CVSS: 9.8EPSS: 0%CPEs: 5EXPL: 0CVE-2025-8058
https://notcve.org/view.php?id=CVE-2025-8058
23 Jul 2025 — The regcomp function in the GNU C library version from 2.4 to 2.41 is subject to a double free if some previous allocation fails. It can be accomplished either by a malloc failure or by using an interposed malloc that injects random malloc failures. The double free can allow buffer manipulation depending of how the regex is constructed. This issue affects all architectures and ABIs supported by the GNU C library. • https://sourceware.org/bugzilla/show_bug.cgi?id=33185 • CWE-415: Double Free •
CVSS: 9.4EPSS: 0%CPEs: 28EXPL: 0CVE-2025-49794 – Libxml: heap use after free (uaf) leads to denial of service (dos)
https://notcve.org/view.php?id=CVE-2025-49794
16 Jun 2025 — A use-after-free vulnerability was found in libxml2. This issue occurs when parsing XPath elements under certain circumstances when the XML schematron has the <sch:name path="..."/> schema elements. This flaw allows a malicious actor to craft a malicious XML document used as input for libxml, resulting in the program's crash using libxml or other possible undefined behaviors. These are all security issues fixed in the libxml2-2-2.13.8-2.1 package on the GA media of openSUSE Tumbleweed. • https://access.redhat.com/security/cve/CVE-2025-49794 • CWE-825: Expired Pointer Dereference •
CVSS: 9.4EPSS: 0%CPEs: 27EXPL: 0CVE-2025-49796 – Libxml: type confusion leads to denial of service (dos)
https://notcve.org/view.php?id=CVE-2025-49796
16 Jun 2025 — A vulnerability was found in libxml2. Processing certain sch:name elements from the input XML file can trigger a memory corruption issue. This flaw allows an attacker to craft a malicious XML input file that can lead libxml to crash, resulting in a denial of service or other possible undefined behavior due to sensitive data being corrupted in memory. These are all security issues fixed in the libxml2-2-2.13.8-2.1 package on the GA media of openSUSE Tumbleweed. • https://access.redhat.com/security/cve/CVE-2025-49796 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 31EXPL: 0CVE-2025-6021 – Libxml2: integer overflow in xmlbuildqname() leads to stack buffer overflow in libxml2
https://notcve.org/view.php?id=CVE-2025-6021
12 Jun 2025 — A flaw was found in libxml2's xmlBuildQName function, where integer overflows in buffer size calculations can lead to a stack-based buffer overflow. This issue can result in memory corruption or a denial of service when processing crafted input. An update for libxml2 is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Issues addressed include buffer overflow, denial of service, integer overflow, and use-after-free vulnerabilities. • https://access.redhat.com/security/cve/CVE-2025-6021 • CWE-121: Stack-based Buffer Overflow •
CVSS: 7.1EPSS: 52%CPEs: 31EXPL: 2CVE-2025-26465 – Openssh: machine-in-the-middle attack if verifyhostkeydns is enabled
https://notcve.org/view.php?id=CVE-2025-26465
18 Feb 2025 — A vulnerability was found in OpenSSH when the VerifyHostKeyDNS option is enabled. A machine-in-the-middle attack can be performed by a malicious machine impersonating a legit server. This issue occurs due to how OpenSSH mishandles error codes in specific conditions when verifying the host key. For an attack to be considered successful, the attacker needs to manage to exhaust the client's memory resource first, turning the attack complexity high. ssh(1) contains a logic error that allows an on-path attacker ... • https://github.com/rxerium/CVE-2025-26465 • CWE-390: Detection of Error Condition Without Action •
CVSS: 5.5EPSS: 0%CPEs: 21EXPL: 0CVE-2024-52337 – Tuned: improper sanitization of `instance_name` parameter of the `instance_create()` method
https://notcve.org/view.php?id=CVE-2024-52337
26 Nov 2024 — A log spoofing flaw was found in the Tuned package due to improper sanitization of some API arguments. This flaw allows an attacker to pass a controlled sequence of characters; newlines can be inserted into the log. Instead of the 'evil' the attacker could mimic a valid TuneD log line and trick the administrator. The quotes '' are usually used in TuneD logs citing raw user input, so there will always be the ' character ending the spoofed input, and the administrator can easily overlook this. This logged str... • https://access.redhat.com/errata/RHSA-2024:10381 • CWE-20: Improper Input Validation •
CVSS: 7.4EPSS: 0%CPEs: 13EXPL: 0CVE-2024-10963 – Pam: improper hostname interpretation in pam_access leads to access control bypass
https://notcve.org/view.php?id=CVE-2024-10963
07 Nov 2024 — A vulnerability was found in pam_access due to the improper handling of tokens in access.conf, interpreted as hostnames. This flaw allows attackers to bypass access restrictions by spoofing hostnames, undermining configurations designed to limit access to specific TTYs or services. The flaw poses a risk in environments relying on these configurations for local access control. A flaw was found in pam_access, where certain rules in its configuration file are mistakenly treated as hostnames. This vulnerability... • https://access.redhat.com/security/cve/CVE-2024-10963 • CWE-287: Improper Authentication •
CVSS: 6.9EPSS: 0%CPEs: 29EXPL: 0CVE-2024-50602 – libexpat: expat: DoS via XML_ResumeParser
https://notcve.org/view.php?id=CVE-2024-50602
27 Oct 2024 — An issue was discovered in libexpat before 2.6.4. There is a crash within the XML_ResumeParser function because XML_StopParser can stop/suspend an unstarted parser. A security issue was found in Expat (libexpat). A crash can be triggered in the XML_ResumeParser function due to XML_StopParser's ability to stop or suspend an unstarted parser, which can lead to a denial of service. This update for mozjs115 fixes the following issues. • https://github.com/libexpat/libexpat/pull/915 • CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVSS: 6.8EPSS: 0%CPEs: 15EXPL: 0CVE-2024-23984 – Ubuntu Security Notice USN-7033-1
https://notcve.org/view.php?id=CVE-2024-23984
16 Sep 2024 — Observable discrepancy in RAPL interface for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access. Avraham Shalev and Nagaraju N Kodalapura discovered that some Intel Xeon processors did not properly restrict access to the memory controller when using Intel SGX. This may allow a local privileged attacker to further escalate their privileges. It was discovered that some 4th and 5th Generation Intel Xeon Processors did not properly implement finite... • https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01103.html • CWE-203: Observable Discrepancy •
CVSS: 5.6EPSS: 0%CPEs: 15EXPL: 0CVE-2024-24968 – microcode_ctl: Denial of Service
https://notcve.org/view.php?id=CVE-2024-24968
16 Sep 2024 — Improper finite state machines (FSMs) in hardware logic in some Intel(R) Processors may allow an privileged user to potentially enable a denial of service via local access. A flaw was found in intel Processors. Improper finite state machines (FSMs) in hardware logic in some Intel(R) Processors may allow an privileged user to enable a denial of service via local access. Avraham Shalev and Nagaraju N Kodalapura discovered that some Intel Xeon processors did not properly restrict access to the memory controlle... • https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01097.html • CWE-1245: Improper Finite State Machines (FSMs) in Hardware Logic •