17 matches found
CVE-2025-21420
Windows Disk Cleanup Tool Elevation of Privilege Vulnerability...
Vulnerabilities fixed in Microsoft Windows
Microsoft has fixed vulnerabilities in Windows. A malicious party can exploit the vulnerabilities to carry out attacks that can lead to the following categories of damage: - Denial-of-Service DoS. - Obtaining elevated privileges - Circumvention of security measure - Spoofing - Execution of...
CVE-2025-21420
Windows Disk Cleanup Tool Elevation of Privilege Vulnerability...
CVE-2025-21420
Windows Disk Cleanup Tool Elevation of Privilege Vulnerability...
CVE-2025-21420
CVE-2025-21420 is evidenced by PoCs showing a Disk Cleanup Tool (cleanmgr.exe) elevation via a DLL sideload approach. The GitHub PoCs demonstrate loading dokan1.dll/dokannp1.dll to trigger arbitrary code paths, with the exploit chain listing SetProcessMitigationPolicy (ProcessRedirectionTrustPoli...
CVE-2025-21420 Windows Disk Cleanup Tool Elevation of Privilege Vulnerability
...
Windows Disk Cleanup Tool Elevation of Privilege Vulnerability
...
PT-2025-6338
Name of the Vulnerable Software and Affected Versions Windows Disk Cleanup Tool affected versions not specified Description A critical issue exists within the Windows Disk Cleanup Tool cleanmgr.exe that allows for privilege escalation to SYSTEM privileges. The flaw involves errors in handling...
kernel: nbd: fix uaf in nbd_open
In the Linux kernel, the following vulnerability has been resolved: nbd: fix uaf in nbdopen Commit 4af5f2e03013 "nbd: use blkmqallocdisk and blkcleanupdisk" cleans up disk by blkcleanupdisk and it won't set disk-privatedata as NULL as before. UAF may be triggered in nbdopen if someone tries to op...
DEBIAN-CVE-2023-52837
In the Linux kernel, the following vulnerability has been resolved: nbd: fix uaf in nbdopen Commit 4af5f2e03013 "nbd: use blkmqallocdisk and blkcleanupdisk" cleans up disk by blkcleanupdisk and it won't set disk-privatedata as NULL as before. UAF may be triggered in nbdopen if someone tries to op...
SUSE CVE-2015-7514
OpenStack Ironic 4.2.0 through 4.2.1 does not "clean" the disk after use, which allows remote authenticated users to obtain sensitive information...
kernel: dm: fix use-after-free in dm_cleanup_zoned_dev()
In the Linux kernel, the following vulnerability has been resolved: dm: fix use-after-free in dmcleanupzoneddev dmcleanupzoneddev uses queue, so it must be called before blkcleanupdisk starts its killing: blkcleanupdisk-blkcleanupqueue-kobjectput-blkreleasequeue-...
Disk Cleanup Wizard addon lets users delete outdated Windows updates on Windows 7 SP1 or Windows Server 2008 R2 SP1
Disk Cleanup Wizard addon lets users delete outdated Windows updates on Windows 7 SP1 or Windows Server 2008 R2 SP1 Introduction This article describes an update for the Disk Cleanup wizard in Windows 7 Service Pack 1 SP1 or in Windows Server 2008 R2 SP1. This update adds a new plugin to the Disk...
Windows Update Cleanup (Tool) for Windows Embedded POSReady 7
Windows Update Cleanup Tool for Windows Embedded POSReady 7 Summary This update enables the Disk Cleanup wizard. After you install this update, you can use the Windows Update Cleanup option to delete Windows updates that you no longer need on Windows Embedded POSReady 7 devices. How to get this...
How to Fix a Mac That’s Running Slow
Every device sooner or later begins to run slower and slower. Even the Mac, which is a highly-efficient Apple product, starts to slow down and becomes a real pain to use over time. If you are a heavy Mac user this is especially true and you are more likely to experience performance issues. There...
August 16, 2017—KB4034661 (OS Build 14393.1613)
August 16, 2017—KB4034661 OS Build 14393.1613 Improvements and fixes This update includes quality improvements. No new operating system features are being introduced in this update. Key changes include: This package contains d3dcompiler47.dll; for more information, read the blog post,HLSL, FXC, a...
UBUNTU-CVE-2015-7514
OpenStack Ironic 4.2.0 through 4.2.1 does not "clean" the disk after use, which allows remote authenticated users to obtain sensitive information...