TheWindowsUpdate.com

Deserialization of untrusted data in Azure Monitor Agent allows an authorized attacker to elevate privileges locally. Continue reading CVE-2025-59285 Azure Monitor Agent Elevation of Privilege Vulnerability→

Double free in Windows Bluetooth Service allows an authorized attacker to elevate privileges locally. Continue reading CVE-2025-59289 Windows Bluetooth Service Elevation of Privilege Vulnerability→

Deserialization of untrusted data in Windows Server Update Service allows an unauthorized attacker to execute code over a network. Continue reading CVE-2025-59287 Windows Server Update Service (WSUS) Remote Code Execution Vulnerability→

In IGEL OS before 11, Secure Boot can be bypassed because the igel-flash-driver module improperly verifies a cryptographic signature. Ultimately, a crafted root filesystem can be mounted from an unverified SquashFS image.

MITRE created this CVE on the… Continue reading CVE-2025-47827 MITRE CVE-2025-47827: Secure Boot bypass in IGEL OS before 11→

Improper access control in Azure Connected Machine Agent allows an authorized attacker to elevate privileges locally. Continue reading CVE-2025-47989 Azure Connected Machine Agent Elevation of Privilege Vulnerability→

Exposure of sensitive information to an unauthorized actor in Microsoft Failover Cluster Virtual Driver allows an authorized attacker to disclose information locally. Continue reading CVE-2025-59260 Microsoft Failover Cluster Virtual Driver Information Disclosure Vulnerability→

Improper access control in Windows Remote Access Connection Manager allows an authorized attacker to elevate privileges locally. Continue reading CVE-2025-59230 Windows Remote Access Connection Manager Elevation of Privilege Vulnerability→

Improper access control in Microsoft PowerShell allows an authorized attacker to elevate privileges locally. Continue reading CVE-2025-25004 PowerShell Elevation of Privilege Vulnerability→