Protecting Privacy Build Trust

Protecting Privacy Build Trust

Protecting Privacy Build Trust

CyberSecurity

on December 9, 2025 at 8:00 am — CVE-2025-62456 Windows Resilient File System (ReFS) Remote Code Execution Vulnerability

Leave a Comment / Threats & Vulnerabilities / Privacy Trust

Heap-based buffer overflow in Windows Resilient File System (ReFS) allows an authorized attacker to execute code over a network.

on December 9, 2025 at 8:00 am — CVE-2025-62456 Windows Resilient File System (ReFS) Remote Code Execution Vulnerability Read More »

on December 9, 2025 at 8:00 am — CVE-2025-62457 Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability

Leave a Comment / Threats & Vulnerabilities / Privacy Trust

Out-of-bounds read in Windows Cloud Files Mini Filter Driver allows an authorized attacker to elevate privileges locally.

on December 9, 2025 at 8:00 am — CVE-2025-62457 Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability Read More »

on December 9, 2025 at 1:37 am — CVE-2025-66221 Werkzeug safe_join() allows Windows special device names

Leave a Comment / Threats & Vulnerabilities / Privacy Trust

Information published.

on December 9, 2025 at 1:37 am — CVE-2025-66221 Werkzeug safe_join() allows Windows special device names Read More »

on December 9, 2025 at 1:36 am — CVE-2025-12638 Path Traversal Vulnerability in keras-team/keras via Tar Archive Extraction in keras.utils.get_file()

Leave a Comment / Threats & Vulnerabilities / Privacy Trust

Information published.

on December 9, 2025 at 1:36 am — CVE-2025-12638 Path Traversal Vulnerability in keras-team/keras via Tar Archive Extraction in keras.utils.get_file() Read More »

on December 8, 2025 at 2:37 pm — CVE-2025-65637 A denial-of-service vulnerability exists in github.com/sirupsen/logrus when using Entry.Writer() to log a single-line payload larger than 64KB without newline characters. Due to limitations in the internal bufio.Scanner, the read fails with “token too long” and the writer pipe is closed, leaving Writer() unusable and causing application unavailability (DoS). This affects versions < 1.8.3, 1.9.0, and 1.9.2. The issue is fixed in 1.8.3, 1.9.1, and 1.9.3+, where the input is chunked and the writer continues to function even if an error is logged.

Leave a Comment / Threats & Vulnerabilities / Privacy Trust

Information published.

on December 8, 2025 at 2:37 pm — CVE-2025-65637 A denial-of-service vulnerability exists in github.com/sirupsen/logrus when using Entry.Writer() to log a single-line payload larger than 64KB without newline characters. Due to limitations in the internal bufio.Scanner, the read fails with “token too long” and the writer pipe is closed, leaving Writer() unusable and causing application unavailability (DoS). This affects versions < 1.8.3, 1.9.0, and 1.9.2. The issue is fixed in 1.8.3, 1.9.1, and 1.9.3+, where the input is chunked and the writer continues to function even if an error is logged. Read More »

on December 8, 2025 at 2:37 pm — CVE-2025-65082 Apache HTTP Server: CGI environment variable override

Leave a Comment / Threats & Vulnerabilities / Privacy Trust

Information published.

on December 8, 2025 at 2:37 pm — CVE-2025-65082 Apache HTTP Server: CGI environment variable override Read More »

on December 8, 2025 at 2:37 pm — CVE-2025-59775 Apache HTTP Server: NTLM Leakage on Windows through UNC SSRF

Leave a Comment / Threats & Vulnerabilities / Privacy Trust

Information published.

on December 8, 2025 at 2:37 pm — CVE-2025-59775 Apache HTTP Server: NTLM Leakage on Windows through UNC SSRF Read More »

on December 8, 2025 at 1:01 am — CVE-2025-40277 drm/vmwgfx: Validate command header size against SVGA_CMD_MAX_DATASIZE

Leave a Comment / Threats & Vulnerabilities / Privacy Trust

Information published.

on December 8, 2025 at 1:01 am — CVE-2025-40277 drm/vmwgfx: Validate command header size against SVGA_CMD_MAX_DATASIZE Read More »

on December 8, 2025 at 2:38 pm — CVE-2025-40287 exfat: fix improper check of dentry.stream.valid_size

Leave a Comment / Threats & Vulnerabilities / Privacy Trust

Information published.

on December 8, 2025 at 2:38 pm — CVE-2025-40287 exfat: fix improper check of dentry.stream.valid_size Read More »

on December 7, 2025 at 1:36 am — CVE-2025-21892 RDMA/mlx5: Fix the recovery flow of the UMR QP

Leave a Comment / Threats & Vulnerabilities / Privacy Trust

Information published.

on December 7, 2025 at 1:36 am — CVE-2025-21892 RDMA/mlx5: Fix the recovery flow of the UMR QP Read More »