Windows_11_23h2 - Vulncode-DB

Note:

This project will be discontinued after December 13, 2021. [more]

Product:
Windows_11_23h2
(Microsoft)

Repositories	Unknown: This might be proprietary software.
#Vulnerabilities	1006

Date	Id	Summary	Products	Score	Patch	Annotated
2025-08-12	CVE-2025-48807	Improper restriction of communication channel to intended endpoints in Windows Hyper-V allows an authorized attacker to execute code locally.	Windows_10_1607, Windows_10_1809, Windows_10_21h2, Windows_10_22h2, Windows_11_22h2, Windows_11_23h2, Windows_11_24h2, Windows_server_2016, Windows_server_2019, Windows_server_2022, Windows_server_2022_23h2, Windows_server_2025	7.5
2025-08-12	CVE-2025-49743	Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Graphics Component allows an authorized attacker to elevate privileges locally.	Windows_10_1507, Windows_10_1607, Windows_10_1809, Windows_10_21h2, Windows_10_22h2, Windows_11_22h2, Windows_11_23h2, Windows_11_24h2, Windows_server_2008, Windows_server_2012, Windows_server_2016, Windows_server_2019, Windows_server_2022, Windows_server_2022_23h2, Windows_server_2025	6.7
2025-08-12	CVE-2025-49751	Missing synchronization in Windows Hyper-V allows an authorized attacker to deny service over an adjacent network.	Windows_10_1607, Windows_10_1809, Windows_10_21h2, Windows_10_22h2, Windows_11_22h2, Windows_11_23h2, Windows_11_24h2, Windows_server_2016, Windows_server_2019, Windows_server_2022, Windows_server_2022_23h2, Windows_server_2025	6.8
2025-08-12	CVE-2025-53723	Numeric truncation error in Windows Hyper-V allows an authorized attacker to elevate privileges locally.	Windows_10_1507, Windows_10_1607, Windows_10_1809, Windows_10_21h2, Windows_10_22h2, Windows_11_22h2, Windows_11_23h2, Windows_11_24h2, Windows_server_2012, Windows_server_2016, Windows_server_2019, Windows_server_2022, Windows_server_2022_23h2, Windows_server_2025	7.8
2025-08-12	CVE-2025-53778	Improper authentication in Windows NTLM allows an authorized attacker to elevate privileges over a network.	Windows_10_1507, Windows_10_1607, Windows_10_1809, Windows_10_21h2, Windows_10_22h2, Windows_11_22h2, Windows_11_23h2, Windows_11_24h2, Windows_server_2008, Windows_server_2012, Windows_server_2016, Windows_server_2019, Windows_server_2022, Windows_server_2022_23h2, Windows_server_2025	8.8
2025-08-12	CVE-2025-50153	Use after free in Desktop Windows Manager allows an authorized attacker to elevate privileges locally.	Windows_10_1507, Windows_10_1607, Windows_10_1809, Windows_10_21h2, Windows_10_22h2, Windows_11_22h2, Windows_11_23h2, Windows_server_2008, Windows_server_2012, Windows_server_2016, Windows_server_2019, Windows_server_2022	7.8
2025-08-12	CVE-2025-50154	Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an unauthorized attacker to perform spoofing over a network.	Windows_10_1507, Windows_10_1607, Windows_10_1809, Windows_10_21h2, Windows_10_22h2, Windows_11_22h2, Windows_11_23h2, Windows_11_24h2, Windows_server_2008, Windows_server_2012, Windows_server_2016, Windows_server_2019, Windows_server_2022, Windows_server_2022_23h2, Windows_server_2025	7.5
2025-08-12	CVE-2025-50155	Access of resource using incompatible type ('type confusion') in Windows Push Notifications allows an authorized attacker to elevate privileges locally.	Windows_10_1507, Windows_10_1607, Windows_10_1809, Windows_10_21h2, Windows_10_22h2, Windows_11_22h2, Windows_11_23h2, Windows_11_24h2, Windows_server_2012, Windows_server_2016, Windows_server_2019, Windows_server_2022, Windows_server_2022_23h2, Windows_server_2025	7.8
2025-08-12	CVE-2025-50158	Time-of-check time-of-use (toctou) race condition in Windows NTFS allows an unauthorized attacker to disclose information locally.	Windows_10_1507, Windows_10_1607, Windows_10_1809, Windows_10_21h2, Windows_10_22h2, Windows_11_22h2, Windows_11_23h2, Windows_11_24h2, Windows_server_2008, Windows_server_2012, Windows_server_2016, Windows_server_2019, Windows_server_2022, Windows_server_2022_23h2, Windows_server_2025	7.0
2025-08-12	CVE-2025-50159	Use after free in Remote Access Point-to-Point Protocol (PPP) EAP-TLS allows an authorized attacker to elevate privileges locally.	Windows_10_1507, Windows_10_1607, Windows_10_1809, Windows_10_21h2, Windows_10_22h2, Windows_11_22h2, Windows_11_23h2, Windows_11_24h2, Windows_server_2012, Windows_server_2016, Windows_server_2019, Windows_server_2022, Windows_server_2022_23h2, Windows_server_2025	7.3