Security Vulnerabilities - CVEs Published In December 2025
Memory Corruption when processing IOCTLs for JPEG data without verification.
CVSS Score
7.8
EPSS Score
0.0
Published
2025-12-18
Memory corruption while processing MFC channel configuration during music playback.
CVSS Score
7.8
EPSS Score
0.0
Published
2025-12-18
Memory corruption while copying packets received from unix clients.
CVSS Score
7.8
EPSS Score
0.0
Published
2025-12-18
Memory corruption while handling IOCTL calls to set mode.
CVSS Score
7.8
EPSS Score
0.0
Published
2025-12-18
Memory corruption while routing GPR packets between user and root when handling large data packet.
CVSS Score
7.8
EPSS Score
0.0
Published
2025-12-18
Information disclosure while processing system calls with invalid parameters.
CVSS Score
6.5
EPSS Score
0.0
Published
2025-12-18
Memory corruption during video playback when video session open fails with time out error.
CVSS Score
7.8
EPSS Score
0.0
Published
2025-12-18
Information disclosure while exposing internal TA-to-TA communication APIs to HLOS
CVSS Score
6.7
EPSS Score
0.0
Published
2025-12-18
CVE-2025-68461
Roundcube Webmail before 1.5.12 and 1.6 before 1.6.12 is prone to a Cross-Site-Scripting (XSS) vulnerability via the animate tag in an SVG document.
Known exploited
CVSS Score
7.2
EPSS Score
0.085
Published
2025-12-18
Roundcube Webmail before 1.5.12 and 1.6 before 1.6.12 is prone to a information disclosure vulnerability in the HTML style sanitizer.
CVSS Score
7.2
EPSS Score
0.001
Published
2025-12-18