Microsoft Patch Tuesday for December 2025 — Snort rules and prominent vulnerabilities

The Patch Tuesday for December of 2025 includes 57 vulnerabilities, including two that Microsoft marked as "critical." The remaining vulnerabilities listed are classified as "important." Microsoft assessed that exploitation of the two "critical" vulnerabilities is "less likely." CVE ‑2025‑62562 i...

CVE-2025-60715

Heap-based buffer overflow in Windows Routing and Remote Access Service RRAS allows an authorized attacker to execute code over a network...

EUVD-2025-93422

Heap-based buffer overflow in Windows Routing and Remote Access Service RRAS allows an authorized attacker to execute code over a network...

EUVD-2025-20569

Malicious code in bioql PyPI...

EUVD-2024-40320

Malicious code in bioql PyPI...

EUVD-2024-40305

Malicious code in bioql PyPI...

CVE-2025-54097

Out-of-bounds read in Windows Routing and Remote Access Service RRAS allows an unauthorized attacker to disclose information over a network...

CVE-2025-53806

Buffer over-read in Windows Routing and Remote Access Service RRAS allows an unauthorized attacker to disclose information over a network...

PT-2025-36819

Name of the Vulnerable Software and Affected Versions: Windows Routing and Remote Access Service RRAS affected versions not specified Description: A buffer over-read in the Windows Routing and Remote Access Service RRAS can allow an unauthorized attacker to disclose information over a network. Th...

CVE-2025-50156

Use of uninitialized resource in Windows Routing and Remote Access Service RRAS allows an authorized attacker to disclose information over a network...

CVE-2025-53138

Use of uninitialized resource in Windows Routing and Remote Access Service RRAS allows an authorized attacker to disclose information over a network...

CVE-2025-53720 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

...

CVE-2025-50164 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

...

CVE-2025-49757 Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

...

Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability

Use of uninitialized resource in Windows Routing and Remote Access Service RRAS allows an authorized attacker to disclose information over a network...

PT-2025-32786 · Microsoft · Windows Nt Rras +1

Name of the Vulnerable Software and Affected Versions: Windows Routing and Remote Access Service RRAS affected versions not specified Description: A heap-based buffer overflow exists in the Windows Routing and Remote Access Service RRAS. This issue allows an unauthorized attacker to execute code...

Microsoft Windows Routing and Remote Access Service 安全漏洞

Microsoft Windows Routing and Remote Access Service is a network service from Microsoft Corporation USA that is used to implement features such as network routing, virtual private networks VPNs, and dial-up connections. A security vulnerability exists in Microsoft Windows Routing and Remote Acces...

The vulnerability of the Windows RRAS operating system’s routing and remote access service allows a hacker to disclose protected information.

The vulnerability of the Windows RRAS operating system’s routing and remote access service is related to buffer overflow in dynamic memory. Exploiting this vulnerability can allow a malicious actor to disclose sensitive information...

CVE-2025-49670

Heap-based buffer overflow in Windows Routing and Remote Access Service RRAS allows an unauthorized attacker to execute code over a network...

CVE-2025-49672

Heap-based buffer overflow in Windows Routing and Remote Access Service RRAS allows an unauthorized attacker to execute code over a network...