July 2025 – Page 14 – TheWindowsUpdate.com

CVE-2025-48386 MITRE: CVE-2025-48386 Git Credential Helper Vulnerability

Posted on July 8, 2025 by Syndicated News — No Comments ↓

[CVE-2025-48386](https://www.cve.org/CVERecord?id=CVE-2025-48386) is regarding a vulnerability in Git where the wincred credential helper uses a static buffer (`target`) as a unique key for storing and comparing against internal storage. This credentia… Continue reading CVE-2025-48386 MITRE: CVE-2025-48386 Git Credential Helper Vulnerability→

CVE-2025-48820 Windows AppX Deployment Service Elevation of Privilege Vulnerability

Posted on July 8, 2025 by Syndicated News — No Comments ↓

Improper link resolution before file access (‘link following’) in Windows AppX Deployment Service allows an authorized attacker to elevate privileges locally. Continue reading CVE-2025-48820 Windows AppX Deployment Service Elevation of Privilege Vulnerability→

CVE-2025-48385 MITRE: CVE-2025-48385 Git Protocol Injection Vulnerability

Posted on July 8, 2025 by Syndicated News — No Comments ↓

[CVE-2025-48385](https://www.cve.org/CVERecord?id=CVE-2025-48385) is regarding a vulnerability in Git where when cloning a repository Git knows to optionally fetch a bundle advertised by the remote server, which allows the server-side to offload parts … Continue reading CVE-2025-48385 MITRE: CVE-2025-48385 Git Protocol Injection Vulnerability→

CVE-2025-48818 BitLocker Security Feature Bypass Vulnerability

Posted on July 8, 2025 by Syndicated News — No Comments ↓

Time-of-check time-of-use (toctou) race condition in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack. Continue reading CVE-2025-48818 BitLocker Security Feature Bypass Vulnerability→

CVE-2025-48384 MITRE: CVE-2025-48384 Git Symlink Vulnerability

Posted on July 8, 2025 by Syndicated News — No Comments ↓

[CVE-2025-48384](https://www.cve.org/CVERecord?id=CVE-2025-48384) is regarding a vulnerability in Git where when reading a config value, Git strips any trailing carriage return and line feed (CRLF). When writing a config entry, values with a trailing C… Continue reading CVE-2025-48384 MITRE: CVE-2025-48384 Git Symlink Vulnerability→

CVE-2025-48816 HID Class Driver Elevation of Privilege Vulnerability

Posted on July 8, 2025 by Syndicated News — No Comments ↓

Integer overflow or wraparound in HID class driver allows an authorized attacker to elevate privileges locally. Continue reading CVE-2025-48816 HID Class Driver Elevation of Privilege Vulnerability→

CVE-2025-46835 MITRE: CVE-2025-46835 Git File Overwrite Vulnerability

Posted on July 8, 2025 by Syndicated News — No Comments ↓

[CVE-2025-46835](https://www.cve.org/CVERecord?id=CVE-2025-46835) is regarding a vulnerability in Git GUI where when a user clones an untrusted repository and is tricked into editing a file located in a maliciously named directory in the repository, th… Continue reading CVE-2025-46835 MITRE: CVE-2025-46835 Git File Overwrite Vulnerability→

CVE-2025-48814 Remote Desktop Licensing Service Security Feature Bypass Vulnerability

Posted on July 8, 2025 by Syndicated News — No Comments ↓

Missing authentication for critical function in Windows Remote Desktop Licensing Service allows an unauthorized attacker to bypass a security feature over a network. Continue reading CVE-2025-48814 Remote Desktop Licensing Service Security Feature Bypass Vulnerability→