mscve - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
NONE	MS:CVE-2025-40272	mm/secretmem: fix use-after-free race in fault handler_MS:CVE-2025-40272 {“lastseen”:”2025-12-08T21:40:01″,”description”:””,”published”:”2025-12-08T01:05:...	N/A	N/A	Dec 8, 2025	MSCVE
NONE	MS:CVE-2025-40275	ALSA: usb-audio: Fix NULL pointer dereference in snd_usb_mixer_controls_badd_MS:CVE-2025-40275 {“lastseen”:”2025-12-08T21:40:01″,”description”:””,”published”:”2025-12-08T01:05:...	N/A	N/A	Dec 8, 2025	MSCVE
NONE	MS:CVE-2025-40285	smb/server: fix possible refcount leak in smb2_sess_setup()_MS:CVE-2025-40285 {“lastseen”:”2025-12-08T21:40:01″,”description”:””,”published”:”2025-12-08T01:05:...	N/A	N/A	Dec 8, 2025	MSCVE
NONE	MS:CVE-2025-40286	smb/server: fix possible memory leak in smb2_read()_MS:CVE-2025-40286 {“lastseen”:”2025-12-08T21:40:01″,”description”:””,”published”:”2025-12-08T01:05:...	N/A	N/A	Dec 8, 2025	MSCVE
NONE	MS:CVE-2025-40283	Bluetooth: btusb: reorder cleanup in btusb_disconnect to avoid UAF_MS:CVE-2025-40283 {“lastseen”:”2025-12-08T21:40:01″,”description”:””,”published”:”2025-12-08T01:05:...	N/A	N/A	Dec 8, 2025	MSCVE
NONE	MS:CVE-2025-40279	net: sched: act_connmark: initialize struct tc_ife to fix kernel leak_MS:CVE-2025-40279 {“lastseen”:”2025-12-08T21:40:01″,”description”:””,”published”:”2025-12-08T01:05:...	N/A	N/A	Dec 8, 2025	MSCVE
NONE	MS:CVE-2025-40282	Bluetooth: 6lowpan: reset link-local header on ipv6 recv path_MS:CVE-2025-40282 {“lastseen”:”2025-12-08T21:40:01″,”description”:””,”published”:”2025-12-08T01:05:...	N/A	N/A	Dec 8, 2025	MSCVE
HIGH 7.5	MS:CVE-2025-65637	A denial-of-service vulnerability exists in github.com/sirupsen/logrus when using Entry.Writer() to log a single-line payload larger than 64KB without newline characters. Due to limitations in the internal bufio.Scanner, the read fails with “token too long” and the writer pipe is closed, leaving Writer() unusable and causing application unavailability (DoS). This affects versions < 1.8.3, 1.9.0, and 1.9.2. The issue is fixed in 1.8.3, 1.9.1, and 1.9.3+, where the input is chunked and the writer continues to function even if an error is logged._MS:CVE-2025-65637 {“lastseen”:”2025-12-07T16:00:22″,”description”:””,”published”:”2025-12-07T01:03:...	N/A	N/A	Dec 7, 2025	MSCVE
MEDIUM 6.5	MS:CVE-2025-65082	Apache HTTP Server: CGI environment variable override_MS:CVE-2025-65082 {“lastseen”:”2025-12-07T16:00:22″,”description”:””,”published”:”2025-12-07T01:03:...	N/A	N/A	Dec 7, 2025	MSCVE
MEDIUM 5.4	MS:CVE-2025-66200	Apache HTTP Server: mod_userdir+suexec bypass via AllowOverride FileInfo_MS:CVE-2025-66200 {“lastseen”:”2025-12-07T16:00:22″,”description”:””,”published”:”2025-12-07T01:03:...	N/A	N/A	Dec 7, 2025	MSCVE