windows_11_23h2

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows TCP/IP allows an unauthorized attacker to execute code over a network....

Published: Apr 14, 2026

Double free in Windows IKE Extension allows an unauthorized attacker to execute code over a network....

Published: Apr 14, 2026

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Win32K - GRFX allows an authorized attacker to elevate privileges locally....

Published: Apr 14, 2026

Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally....

Published: Apr 14, 2026

Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally....

Published: Apr 14, 2026

Use after free in Windows Container Isolation FS Filter Driver allows an authorized attacker to elevate privileges locally....

Published: Apr 14, 2026

Out-of-bounds read in Windows HTTP.sys allows an unauthorized attacker to deny service over a network....

Published: Apr 14, 2026

Protection mechanism failure in Windows Shell allows an unauthorized attacker to bypass a security feature over a network....

Published: Apr 14, 2026

Insertion of sensitive information into log file in Windows Kernel allows an authorized attacker to disclose information locally....

Published: Apr 14, 2026

Insertion of sensitive information into log file in Windows Kernel allows an authorized attacker to disclose information locally....

Published: Apr 14, 2026

Insertion of sensitive information into log file in Windows Kernel allows an authorized attacker to disclose information locally....

Published: Apr 14, 2026

Improper access control in Universal Plug and Play (upnp.dll) allows an authorized attacker to disclose information locally....

Published: Apr 14, 2026

Improper link resolution before file access ('link following') in Universal Plug and Play (upnp.dll) allows an authorized attacker to disclose information locally....

Published: Apr 14, 2026

Improper neutralization of special elements used in a command ('command injection') in Windows Snipping Tool allows an unauthorized attacker to execute code locally....

Published: Apr 14, 2026

Improper privilege management in Microsoft Windows allows an authorized attacker to deny service locally....

Published: Apr 14, 2026

Use after free in Windows User Interface Core allows an authorized attacker to elevate privileges locally....

Published: Apr 14, 2026

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows User Interface Core allows an authorized attacker to elevate privileges locally....

Published: Apr 14, 2026

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows User Interface Core allows an authorized attacker to elevate privileges locally....

Published: Apr 14, 2026

Acceptance of extraneous untrusted data with trusted data in Windows COM allows an unauthorized attacker to elevate privileges locally....

Published: Apr 14, 2026

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Push Notifications allows an authorized attacker to elevate privileges locally....

Published: Apr 14, 2026

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Push Notifications allows an authorized attacker to elevate privileges locally....

Published: Apr 14, 2026

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Push Notifications allows an authorized attacker to elevate privileges locally....

Published: Apr 14, 2026

Use after free in Desktop Window Manager allows an authorized attacker to elevate privileges locally....

Published: Apr 14, 2026

Use after free in Microsoft Windows Speech allows an authorized attacker to elevate privileges locally....

Published: Apr 14, 2026

Exposure of sensitive information to an unauthorized actor in Windows Shell allows an authorized attacker to disclose information over a network....

Published: Apr 14, 2026

Concurrent execution using shared resource with improper synchronization ('race condition') in Function Discovery Service (fdwsd.dll) allows an authorized attacker to elevate privileges locally....

Published: Apr 14, 2026

Improper input validation in Windows Hyper-V allows an authorized attacker to execute code locally....

Published: Apr 14, 2026

Concurrent execution using shared resource with improper synchronization ('race condition') in Function Discovery Service (fdwsd.dll) allows an authorized attacker to elevate privileges locally....

Published: Apr 14, 2026

Concurrent execution using shared resource with improper synchronization ('race condition') in Function Discovery Service (fdwsd.dll) allows an authorized attacker to elevate privileges locally....

Published: Apr 14, 2026

Exposure of sensitive information to an unauthorized actor in Windows Remote Procedure Call allows an authorized attacker to disclose information locally....

Published: Apr 14, 2026

Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an authorized attacker to disclose information locally....

Published: Apr 14, 2026

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SSDP Service allows an authorized attacker to elevate privileges locally....

Published: Apr 14, 2026

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SSDP Service allows an authorized attacker to elevate privileges locally....

Published: Apr 14, 2026

Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an authorized attacker to disclose information locally....

Published: Apr 14, 2026

Exposure of sensitive information to an unauthorized actor in Windows File Explorer allows an authorized attacker to disclose information locally....

Published: Apr 14, 2026

Use after free in Windows Projected File System allows an authorized attacker to elevate privileges locally....

Published: Apr 14, 2026

Untrusted pointer dereference in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges locally....

Published: Apr 14, 2026

Out-of-bounds read in Windows Storage Spaces Controller allows an authorized attacker to elevate privileges locally....

Published: Apr 14, 2026

Use after free in Windows Universal Plug and Play (UPnP) Device Host allows an authorized attacker to elevate privileges locally....

Published: Apr 14, 2026

Double free in Windows Projected File System allows an authorized attacker to elevate privileges locally....

Published: Apr 14, 2026

Use after free in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally....

Published: Apr 14, 2026

Improper authentication in Windows Active Directory allows an unauthorized attacker to perform spoofing locally....

Published: Apr 14, 2026

Null pointer dereference in Windows Local Security Authority Subsystem Service (LSASS) allows an unauthorized attacker to deny service over a network....

Published: Apr 14, 2026

Use after free in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally....

Published: Apr 14, 2026

Double free in Windows Projected File System allows an authorized attacker to elevate privileges locally....

Published: Apr 14, 2026

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows SSDP Service allows an authorized attacker to elevate privileges locally....

Published: Apr 14, 2026

Out-of-bounds read in Windows GDI allows an unauthorized attacker to disclose information locally....

Published: Apr 14, 2026

Out-of-bounds read in Windows GDI allows an unauthorized attacker to disclose information locally....

Published: Apr 14, 2026

Time-of-check time-of-use (toctou) race condition in Windows LUAFV allows an authorized attacker to elevate privileges locally....

Published: Apr 14, 2026

Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Projected File System allows an authorized attacker to elevate privileges locally....

Published: Apr 14, 2026