Windows Server 2022 23h2 Microsoft Windows Server 2022 23h2

Do you want an email whenever new security vulnerabilities are reported in Microsoft Windows Server 2022 23h2?

By the Year

In 2024 there have been 74 vulnerabilities in Microsoft Windows Server 2022 23h2 with an average score of 7.4 out of ten. Last year Windows Server 2022 23h2 had 20 security vulnerabilities published. That is, 54 more vulnerabilities have already been reported in 2024 as compared to last year. However, the average CVE base score of the vulnerabilities in 2024 is greater by 0.12.

Year Vulnerabilities Average Score
2024 74 7.35
2023 20 7.23
2022 0 0.00
2021 0 0.00
2020 0 0.00
2019 0 0.00
2018 0 0.00

It may take a day or so for new Windows Server 2022 23h2 vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Microsoft Windows Server 2022 23h2 Security Vulnerabilities

Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability

CVE-2024-30080 9.8 - Critical - June 11, 2024

Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability

Dangling pointer

Windows MSHTML Platform Security Feature Bypass Vulnerability

CVE-2024-30040 8.8 - High - May 14, 2024

Windows MSHTML Platform Security Feature Bypass Vulnerability

Windows Mobile Broadband Driver Remote Code Execution Vulnerability

CVE-2024-29997 6.8 - Medium - May 14, 2024

Windows Mobile Broadband Driver Remote Code Execution Vulnerability

Integer Overflow or Wraparound

Windows Mobile Broadband Driver Remote Code Execution Vulnerability

CVE-2024-29998 6.8 - Medium - May 14, 2024

Windows Mobile Broadband Driver Remote Code Execution Vulnerability

Windows Mobile Broadband Driver Remote Code Execution Vulnerability

CVE-2024-29999 6.8 - Medium - May 14, 2024

Windows Mobile Broadband Driver Remote Code Execution Vulnerability

Integer Overflow or Wraparound

Windows Mobile Broadband Driver Remote Code Execution Vulnerability

CVE-2024-30000 6.8 - Medium - May 14, 2024

Windows Mobile Broadband Driver Remote Code Execution Vulnerability

Integer Overflow or Wraparound

Windows Mobile Broadband Driver Remote Code Execution Vulnerability

CVE-2024-30001 6.8 - Medium - May 14, 2024

Windows Mobile Broadband Driver Remote Code Execution Vulnerability

Integer Overflow or Wraparound

Windows Mobile Broadband Driver Remote Code Execution Vulnerability

CVE-2024-30002 6.8 - Medium - May 14, 2024

Windows Mobile Broadband Driver Remote Code Execution Vulnerability

Windows Mobile Broadband Driver Remote Code Execution Vulnerability

CVE-2024-30003 6.8 - Medium - May 14, 2024

Windows Mobile Broadband Driver Remote Code Execution Vulnerability

Integer Overflow or Wraparound

Windows Mobile Broadband Driver Remote Code Execution Vulnerability

CVE-2024-30004 6.8 - Medium - May 14, 2024

Windows Mobile Broadband Driver Remote Code Execution Vulnerability

Integer Overflow or Wraparound

Windows Mobile Broadband Driver Remote Code Execution Vulnerability

CVE-2024-30005 6.8 - Medium - May 14, 2024

Windows Mobile Broadband Driver Remote Code Execution Vulnerability

Integer Overflow or Wraparound

SmartScreen Prompt Security Feature Bypass Vulnerability

CVE-2024-29988 8.8 - High - April 09, 2024

SmartScreen Prompt Security Feature Bypass Vulnerability

Windows Storage Elevation of Privilege Vulnerability

CVE-2024-29052 7.8 - High - April 09, 2024

Windows Storage Elevation of Privilege Vulnerability

Improper Privilege Management

Windows Error Reporting Service Elevation of Privilege Vulnerability

CVE-2024-26169 7.8 - High - March 12, 2024

Windows Error Reporting Service Elevation of Privilege Vulnerability

Windows Hyper-V Denial of Service Vulnerability

CVE-2024-21408 5.5 - Medium - March 12, 2024

Windows Hyper-V Denial of Service Vulnerability

Windows Hyper-V Remote Code Execution Vulnerability

CVE-2024-21407 8.1 - High - March 12, 2024

Windows Hyper-V Remote Code Execution Vulnerability

Certain DNSSEC aspects of the DNS protocol (in RFC 4033, 4034, 4035, 6840, and related RFCs)

CVE-2023-50387 7.5 - High - February 14, 2024

Certain DNSSEC aspects of the DNS protocol (in RFC 4033, 4034, 4035, 6840, and related RFCs) allow remote attackers to cause a denial of service (CPU consumption) via one or more DNSSEC responses, aka the "KeyTrap" issue. One of the concerns is that, when there is a zone with many DNSKEY and RRSIG records, the protocol specification implies that an algorithm must evaluate all combinations of DNSKEY and RRSIG records.

