CVE-2025-46818 Redis: Authenticated users can execute LUA scripts as a different user
Published December 11, 2025
Information published.
Microsoft Security Response Center Blog Alerts
CVE-2025-40334 drm/amdgpu: validate userq buffer virtual address and size
Published December 11, 2025
Information published.
CVE-2025-40338 ASoC: Intel: avs: Do not share the name pointer between components
Published December 11, 2025
Information published.
CVE-2025-40336 drm/gpusvm: fix hmm_pfn_to_map_order() usage
Published December 11, 2025
Information published.
CVE-2025-62455 Microsoft Message Queuing (MSMQ) Elevation of Privilege Vulnerability
Published December 10, 2025
Improper input validation in Windows Message Queuing allows an authorized attacker to elevate privileges locally.
CVE-2025-62555 Microsoft Word Remote Code Execution Vulnerability
Published December 10, 2025
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
CVE-2025-62550 Azure Monitor Agent Remote Code Execution Vulnerability
Published December 10, 2025
Out-of-bounds write in Azure Monitor Agent allows an authorized attacker to execute code over a network.
CVE-2025-62456 Windows Resilient File System (ReFS) Remote Code Execution Vulnerability
Published December 10, 2025
Heap-based buffer overflow in Windows Resilient File System (ReFS) allows an authorized attacker to execute code over a network.
CVE-2025-62557 Microsoft Office Remote Code Execution Vulnerability
Published December 10, 2025
Use after free in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2025-62464 Windows Projected File System Elevation of Privilege Vulnerability
Published December 10, 2025
Buffer over-read in Windows Projected File System allows an authorized attacker to elevate privileges locally.
