Vulnerabilities > Microsoft > Windows 11 21H2 > 10.0.22000.318

DATE CVE VULNERABILITY TITLE RISK
2022-11-09 CVE-2022-41073 Out-of-bounds Write vulnerability in Microsoft products
Windows Print Spooler Elevation of Privilege Vulnerability
local
low complexity
microsoft CWE-787
7.8
2022-11-09 CVE-2022-41091 Unspecified vulnerability in Microsoft products
Windows Mark of the Web Security Feature Bypass Vulnerability
network
low complexity
microsoft
5.4
2022-11-09 CVE-2022-41125 Out-of-bounds Write vulnerability in Microsoft products
Windows CNG Key Isolation Service Elevation of Privilege Vulnerability
local
low complexity
microsoft CWE-787
7.8
2022-11-09 CVE-2022-41128 Out-of-bounds Write vulnerability in Microsoft products
Windows Scripting Languages Remote Code Execution Vulnerability
network
low complexity
microsoft CWE-787
8.8
2022-10-11 CVE-2022-41033 Type Confusion vulnerability in Microsoft products
Windows COM+ Event System Service Elevation of Privilege Vulnerability
local
low complexity
microsoft CWE-843
7.8
2022-09-13 CVE-2022-37969 Out-of-bounds Write vulnerability in Microsoft products
Windows Common Log File System Driver Elevation of Privilege Vulnerability
local
low complexity
microsoft CWE-787
7.8
2022-08-09 CVE-2022-34713 Unspecified vulnerability in Microsoft products
Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability
local
low complexity
microsoft
7.8
2022-07-12 CVE-2022-22047 Untrusted Search Path vulnerability in Microsoft products
Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability
local
low complexity
microsoft CWE-426
7.8
2022-06-01 CVE-2022-30190 Externally Controlled Reference to a Resource in Another Sphere vulnerability in Microsoft products
A remote code execution vulnerability exists when MSDT is called using the URL protocol from a calling application such as Word.
local
low complexity
microsoft CWE-610
7.8
2022-05-10 CVE-2022-26923 Improper Certificate Validation vulnerability in Microsoft products
Active Directory Domain Services Elevation of Privilege Vulnerability
network
low complexity
microsoft CWE-295
8.8