CVSS: 7.0EPSS: 0%CPEs: 23EXPL: 6CVE-2025-32462 – sudo: LPE via host option
https://notcve.org/view.php?id=CVE-2025-32462
30 Jun 2025 — Sudo before 1.9.17p1, when used with a sudoers file that specifies a host that is neither the current host nor ALL, allows listed users to execute commands on unintended machines. A privilege escalation vulnerability was found in Sudo. In certain configurations, unauthorized users can gain elevated system privileges via the Sudo host option (`-h` or `--host`). When using the default sudo security policy plugin (sudoers), the host option is intended to be used in conjunction with the list option (`-l` or `--... • https://github.com/CryingN/CVE-2025-32462 • CWE-863: Incorrect Authorization •
CVSS: 7.5EPSS: 0%CPEs: 31EXPL: 0CVE-2025-6430 – firefox: thunderbird: Content-Disposition header ignored when a file is included in an embed or object tag
https://notcve.org/view.php?id=CVE-2025-6430
24 Jun 2025 — When a file download is specified via the `Content-Disposition` header, that directive would be ignored if the file was included via a `<embed>` or `<object>` tag, potentially making a website vulnerable to a cross-site scripting attack. This vulnerability affects Firefox < 140 and Firefox ESR < 128.12. A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: When a file download is specified via the Content-Disposition header, that d... • https://bugzilla.mozilla.org/show_bug.cgi?id=1971140 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.8EPSS: 0%CPEs: 31EXPL: 0CVE-2025-6429 – firefox: thunderbird: Incorrect parsing of URLs could have allowed embedding of youtube.com
https://notcve.org/view.php?id=CVE-2025-6429
24 Jun 2025 — Firefox could have incorrectly parsed a URL and rewritten it to the youtube.com domain when parsing the URL specified in an `embed` tag. This could have bypassed website security checks that restricted which domains users were allowed to embed. This vulnerability affects Firefox < 140 and Firefox ESR < 128.12. A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Firefox could have incorrectly parsed a URL and rewritten it to the youtube.com d... • https://bugzilla.mozilla.org/show_bug.cgi?id=1970658 • CWE-116: Improper Encoding or Escaping of Output CWE-706: Use of Incorrectly-Resolved Name or Reference •
CVSS: 6.4EPSS: 0%CPEs: 31EXPL: 0CVE-2025-6425 – firefox: thunderbird: The WebCompat WebExtension shipped with Firefox exposed a persistent UUID
https://notcve.org/view.php?id=CVE-2025-6425
24 Jun 2025 — An attacker who enumerated resources from the WebCompat extension could have obtained a persistent UUID that identified the browser, and persisted between containers and normal/private browsing mode, but not profiles. This vulnerability affects Firefox < 140, Firefox ESR < 115.25, and Firefox ESR < 128.12. An attacker who enumerated resources from the WebCompat extension could have obtained a persistent UUID that identified the browser, and persisted between containers and normal/private browsing mode, but ... • https://bugzilla.mozilla.org/show_bug.cgi?id=1717672 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2025-6020 – Linux-pam: linux-pam directory traversal
https://notcve.org/view.php?id=CVE-2025-6020
17 Jun 2025 — A flaw was found in linux-pam. The module pam_namespace may use access user-controlled paths without proper protection, allowing local users to elevate their privileges to root via multiple symlink attacks and race conditions. Olivier BAL-PETRE discovered that the PAM pam_namespace module incorrectly handled user-controlled paths. In environments where pam_namespace is used, a local attacker could possibly use this issue to escalate their privileges to root. • https://access.redhat.com/security/cve/CVE-2025-6020 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 6.2EPSS: 0%CPEs: 35EXPL: 0CVE-2025-49175 – Xorg-x11-server-xwayland: xorg-x11-server: tigervnc: out-of-bounds read in x rendering extension animated cursors
https://notcve.org/view.php?id=CVE-2025-49175
17 Jun 2025 — A flaw was found in the X Rendering extension's handling of animated cursors. If a client provides no cursors, the server assumes at least one is present, leading to an out-of-bounds read and potential crash. USN-7573-1 fixed several vulnerabilities in X.Org. This update provides the corresponding update for Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. Nils Emmerich discovered that the X.Org X Server incorrectly handled certain memory operations. • https://access.redhat.com/security/cve/CVE-2025-49175 • CWE-125: Out-of-bounds Read •
CVSS: 7.3EPSS: 0%CPEs: 35EXPL: 0CVE-2025-49176 – Xorg-x11-server-xwayland: xorg-x11-server: tigervnc: integer overflow in big requests extension
https://notcve.org/view.php?id=CVE-2025-49176
17 Jun 2025 — A flaw was found in the Big Requests extension. The request length is multiplied by 4 before checking against the maximum allowed size, potentially causing an integer overflow and bypassing the size check. This update for xorg-x11-server fixes the following issues. Out-of-bounds access in X Rendering extension (Animated cursors). Integer overflow in Big Requests Extension. • https://access.redhat.com/security/cve/CVE-2025-49176 • CWE-190: Integer Overflow or Wraparound •
CVSS: 5.5EPSS: 0%CPEs: 35EXPL: 0CVE-2025-49178 – Xorg-x11-server-xwayland: xorg-x11-server: tigervnc: unprocessed client request due to bytes to ignore
https://notcve.org/view.php?id=CVE-2025-49178
17 Jun 2025 — A flaw was found in the X server's request handling. Non-zero 'bytes to ignore' in a client's request can cause the server to skip processing another client's request, potentially leading to a denial of service. This update for xorg-x11-server fixes the following issues. Out-of-bounds access in X Rendering extension (Animated cursors). Integer overflow in Big Requests Extension. • https://access.redhat.com/security/cve/CVE-2025-49178 • CWE-667: Improper Locking •
CVSS: 7.3EPSS: 0%CPEs: 34EXPL: 0CVE-2025-49179 – Xorg-x11-server-xwayland: xorg-x11-server: tigervnc: integer overflow in x record extension
https://notcve.org/view.php?id=CVE-2025-49179
17 Jun 2025 — A flaw was found in the X Record extension. The RecordSanityCheckRegisterClients function does not check for an integer overflow when computing request length, which allows a client to bypass length checks. This update for xorg-x11-server fixes the following issues. Out-of-bounds access in X Rendering extension (Animated cursors). Integer overflow in Big Requests Extension. • https://access.redhat.com/security/cve/CVE-2025-49179 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 35EXPL: 0CVE-2025-49180 – Xorg-x11-server-xwayland: xorg-x11-server: tigervnc: integer overflow in x resize, rotate and reflect (randr) extension
https://notcve.org/view.php?id=CVE-2025-49180
17 Jun 2025 — A flaw was found in the RandR extension, where the RRChangeProviderProperty function does not properly validate input. This issue leads to an integer overflow when computing the total size to allocate. USN-7573-1 fixed several vulnerabilities in X.Org. This update provides the corresponding update for Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. Nils Emmerich discovered that the X.Org X Server incorrectly handled certain memory operations. • https://access.redhat.com/security/cve/CVE-2025-49180 • CWE-190: Integer Overflow or Wraparound •