CVE-2025-38063 dm: fix unconditional IO throttle caused by REQ_PREFLUSH
Published December 19, 2025
Information published.
Microsoft Security Response Center Blog Alerts
CVE-2025-37951 drm/v3d: Add job to pending list if the reset was skipped
Published December 19, 2025
Information published.
Chromium: CVE-2025-14766 Use after free in WebGPU
Published December 19, 2025
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024 ) for more information.
Chromium: CVE-2025-14765 Out of bounds read and write in V8
Published December 19, 2025
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024 ) for more information.
CVE-2024-6531 Rejected reason: This was not a security issue in Bootstrap. Bootstrap’s JavaScript is not intended to sanitize unsafe or intentionally dangerous HTML. As such, the reported behavior fell outside the scope of Bootstrap’s security model, and the associated CVE has been rescinded.
Published December 19, 2025
Information published.
CVE-2025-64676 Microsoft Purview eDiscovery Remote Code Execution Vulnerability
Published December 19, 2025
‘…/…//’ in Microsoft Purview allows an authorized attacker to execute code over a network.
CVE-2024-6485 XSS in Bootstrap button component
Published December 19, 2025
Information published.
CVE-2025-37961 ipvs: fix uninit-value for saddr in do_output_route4
Published December 18, 2025
Information published.
CVE-2025-37959 bpf: Scrub packet on bpf_redirect_peer
Published December 18, 2025
Information published.
CVE-2025-65082 Apache HTTP Server: CGI environment variable override
Published December 18, 2025
Information published.