Allocation of Resources Without Limits or Throttling

Windows Network Address Translation (NAT) Denial of Service Vulnerability

CVE-2024-21344 5.9 - Medium - February 13, 2024

Windows Network Address Translation (NAT) Denial of Service Vulnerability

Microsoft WDAC ODBC Driver Remote Code Execution Vulnerability

CVE-2024-21353 8.8 - High - February 13, 2024

Microsoft WDAC ODBC Driver Remote Code Execution Vulnerability

Windows Network Address Translation (NAT) Denial of Service Vulnerability

CVE-2024-21343 7.5 - High - February 13, 2024

Windows Network Address Translation (NAT) Denial of Service Vulnerability

Windows Printing Service Spoofing Vulnerability

CVE-2024-21406 7.5 - High - February 13, 2024

Windows Printing Service Spoofing Vulnerability

Windows DNS Information Disclosure Vulnerability

CVE-2024-21377 5.5 - Medium - February 13, 2024

Windows DNS Information Disclosure Vulnerability

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability

CVE-2024-21375 8.8 - High - February 13, 2024

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability

CVE-2024-21370 8.8 - High - February 13, 2024

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability

CVE-2024-21369 8.8 - High - February 13, 2024

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability

CVE-2024-21368 8.8 - High - February 13, 2024

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability

CVE-2024-21367 8.8 - High - February 13, 2024

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability

CVE-2024-21366 8.8 - High - February 13, 2024

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability

CVE-2024-21365 8.8 - High - February 13, 2024

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability

CVE-2024-21361 8.8 - High - February 13, 2024

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability

CVE-2024-21360 8.8 - High - February 13, 2024

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability

CVE-2024-21359 8.8 - High - February 13, 2024

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability

CVE-2024-21358 8.8 - High - February 13, 2024

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability

CVE-2024-21352 8.8 - High - February 13, 2024

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability

CVE-2024-21350 8.8 - High - February 13, 2024

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability

Internet Shortcut Files Security Feature Bypass Vulnerability

CVE-2024-21412 8.1 - High - February 13, 2024

Internet Shortcut Files Security Feature Bypass Vulnerability

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability

CVE-2024-21391 8.8 - High - February 13, 2024

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability

Windows Kernel Security Feature Bypass Vulnerability

CVE-2024-21362 5.5 - Medium - February 13, 2024

Windows Kernel Security Feature Bypass Vulnerability

Microsoft Message Queuing (MSMQ) Elevation of Privilege Vulnerability

CVE-2024-21355 7 - High - February 13, 2024

Microsoft Message Queuing (MSMQ) Elevation of Privilege Vulnerability

Microsoft Message Queuing (MSMQ) Elevation of Privilege Vulnerability

CVE-2024-21354 7.8 - High - February 13, 2024

Microsoft Message Queuing (MSMQ) Elevation of Privilege Vulnerability

Windows SmartScreen Security Feature Bypass Vulnerability

CVE-2024-21351 7.6 - High - February 13, 2024

Windows SmartScreen Security Feature Bypass Vulnerability

Internet Connection Sharing (ICS) Denial of Service Vulnerability

CVE-2024-21348 7.5 - High - February 13, 2024

Internet Connection Sharing (ICS) Denial of Service Vulnerability

Microsoft ODBC Driver Remote Code Execution Vulnerability

CVE-2024-21347 7.5 - High - February 13, 2024

Microsoft ODBC Driver Remote Code Execution Vulnerability

Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability

CVE-2024-21356 6.5 - Medium - February 13, 2024

Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability

Microsoft ActiveX Data Objects Remote Code Execution Vulnerability

CVE-2024-21349 8.8 - High - February 13, 2024

Microsoft ActiveX Data Objects Remote Code Execution Vulnerability

Windows USB Generic Parent Driver Remote Code Execution Vulnerability

CVE-2024-21339 6.4 - Medium - February 13, 2024

Windows USB Generic Parent Driver Remote Code Execution Vulnerability

Windows Hyper-V Denial of Service Vulnerability

CVE-2024-20684 6.5 - Medium - February 13, 2024

Windows Hyper-V Denial of Service Vulnerability

