Vulnerabilities > Microsoft > Windows Server 2022 23H2 > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-06-11 | CVE-2024-30095 | Out-of-bounds Write vulnerability in Microsoft products Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | 7.8 |
| 2024-06-11 | CVE-2024-30097 | Double Free vulnerability in Microsoft products Microsoft Speech Application Programming Interface (SAPI) Remote Code Execution Vulnerability | 8.8 |
| 2024-06-11 | CVE-2024-30099 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Microsoft products Windows Kernel Elevation of Privilege Vulnerability | 7.0 |
| 2024-05-14 | CVE-2024-30040 | Unspecified vulnerability in Microsoft products Windows MSHTML Platform Security Feature Bypass Vulnerability | 8.8 |
| 2024-04-09 | CVE-2024-29988 | Unspecified vulnerability in Microsoft products SmartScreen Prompt Security Feature Bypass Vulnerability | 8.8 |
| 2024-04-09 | CVE-2024-29052 | Improper Privilege Management vulnerability in Microsoft products Windows Storage Elevation of Privilege Vulnerability | 7.8 |
| 2024-03-12 | CVE-2024-21407 | Unspecified vulnerability in Microsoft products Windows Hyper-V Remote Code Execution Vulnerability | 8.1 |
| 2024-03-12 | CVE-2024-26169 | Unspecified vulnerability in Microsoft products Windows Error Reporting Service Elevation of Privilege Vulnerability | 7.8 |
| 2024-02-14 | CVE-2023-50387 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products Certain DNSSEC aspects of the DNS protocol (in RFC 4033, 4034, 4035, 6840, and related RFCs) allow remote attackers to cause a denial of service (CPU consumption) via one or more DNSSEC responses, aka the "KeyTrap" issue. | 7.5 |
| 2024-02-13 | CVE-2024-21420 | Unspecified vulnerability in Microsoft products Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | 8.8 |