2925 matches found
2025-05 Cumulative Update for Windows 10 Version 1507 for x86-based Systems (KB5058387)
A security issue has been identified in a Microsoft software product that could affect your system. You can help protect your system by installing this update from Microsoft. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article...
2025-05 Dynamic Cumulative Update for Windows 10 Version 22H2 for ARM64-based Systems (KB5058379)
ComponentUpdate: A security issue has been identified in a Microsoft software product that could affect your system. You can help protect your system by installing this update from Microsoft. For a complete listing of the issues that are included in this update, see the associated Microsoft...
May 16, 2025—Hotpatch KB5061258 (OS Build 26100.3983) Out-of-band
None None...
KLA90915 SB vulnerability in Microsoft Visual Studio Code
A security feature bypass vulnerability was found in Microsoft Visual Studio Code. Malicious users can exploit this vulnerability to bypass security restrictions. Original advisories CVE-2025-21264 Exploitation Related products Microsoft-Visual-Studio Visual-Studio-Code Microsoft-Visual-Studio-Co...
KB5058524: Servicing stack update for Windows 10, version 1607 and Server 2016: May 13, 2025
KB5058524: Servicing stack update for Windows 10, version 1607 and Server 2016: May 13, 2025 Support for Windows 10 has ended on October 14, 2025 After October 14, 2025, Microsoft will no longer provide free software updates from Windows Update, technical assistance, or security fixes for Windows...
KB5058527: Servicing stack update for Windows 10: May 13, 2025
KB5058527: Servicing stack update for Windows 10: May 13, 2025 Support for Windows 10 has ended on October 14, 2025 After October 14, 2025, Microsoft will no longer provide free software updates from Windows Update, technical assistance, or security fixes for Windows 10. Your PC will still work,...
About Elevation of Privilege – Windows Process Activation (CVE-2025-21204) vulnerability
About Elevation of Privilege - Windows Process Activation CVE-2025-21204 vulnerability. This vulnerability from the April Microsoft Patch Tuesday was not highlighted by VM vendors in their reviews. It affects the Windows Update Stack component and is related to improper link resolution before fil...
CVE-2025-3224 Elevation of Privilege in Docker Desktop for Windows during Upgrade due to Insecure Directory Deletion
A vulnerability in the update process of Docker Desktop for Windows versions prior to 4.41.0 could allow a local, low-privileged attacker to escalate privileges to SYSTEM. During an update, Docker Desktop attempts to delete files and subdirectories under the path C:\ProgramData\Docker\config with...
LibreOffice Improper Verification of Cryptographic Signature Vulnerability (Apr 2025) - Windows
LibreOffice is prone to an improper verification of cryptographic signature vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE ...
April 25, 2025-KB5056579 Cumulative Update for .NET Framework 3.5 and 4.8.1 for Windows 11, version 24H2
April 25, 2025-KB5056579 Cumulative Update for .NET Framework 3.5 and 4.8.1 for Windows 11, version 24H2 IMPORTANT This update was originally released in the Security and Quality Rollup that’s dated April 22, 2025. This update is included in the Security and Quality Rollup that’s dated July 8,...
PT-2025-17849 · Yt-Dlp +1 · Yt-Dlp +1
Name of the Vulnerable Software and Affected Versions: YoutubeDLSharp versions 1.0.0-beta4 through 1.1.2 Description: The issue is related to an unsafe conversion of arguments, allowing the injection of malicious commands when starting yt-dlp from a command prompt on Windows OS with the...
The vulnerability of the Windows Update Stack component of the Windows operating system, which allows a hacker to increase their privileges
The vulnerability of the Windows Update Stack component of the Windows operating system is related to an incorrect definition of the link before accessing the file. Exploiting this vulnerability can allow an attacker to increase their privileges...
CVE-2025-21204
Improper link resolution before file access 'link following' in Windows Update Stack allows an authorized attacker to elevate privileges locally...
CVE-2025-27475
Sensitive data storage in improperly locked memory in Windows Update Stack allows an authorized attacker to elevate privileges locally...
The vulnerability of the Windows Update Stack component of the Microsoft Windows operating system, which allows a hacker to increase their privileges
The vulnerability of the Windows Update Stack component of the Microsoft Windows operating system is related to the use of unsafe mechanisms for processing authentication data in the operating system’s memory. Exploiting this vulnerability can allow an attacker to increase their privileges...
CVE-2025-27475
Sensitive data storage in improperly locked memory in Windows Update Stack allows an authorized attacker to elevate privileges locally...
CVE-2025-27475
Sensitive data storage in improperly locked memory in Windows Update Stack allows an authorized attacker to elevate privileges locally...
CVE-2025-21204
Improper link resolution before file access 'link following' in Windows Update Stack allows an authorized attacker to elevate privileges locally...
CVE-2025-21204
Improper link resolution before file access 'link following' in Windows Update Stack allows an authorized attacker to elevate privileges locally...
CVE-2025-21204
CVE-2025-21204 affects Windows Update Stack with improper link resolution before file access, enabling local privilege elevation for an authenticated user. Public documentation confirms the vulnerability and that Microsoft released fixes as part of April 2025 updates; patches include OS updates t...