Windows Kernel Information Disclosure Vulnerability

CVE-2024-21340 4.6 - Medium - February 13, 2024

Windows Kernel Information Disclosure Vulnerability

Windows Kernel Elevation of Privilege Vulnerability

CVE-2024-21338 7.8 - High - February 13, 2024

Windows Kernel Elevation of Privilege Vulnerability

Windows Kernel Remote Code Execution Vulnerability

CVE-2024-21341 6.8 - Medium - February 13, 2024

Windows Kernel Remote Code Execution Vulnerability

Windows DNS Client Denial of Service Vulnerability

CVE-2024-21342 7.5 - High - February 13, 2024

Windows DNS Client Denial of Service Vulnerability

Microsoft Message Queuing (MSMQ) Elevation of Privilege Vulnerability

CVE-2024-21405 7 - High - February 13, 2024

Microsoft Message Queuing (MSMQ) Elevation of Privilege Vulnerability

Windows OLE Remote Code Execution Vulnerability

CVE-2024-21372 8.8 - High - February 13, 2024

Windows OLE Remote Code Execution Vulnerability

Windows Kernel Elevation of Privilege Vulnerability

CVE-2024-21371 7 - High - February 13, 2024

Windows Kernel Elevation of Privilege Vulnerability

Win32k Elevation of Privilege Vulnerability

CVE-2024-21346 7.8 - High - February 13, 2024

Win32k Elevation of Privilege Vulnerability

Windows Kernel Elevation of Privilege Vulnerability

CVE-2024-21345 8.8 - High - February 13, 2024

Windows Kernel Elevation of Privilege Vulnerability

Windows Online Certificate Status Protocol (OCSP) Information Disclosure Vulnerability

CVE-2024-20662 4.9 - Medium - January 09, 2024

Windows Online Certificate Status Protocol (OCSP) Information Disclosure Vulnerability

Windows Server Key Distribution Service Security Feature Bypass

CVE-2024-21316 6.1 - Medium - January 09, 2024

Windows Server Key Distribution Service Security Feature Bypass

Microsoft Message Queuing Information Disclosure Vulnerability

CVE-2024-21314 6.5 - Medium - January 09, 2024

Microsoft Message Queuing Information Disclosure Vulnerability

Windows TCP/IP Information Disclosure Vulnerability

CVE-2024-21313 5.3 - Medium - January 09, 2024

Windows TCP/IP Information Disclosure Vulnerability

Windows Cryptographic Services Information Disclosure Vulnerability

CVE-2024-21311 5.5 - Medium - January 09, 2024

Windows Cryptographic Services Information Disclosure Vulnerability

Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability

CVE-2024-21310 7.8 - High - January 09, 2024

Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability

Microsoft Bluetooth Driver Spoofing Vulnerability

CVE-2024-21306 5.7 - Medium - January 09, 2024

Microsoft Bluetooth Driver Spoofing Vulnerability

Hypervisor-Protected Code Integrity (HVCI) Security Feature Bypass Vulnerability

CVE-2024-21305 4.4 - Medium - January 09, 2024

Hypervisor-Protected Code Integrity (HVCI) Security Feature Bypass Vulnerability

Windows Hyper-V Remote Code Execution Vulnerability

CVE-2024-20700 7.5 - High - January 09, 2024

Windows Hyper-V Remote Code Execution Vulnerability

Race Condition

Windows Kernel Elevation of Privilege Vulnerability

CVE-2024-20698 7.8 - High - January 09, 2024

Windows Kernel Elevation of Privilege Vulnerability

Windows Libarchive Remote Code Execution Vulnerability

CVE-2024-20696 7.3 - High - January 09, 2024

Windows Libarchive Remote Code Execution Vulnerability

Windows CoreMessaging Information Disclosure Vulnerability

CVE-2024-20694 5.5 - Medium - January 09, 2024

Windows CoreMessaging Information Disclosure Vulnerability

Exposure of Resource to Wrong Sphere

Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability

CVE-2024-20692 5.7 - Medium - January 09, 2024

Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability

Exposure of Resource to Wrong Sphere

Windows Hyper-V Denial of Service Vulnerability

CVE-2024-20699 5.5 - Medium - January 09, 2024

Windows Hyper-V Denial of Service Vulnerability

Windows Libarchive Remote Code Execution Vulnerability

CVE-2024-20697 7.3 - High - January 09, 2024

Windows Libarchive Remote Code Execution Vulnerability

Win32k Elevation of Privilege Vulnerability

CVE-2024-20686 7.8 - High - January 09, 2024

Win32k Elevation of Privilege Vulnerability

Windows Subsystem for Linux Elevation of Privilege Vulnerability

CVE-2024-20681 7.8 - High - January 09, 2024

Windows Subsystem for Linux Elevation of Privilege Vulnerability

Microsoft Online Certificate Status Protocol (OCSP) Remote Code Execution Vulnerability

