Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

Windows 11

Source -

CNA

CNA CVEs -

3

ADP CVEs -

0

CISA CVEs -

0

NVD CVEs -

0
Related CVEsRelated VendorsRelated AssignersReports
3Vulnerabilities found
CVE-2025-7676
Assigner-Dragos, Inc.
ShareView Details
Assigner-Dragos, Inc.
CVSS Score-5.4||MEDIUM
EPSS-0.02% / 2.46%
||
7 Day CHG~0.00%
Published-28 Jul, 2025 | 16:34
Updated-29 Jul, 2025 | 14:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
DLL hijacking of all PE32 executables on Windows 11 for ARM CPUs

DLL hijacking of all PE32 executables when run on Windows for ARM64 CPU architecture. This allows an attacker to execute code, if the attacker can plant a DLL in the same directory as the executable. Vulnerable versions of Windows 11 for ARM attempt to load Base DLLs that would ordinarily not be loaded from the application directory. Fixed in release 24H2, but present in all earlier versions of Windows 11 for ARM CPUs.

Action-Not Available
Vendor-Microsoft, Inc
Product-Windows 11
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2024-6769
Assigner-Fortra, LLC
ShareView Details
Assigner-Fortra, LLC
CVSS Score-8.4||HIGH
EPSS-25.21% / 95.97%
||
7 Day CHG~0.00%
Published-26 Sep, 2024 | 20:18
Updated-02 Oct, 2024 | 17:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Medium to High Integrity Privilege Escalation in Microsoft Windows

A DLL Hijacking caused by drive remapping combined with a poisoning of the activation cache in Microsoft Windows 10, Windows 11, Windows Server 2016, Windows Server 2019, and Windows Server 2022 allows a malicious authenticated attacker to elevate from a medium integrity process to a high integrity process without the intervention of a UAC prompt.

Action-Not Available
Vendor-Microsoft Corporation
Product-Windows Server 2022Windows 10Windows Server 2019Windows 11Windows Server 2016windows_server_2016windows_11windows_10windows_server_2022windows_server_2019
CWE ID-CWE-426
Untrusted Search Path
CVE-2024-6768
Assigner-Fortra, LLC
ShareView Details
Assigner-Fortra, LLC
CVSS Score-6.8||MEDIUM
EPSS-27.36% / 96.22%
||
7 Day CHG~0.00%
Published-12 Aug, 2024 | 18:29
Updated-13 Aug, 2024 | 14:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Denial of Service in CLFS.sys

A Denial of Service in CLFS.sys in Microsoft Windows 10, Windows 11, Windows Server 2016, Windows Server 2019, and Windows Server 2022 allows a malicious authenticated low-privilege user to cause a Blue Screen of Death via a forced call to the KeBugCheckEx function.

Action-Not Available
Vendor-Microsoft Corporation
Product-Windows Server 2022Windows 10Windows Server 2019Windows 11Windows Server 2016
CWE ID-CWE-1284
Improper Validation of Specified Quantity in Input