CVE-2025-66382 In libexpat through 2.7.3, a crafted file with an approximate size of 2 MiB can lead to dozens of seconds of processing time.
Published December 22, 2025
Information published.
Microsoft Security Response Center Blog Alerts
CVE-2025-66200 Apache HTTP Server: mod_userdir+suexec bypass via AllowOverride FileInfo
Published December 22, 2025
Information published.
CVE-2025-65637 A denial-of-service vulnerability exists in github.com/sirupsen/logrus when using Entry.Writer() to log a single-line payload larger than 64KB without newline characters.
Published December 22, 2025
Information published.
CVE-2025-12819 Untrusted search path in auth_query connection in PgBouncer
Published December 22, 2025
Information published.
CVE-2025-37932 sch_htb: make htb_qlen_notify() idempotent
Published December 22, 2025
Information published.
CVE-2025-37931 btrfs: adjust subpage bit start based on sectorsize
Published December 22, 2025
Information published.
CVE-2025-68114 Capstone doesn't check vsnprintf return in SStream_concat, allows stack buffer underflow and overflow
Published December 22, 2025
Information published.
CVE-2025-68161 Apache Log4j Core: Missing TLS hostname verification in Socket appender
Published December 22, 2025
Information published.
CVE-2025-59529 simple protocol server ignores accepts unlimited connections and logs failures without limit
Published December 22, 2025
Information published.
CVE-2025-68390 Elasticsearch Allocation of Resources Without Limits or Throttling
Published December 22, 2025
Information published.