CVE-2024-20655 6.6 - Medium - January 09, 2024

Microsoft Online Certificate Status Protocol (OCSP) Remote Code Execution Vulnerability

Win32k Elevation of Privilege Vulnerability

CVE-2023-35631 7.8 - High - December 12, 2023

Win32k Elevation of Privilege Vulnerability

Internet Connection Sharing (ICS) Remote Code Execution Vulnerability

CVE-2023-35630 8.8 - High - December 12, 2023

Internet Connection Sharing (ICS) Remote Code Execution Vulnerability

Windows MSHTML Platform Remote Code Execution Vulnerability

CVE-2023-35628 8.1 - High - December 12, 2023

Windows MSHTML Platform Remote Code Execution Vulnerability

Windows DNS Spoofing Vulnerability

CVE-2023-35622 7.5 - High - December 12, 2023

Windows DNS Spoofing Vulnerability

Windows Media Remote Code Execution Vulnerability

CVE-2023-21740 7.8 - High - December 12, 2023

Windows Media Remote Code Execution Vulnerability

Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability

CVE-2023-36696 7.8 - High - December 12, 2023

Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability

Bluetooth BR/EDR devices with Secure Simple Pairing and Secure Connections pairing in Bluetooth Core Specification 4.2 through 5.4 allow certain man-in-the-middle attacks

CVE-2023-24023 6.8 - Medium - November 28, 2023

Bluetooth BR/EDR devices with Secure Simple Pairing and Secure Connections pairing in Bluetooth Core Specification 4.2 through 5.4 allow certain man-in-the-middle attacks that force a short key length, and might lead to discovery of the encryption key and live injection, aka BLUFFS.

Windows Hyper-V Information Disclosure Vulnerability

CVE-2023-36406 5.5 - Medium - November 14, 2023

Windows Hyper-V Information Disclosure Vulnerability

Windows Hyper-V Elevation of Privilege Vulnerability

CVE-2023-36407 7.8 - High - November 14, 2023

Windows Hyper-V Elevation of Privilege Vulnerability

Windows Hyper-V Elevation of Privilege Vulnerability

CVE-2023-36408 7.8 - High - November 14, 2023

Windows Hyper-V Elevation of Privilege Vulnerability

Windows Common Log File System Driver Elevation of Privilege Vulnerability

CVE-2023-36424 7.8 - High - November 14, 2023

Windows Common Log File System Driver Elevation of Privilege Vulnerability

Windows Distributed File System (DFS) Remote Code Execution Vulnerability

CVE-2023-36425 8 - High - November 14, 2023

Windows Distributed File System (DFS) Remote Code Execution Vulnerability

Windows Hyper-V Elevation of Privilege Vulnerability

CVE-2023-36427 7 - High - November 14, 2023

Windows Hyper-V Elevation of Privilege Vulnerability

Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability

CVE-2023-36428 5.5 - Medium - November 14, 2023

Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability

Windows Installer Elevation of Privilege Vulnerability

CVE-2023-36705 7.8 - High - November 14, 2023

Windows Installer Elevation of Privilege Vulnerability

Microsoft Speech Application Programming Interface (SAPI) Elevation of Privilege Vulnerability

CVE-2023-36719 7.8 - High - November 14, 2023

Microsoft Speech Application Programming Interface (SAPI) Elevation of Privilege Vulnerability

Windows Kernel Elevation of Privilege Vulnerability

CVE-2023-36405 7 - High - November 14, 2023

Windows Kernel Elevation of Privilege Vulnerability

Windows Kernel Information Disclosure Vulnerability

CVE-2023-36404 5.5 - Medium - November 14, 2023

Windows Kernel Information Disclosure Vulnerability

Windows Kernel Elevation of Privilege Vulnerability

CVE-2023-36403 7 - High - November 14, 2023

Windows Kernel Elevation of Privilege Vulnerability

A division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality

CVE-2023-20588 5.5 - Medium - August 08, 2023

A division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality. 

Divide By Zero

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Microsoft Windows 10 21h2 or by Microsoft? Click the Watch button to subscribe.

Microsoft
Vendor

subscribe