Product:

Windows_11_23h2

(Microsoft)
Repositories

Unknown:

This might be proprietary software.
#Vulnerabilities 1039
Date Id Summary Products Score Patch Annotated
2025-07-08 CVE-2025-49689 Integer overflow or wraparound in Virtual Hard Disk (VHDX) allows an unauthorized attacker to elevate privileges locally. Windows_10_1507, Windows_10_1607, Windows_10_1809, Windows_10_21h2, Windows_10_22h2, Windows_11_22h2, Windows_11_23h2, Windows_11_24h2, Windows_server_2008, Windows_server_2012, Windows_server_2016, Windows_server_2019, Windows_server_2022, Windows_server_2022_23h2, Windows_server_2025 7.8
2025-07-08 CVE-2025-49690 Concurrent execution using shared resource with improper synchronization ('race condition') in Capability Access Management Service (camsvc) allows an unauthorized attacker to elevate privileges locally. Windows_10_1809, Windows_10_21h2, Windows_10_22h2, Windows_11_22h2, Windows_11_23h2, Windows_11_24h2, Windows_server_2019, Windows_server_2022, Windows_server_2022_23h2, Windows_server_2025 7.4
2025-07-08 CVE-2025-49691 Heap-based buffer overflow in Windows Media allows an unauthorized attacker to execute code over an adjacent network. Windows_10_1507, Windows_10_1607, Windows_10_1809, Windows_10_21h2, Windows_10_22h2, Windows_11_22h2, Windows_11_23h2, Windows_11_24h2, Windows_server_2016, Windows_server_2019, Windows_server_2022, Windows_server_2022_23h2, Windows_server_2025 8.0
2025-07-08 CVE-2025-49693 Double free in Microsoft Brokering File System allows an authorized attacker to elevate privileges locally. Windows_11_22h2, Windows_11_23h2, Windows_11_24h2, Windows_server_2022_23h2, Windows_server_2025 7.8
2025-07-08 CVE-2025-33054 Insufficient UI warning of dangerous operations in Remote Desktop Client allows an unauthorized attacker to perform spoofing over a network. Windows_11_22h2, Windows_11_23h2, Windows_11_24h2, Windows_server_2025 8.1
2025-07-08 CVE-2025-47159 Protection mechanism failure in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to elevate privileges locally. Windows_10_1507, Windows_10_1607, Windows_10_1809, Windows_10_21h2, Windows_10_22h2, Windows_11_22h2, Windows_11_23h2, Windows_11_24h2, Windows_server_2016, Windows_server_2019, Windows_server_2022, Windows_server_2022_23h2, Windows_server_2025 7.8
2025-07-08 CVE-2025-47971 Buffer over-read in Virtual Hard Disk (VHDX) allows an unauthorized attacker to elevate privileges locally. Windows_10_1507, Windows_10_1607, Windows_10_1809, Windows_10_21h2, Windows_10_22h2, Windows_11_22h2, Windows_11_23h2, Windows_11_24h2, Windows_server_2008, Windows_server_2012, Windows_server_2016, Windows_server_2019, Windows_server_2022, Windows_server_2022_23h2, Windows_server_2025 7.8
2025-07-08 CVE-2025-47973 Buffer over-read in Virtual Hard Disk (VHDX) allows an unauthorized attacker to elevate privileges locally. Windows_10_1507, Windows_10_1607, Windows_10_1809, Windows_10_21h2, Windows_10_22h2, Windows_11_22h2, Windows_11_23h2, Windows_11_24h2, Windows_server_2008, Windows_server_2012, Windows_server_2016, Windows_server_2019, Windows_server_2022, Windows_server_2022_23h2, Windows_server_2025 7.8
2025-07-08 CVE-2025-47972 Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Input Method Editor (IME) allows an authorized attacker to elevate privileges over a network. Windows_10_1507, Windows_10_1607, Windows_10_1809, Windows_10_21h2, Windows_10_22h2, Windows_11_22h2, Windows_11_23h2, Windows_11_24h2, Windows_server_2016, Windows_server_2019, Windows_server_2022, Windows_server_2022_23h2, Windows_server_2025 8.0
2025-07-08 CVE-2025-47975 Double free in Windows SSDP Service allows an authorized attacker to elevate privileges locally. Windows_10_1507, Windows_10_1607, Windows_10_1809, Windows_10_21h2, Windows_10_22h2, Windows_11_22h2, Windows_11_23h2, Windows_11_24h2, Windows_server_2008, Windows_server_2012, Windows_server_2016, Windows_server_2019, Windows_server_2022, Windows_server_2022_23h2, Windows_server_2025 7.0