CVE-2025-14178 Heap buffer overflow in array_merge()
Published December 30, 2025
Information published.
Microsoft Security Response Center Blog Alerts
CVE-2025-14177 Information Leak of Memory in getimagesize
Published December 30, 2025
Information published.
CVE-2025-68972 In GnuPG through 2.4.8, if a signed message has f at the end of a plaintext line, an adversary can construct a modified message that places additional text after the signed material, such that signature verification of the modified message succeeds (although an "invalid armor" message is printed during verification). This is related to use of f as a marker to denote truncation of a long plaintext line.
Published December 30, 2025
Information published.
CVE-2025-68615 Net-SNMP snmptrapd crash
Published December 30, 2025
Information published.
CVE-2025-13912 Potential non-constant time compiled code with Clang LLVM
Published December 30, 2025
Information published.
CVE-2025-13281 Portworx Half-Blind SSRF in kube-controller-manager
Published December 30, 2025
Information published.
CVE-2023-52970 MariaDB Server 10.4 through 10.5.*, 10.6 through 10.6.*, 10.7 through 10.11.*, 11.0 through 11.0.*, and 11.1 through 11.4.* crashes in Item_direct_view_ref::derived_field_transformer_for_where.
Published December 30, 2025
Information published.
CVE-2025-68973 In GnuPG through 2.4.8, armor_filter in g10/armor.c has two increments of an index variable where one is intended, leading to an out-of-bounds write for crafted input. (For ExtendedLTS, 2.2.51 and later are fixed versions.)
Published December 30, 2025
Information published.
CVE-2025-14180 NULL Pointer Dereference in PDO quoting
Published December 30, 2025
Information published.
CVE-2025-68372 nbd: defer config put in recv_work
Published December 28, 2025
Information published.
