Windows Media Remote Code Execution Vulnerability
CVE-2022-44667
7.8 - High
- December 13, 2022
Windows Media Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-44668.
Windows Media Remote Code Execution Vulnerability
CVE-2022-44668
7.8 - High
- December 13, 2022
Windows Media Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-44667.
Windows Bluetooth Driver Information Disclosure Vulnerability.
CVE-2022-44674
5.5 - Medium
- December 13, 2022
Windows Bluetooth Driver Information Disclosure Vulnerability.
Windows Bluetooth Driver Elevation of Privilege Vulnerability.
CVE-2022-44675
7.8 - High
- December 13, 2022
Windows Bluetooth Driver Elevation of Privilege Vulnerability.
Windows GDI+ Information Disclosure Vulnerability.
CVE-2022-41098
6.5 - Medium
- November 09, 2022
Windows GDI+ Information Disclosure Vulnerability.
Windows Scripting Languages Remote Code Execution Vulnerability
CVE-2022-41128
8.8 - High
- November 09, 2022
Windows Scripting Languages Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-41118.
Windows CNG Key Isolation Service Elevation of Privilege Vulnerability.
CVE-2022-41125
7.8 - High
- November 09, 2022
Windows CNG Key Isolation Service Elevation of Privilege Vulnerability.
Windows Scripting Languages Remote Code Execution Vulnerability
CVE-2022-41118
7.5 - High
- November 09, 2022
Windows Scripting Languages Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-41128.
Race Condition
Windows Group Policy Elevation of Privilege Vulnerability
CVE-2022-41086
6.4 - Medium
- November 09, 2022
Windows Group Policy Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-37992.
Race Condition
Windows Network Address Translation (NAT) Denial of Service Vulnerability.
CVE-2022-41058
7.5 - High
- November 09, 2022
Windows Network Address Translation (NAT) Denial of Service Vulnerability.
Windows HTTP.sys Elevation of Privilege Vulnerability.
CVE-2022-41057
7.8 - High
- November 09, 2022
Windows HTTP.sys Elevation of Privilege Vulnerability.
Network Policy Server (NPS) RADIUS Protocol Denial of Service Vulnerability.
CVE-2022-41056
7.5 - High
- November 09, 2022
Network Policy Server (NPS) RADIUS Protocol Denial of Service Vulnerability.
Windows Human Interface Device Information Disclosure Vulnerability.
CVE-2022-41055
5.5 - Medium
- November 09, 2022
Windows Human Interface Device Information Disclosure Vulnerability.
Microsoft ODBC Driver Remote Code Execution Vulnerability
CVE-2022-41048
8.8 - High
- November 09, 2022
Microsoft ODBC Driver Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-41047.
Microsoft ODBC Driver Remote Code Execution Vulnerability
CVE-2022-41047
8.8 - High
- November 09, 2022
Microsoft ODBC Driver Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-41048.
Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability
CVE-2022-41045
7.8 - High
- November 09, 2022
Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-41093, CVE-2022-41100.
Race Condition
Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability
CVE-2022-41039
8.1 - High
- November 09, 2022
Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-41044, CVE-2022-41088.
Race Condition
Windows Hyper-V Denial of Service Vulnerability.
CVE-2022-38015
6.5 - Medium
- November 09, 2022
Windows Hyper-V Denial of Service Vulnerability.
Windows Group Policy Elevation of Privilege Vulnerability
CVE-2022-37992
7.8 - High
- November 09, 2022
Windows Group Policy Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-41086.
Windows Bind Filter Driver Elevation of Privilege Vulnerability.
CVE-2022-41114
7 - High
- November 09, 2022
Windows Bind Filter Driver Elevation of Privilege Vulnerability.
Race Condition
Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability.
CVE-2022-41113
7.8 - High
- November 09, 2022
Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability.
Windows Win32k Elevation of Privilege Vulnerability
CVE-2022-41109
7.8 - High
- November 09, 2022
Windows Win32k Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-41092.
Windows Overlay Filter Elevation of Privilege Vulnerability
CVE-2022-41102
7.8 - High
- November 09, 2022
Windows Overlay Filter Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-41101.
Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability
CVE-2022-41100
7.8 - High
- November 09, 2022
Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-41045, CVE-2022-41093.
Race Condition
BitLocker Security Feature Bypass Vulnerability.
CVE-2022-41099
4.6 - Medium
- November 09, 2022
BitLocker Security Feature Bypass Vulnerability.
