CVE-2025-11933 DoS Vulnerability in wolfSSL TLS 1.3 CKS Extension
Published December 11, 2025
Information published.
Microsoft Security Response Center Blog Alerts
CVE-2025-11934 Improper Validation of Signature Algorithm Used in TLS 1.3 CertificateVerify
Published December 11, 2025
Information published.
CVE-2025-46818 Redis: Authenticated users can execute LUA scripts as a different user
Published December 11, 2025
Information published.
CVE-2025-40334 drm/amdgpu: validate userq buffer virtual address and size
Published December 11, 2025
Information published.
CVE-2025-40338 ASoC: Intel: avs: Do not share the name pointer between components
Published December 11, 2025
Information published.
CVE-2025-59516 Windows Storage VSP Driver Elevation of Privilege Vulnerability
Published December 10, 2025
Missing authentication for critical function in Windows Storage VSP Driver allows an authorized attacker to elevate privileges locally.
CVE-2025-62455 Microsoft Message Queuing (MSMQ) Elevation of Privilege Vulnerability
Published December 10, 2025
Improper input validation in Windows Message Queuing allows an authorized attacker to elevate privileges locally.
CVE-2025-62555 Microsoft Word Remote Code Execution Vulnerability
Published December 10, 2025
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
CVE-2025-62550 Azure Monitor Agent Remote Code Execution Vulnerability
Published December 10, 2025
Out-of-bounds write in Azure Monitor Agent allows an authorized attacker to execute code over a network.
CVE-2025-62456 Windows Resilient File System (ReFS) Remote Code Execution Vulnerability
Published December 10, 2025
Heap-based buffer overflow in Windows Resilient File System (ReFS) allows an authorized attacker to execute code over a network.