Windows Overlay Filter Elevation of Privilege Vulnerability
CVE-2022-41101
7.8 - High
- November 09, 2022
Windows Overlay Filter Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-41102.
Network Policy Server (NPS) RADIUS Protocol Information Disclosure Vulnerability.
CVE-2022-41097
6.5 - Medium
- November 09, 2022
Network Policy Server (NPS) RADIUS Protocol Information Disclosure Vulnerability.
Microsoft DWM Core Library Elevation of Privilege Vulnerability.
CVE-2022-41096
7.8 - High
- November 09, 2022
Microsoft DWM Core Library Elevation of Privilege Vulnerability.
Windows Digital Media Receiver Elevation of Privilege Vulnerability.
CVE-2022-41095
7.8 - High
- November 09, 2022
Windows Digital Media Receiver Elevation of Privilege Vulnerability.
Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability
CVE-2022-41093
7.8 - High
- November 09, 2022
Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-41045, CVE-2022-41100.
Race Condition
Windows Win32k Elevation of Privilege Vulnerability
CVE-2022-41092
7.8 - High
- November 09, 2022
Windows Win32k Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-41109.
Windows Mark of the Web Security Feature Bypass Vulnerability
CVE-2022-41091
5.4 - Medium
- November 09, 2022
Windows Mark of the Web Security Feature Bypass Vulnerability. This CVE ID is unique from CVE-2022-41049.
Windows Point-to-Point Tunneling Protocol Denial of Service Vulnerability
CVE-2022-41090
5.9 - Medium
- November 09, 2022
Windows Point-to-Point Tunneling Protocol Denial of Service Vulnerability. This CVE ID is unique from CVE-2022-41116.
Race Condition
Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability
CVE-2022-41088
8.1 - High
- November 09, 2022
Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-41039, CVE-2022-41044.
Race Condition
Windows Print Spooler Elevation of Privilege Vulnerability.
CVE-2022-41073
7.8 - High
- November 09, 2022
Windows Print Spooler Elevation of Privilege Vulnerability.
Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability.
CVE-2022-41054
7.8 - High
- November 09, 2022
Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability.
Windows Kerberos Denial of Service Vulnerability.
CVE-2022-41053
7.5 - High
- November 09, 2022
Windows Kerberos Denial of Service Vulnerability.
Windows Graphics Component Remote Code Execution Vulnerability.
CVE-2022-41052
7.8 - High
- November 09, 2022
Windows Graphics Component Remote Code Execution Vulnerability.
Windows Extensible File Allocation Table Elevation of Privilege Vulnerability.
CVE-2022-41050
7.8 - High
- November 09, 2022
Windows Extensible File Allocation Table Elevation of Privilege Vulnerability.
Windows Mark of the Web Security Feature Bypass Vulnerability
CVE-2022-41049
5.4 - Medium
- November 09, 2022
Windows Mark of the Web Security Feature Bypass Vulnerability. This CVE ID is unique from CVE-2022-41091.
Connected User Experiences and Telemetry Elevation of Privilege Vulnerability.
CVE-2022-38021
7 - High
- October 11, 2022
Connected User Experiences and Telemetry Elevation of Privilege Vulnerability.
Race Condition
Windows Kernel Elevation of Privilege Vulnerability
CVE-2022-38022
3.3 - Low
- October 11, 2022
Windows Kernel Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-37988, CVE-2022-37990, CVE-2022-37991, CVE-2022-37995, CVE-2022-38037, CVE-2022-38038, CVE-2022-38039.
Windows Distributed File System (DFS) Information Disclosure Vulnerability.
CVE-2022-38025
5.5 - Medium
- October 11, 2022
Windows Distributed File System (DFS) Information Disclosure Vulnerability.
Windows DHCP Client Information Disclosure Vulnerability.
CVE-2022-38026
5.5 - Medium
- October 11, 2022
Windows DHCP Client Information Disclosure Vulnerability.
Windows Storage Elevation of Privilege Vulnerability.
CVE-2022-38027
7 - High
- October 11, 2022
Windows Storage Elevation of Privilege Vulnerability.
Race Condition
Windows Print Spooler Elevation of Privilege Vulnerability.
CVE-2022-38028
7.8 - High
- October 11, 2022
Windows Print Spooler Elevation of Privilege Vulnerability.
Windows ALPC Elevation of Privilege Vulnerability.
CVE-2022-38029
7 - High
- October 11, 2022
Windows ALPC Elevation of Privilege Vulnerability.
Race Condition
Windows USB Serial Driver Information Disclosure Vulnerability.
CVE-2022-38030
4.3 - Medium
- October 11, 2022
Windows USB Serial Driver Information Disclosure Vulnerability.
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
CVE-2022-38031
8.8 - High
- October 11, 2022
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-37982.
Windows Portable Device Enumerator Service Security Feature Bypass Vulnerability.
CVE-2022-38032
6.6 - Medium
- October 11, 2022
Windows Portable Device Enumerator Service Security Feature Bypass Vulnerability.
Windows Server Remotely Accessible Registry Keys Information Disclosure Vulnerability.
CVE-2022-38033
6.5 - Medium
- October 11, 2022
Windows Server Remotely Accessible Registry Keys Information Disclosure Vulnerability.
Windows Workstation Service Elevation of Privilege Vulnerability.
CVE-2022-38034
8.8 - High
- October 11, 2022
Windows Workstation Service Elevation of Privilege Vulnerability.
Internet Key Exchange (IKE) Protocol Denial of Service Vulnerability.
CVE-2022-38036
7.5 - High
- October 11, 2022
Internet Key Exchange (IKE) Protocol Denial of Service Vulnerability.
Windows Kernel Elevation of Privilege Vulnerability
CVE-2022-38037
7.8 - High
- October 11, 2022
Windows Kernel Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-37988, CVE-2022-37990, CVE-2022-37991, CVE-2022-37995, CVE-2022-38022, CVE-2022-38038, CVE-2022-38039.
Windows Kernel Elevation of Privilege Vulnerability
CVE-2022-38038
7.8 - High
- October 11, 2022
Windows Kernel Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-37988, CVE-2022-37990, CVE-2022-37991, CVE-2022-37995, CVE-2022-38022, CVE-2022-38037, CVE-2022-38039.
Windows Kernel Elevation of Privilege Vulnerability
CVE-2022-38039
7.8 - High
- October 11, 2022
Windows Kernel Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-37988, CVE-2022-37990, CVE-2022-37991, CVE-2022-37995, CVE-2022-38022, CVE-2022-38037, CVE-2022-38038.
Microsoft ODBC Driver Remote Code Execution Vulnerability.
CVE-2022-38040
8.8 - High
- October 11, 2022
Microsoft ODBC Driver Remote Code Execution Vulnerability.
Windows Group Policy Preference Client Elevation of Privilege Vulnerability
CVE-2022-37994
7.8 - High
- October 11, 2022
Windows Group Policy Preference Client Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-37993, CVE-2022-37999.
Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability
CVE-2022-37989
7.8 - High
- October 11, 2022
Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-37987.
Windows Kernel Elevation of Privilege Vulnerability
CVE-2022-37990
7.8 - High
- October 11, 2022
Windows Kernel Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-37988, CVE-2022-37991, CVE-2022-37995, CVE-2022-38022, CVE-2022-38037, CVE-2022-38038, CVE-2022-38039.
Windows Kernel Elevation of Privilege Vulnerability
CVE-2022-37991
7.8 - High
- October 11, 2022
Windows Kernel Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-37988, CVE-2022-37990, CVE-2022-37995, CVE-2022-38022, CVE-2022-38037, CVE-2022-38038, CVE-2022-38039.
Windows Group Policy Preference Client Elevation of Privilege Vulnerability
CVE-2022-37993
7.8 - High
- October 11, 2022
Windows Group Policy Preference Client Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-37994, CVE-2022-37999.
Windows Kernel Memory Information Disclosure Vulnerability.
CVE-2022-37996
5.5 - Medium
- October 11, 2022
Windows Kernel Memory Information Disclosure Vulnerability.
Windows Active Directory Certificate Services Security Feature Bypass.
CVE-2022-37978
7.5 - High
- October 11, 2022
Windows Active Directory Certificate Services Security Feature Bypass.
Windows Kernel Elevation of Privilege Vulnerability
CVE-2022-37988
7.8 - High
- October 11, 2022
Windows Kernel Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-37990, CVE-2022-37991, CVE-2022-37995, CVE-2022-38022, CVE-2022-38037, CVE-2022-38038, CVE-2022-38039.
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Microsoft Windows Server 2022 or by Microsoft? Click the Watch button to subscribe.
