CVSS: 3.1EPSS: 0%CPEs: 3EXPL: 0CVE-2025-12817 – PostgreSQL CREATE STATISTICS does not check for schema CREATE privilege
https://notcve.org/view.php?id=CVE-2025-12817
13 Nov 2025 — Missing authorization in PostgreSQL CREATE STATISTICS command allows a table owner to achieve denial of service against other CREATE STATISTICS users by creating in any schema. A later CREATE STATISTICS for the same name, from a user having the CREATE privilege, would then fail. Versions before PostgreSQL 18.1, 17.7, 16.11, 15.15, 14.20, and 13.23 are affected. Jelte Fennema-Nio discovered that the PostgreSQL CREATE STATISTICS command did not correctly check for schema CREATE privileges. An authenticated at... • https://www.postgresql.org/support/security/CVE-2025-12817 • CWE-862: Missing Authorization •
CVSS: 8.6EPSS: 0%CPEs: 4EXPL: 0CVE-2025-64512 – pdfminer.six vulnerable to Arbitrary Code Execution via Crafted PDF Input
https://notcve.org/view.php?id=CVE-2025-64512
10 Nov 2025 — Pdfminer.six is a community maintained fork of the original PDFMiner, a tool for extracting information from PDF documents. Prior to version 20251107, pdfminer.six will execute arbitrary code from a malicious pickle file if provided with a malicious PDF file. The `CMapDB._load_data()` function in pdfminer.six uses `pickle.loads()` to deserialize pickle files. These pickle files are supposed to be part of the pdfminer.six distribution stored in the `cmap/` directory, but a malicious PDF can specify an altern... • https://github.com/pdfminer/pdfminer.six/commit/b808ee05dd7f0c8ea8ec34bdf394d40e63501086 • CWE-502: Deserialization of Untrusted Data •
CVSS: 6.4EPSS: 0%CPEs: 2EXPL: 0CVE-2025-24934 – SO_REUSEPORT_LB breaks connect(2) for UDP sockets
https://notcve.org/view.php?id=CVE-2025-24934
22 Oct 2025 — Software which sets SO_REUSEPORT_LB on a socket and then connects it to a host will not directly observe any problems. However, due to its membership in a load-balancing group, that socket will receive packets originating from any host. This breaks the contract of the connect(2) and implied connect via sendto(2), and may leave the application vulnerable to spoofing attacks. The kernel failed to check the connection state of sockets when adding them to load-balancing groups. Furthermore, when looking up the ... • https://security.freebsd.org/advisories/FreeBSD-SA-25:09.netinet.asc • CWE-488: Exposure of Data Element to Wrong Session •
CVSS: 8.5EPSS: 0%CPEs: 2EXPL: 0CVE-2025-62506 – MinIO vulnerable to privilege escalation via session policy bypass in service accounts and STS
https://notcve.org/view.php?id=CVE-2025-62506
16 Oct 2025 — MinIO is a high-performance object storage system. In all versions prior to RELEASE.2025-10-15T17-29-55Z, a privilege escalation vulnerability allows service accounts and STS (Security Token Service) accounts with restricted session policies to bypass their inline policy restrictions when performing operations on their own account, specifically when creating new service accounts for the same user. The vulnerability exists in the IAM policy validation logic where the code incorrectly relied on the DenyOnly a... • https://github.com/minio/minio/commit/c1a49490c78e9c3ebcad86ba0662319138ace190 • CWE-863: Incorrect Authorization •
CVSS: 10.0EPSS: 0%CPEs: 4EXPL: 0CVE-2025-8715 – PostgreSQL pg_dump newline in object name executes arbitrary code in psql client and in restore target server
https://notcve.org/view.php?id=CVE-2025-8715
14 Aug 2025 — Improper neutralization of newlines in pg_dump in PostgreSQL allows a user of the origin server to inject arbitrary code for restore-time execution as the client operating system account running psql to restore the dump, via psql meta-commands inside a purpose-crafted object name. The same attacks can achieve SQL injection as a superuser of the restore target server. pg_dumpall, pg_restore, and pg_upgrade are also affected. Versions before PostgreSQL 17.6, 16.10, 15.14, 14.19, and 13.22 are affected. Versio... • https://www.postgresql.org/support/security/CVE-2025-8715 • CWE-93: Improper Neutralization of CRLF Sequences ('CRLF Injection') •
CVSS: 10.0EPSS: 0%CPEs: 4EXPL: 0CVE-2025-8714 – PostgreSQL pg_dump lets superuser of origin server execute arbitrary code in psql client
https://notcve.org/view.php?id=CVE-2025-8714
14 Aug 2025 — Untrusted data inclusion in pg_dump in PostgreSQL allows a malicious superuser of the origin server to inject arbitrary code for restore-time execution as the client operating system account running psql to restore the dump, via psql meta-commands. pg_dumpall is also affected. pg_restore is affected when used to generate a plain-format dump. This is similar to MySQL CVE-2024-21096. Versions before PostgreSQL 17.6, 16.10, 15.14, 14.19, and 13.22 are affected. La inclusión de datos no confiables en pg_dump en... • https://www.postgresql.org/support/security/CVE-2025-8714 • CWE-829: Inclusion of Functionality from Untrusted Control Sphere •
CVSS: 3.1EPSS: 0%CPEs: 2EXPL: 0CVE-2025-8713 – PostgreSQL optimizer statistics can expose sampled data within a view, partition, or child table
https://notcve.org/view.php?id=CVE-2025-8713
14 Aug 2025 — PostgreSQL optimizer statistics allow a user to read sampled data within a view that the user cannot access. Separately, statistics allow a user to read sampled data that a row security policy intended to hide. PostgreSQL maintains statistics for tables by sampling data available in columns; this data is consulted during the query planning process. Prior to this release, a user could craft a leaky operator that bypassed view access control lists (ACLs) and bypassed row security policies in partitioning or t... • https://www.postgresql.org/support/security/CVE-2025-8713 • CWE-1230: Exposure of Sensitive Information Through Metadata •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2025-54090 – Apache HTTP Server: 'RewriteCond expr' always evaluates to true in 2.4.64
https://notcve.org/view.php?id=CVE-2025-54090
23 Jul 2025 — A bug in Apache HTTP Server 2.4.64 results in all "RewriteCond expr ..." tests evaluating as "true". Users are recommended to upgrade to version 2.4.65, which fixes the issue. These are all security issues fixed in the apache2-2.4.65-1.1 package on the GA media of openSUSE Tumbleweed. • https://httpd.apache.org/security/vulnerabilities_24.html • CWE-253: Incorrect Check of Function Return Value •
CVSS: 10.0EPSS: 0%CPEs: 33EXPL: 0CVE-2025-8035 – Memory safety bugs fixed in Firefox ESR 128.13, Thunderbird ESR 128.13, Firefox ESR 140.1, Thunderbird ESR 140.1, Firefox 141 and Thunderbird 141
https://notcve.org/view.php?id=CVE-2025-8035
22 Jul 2025 — Memory safety bugs present in Firefox ESR 128.12, Thunderbird ESR 128.12, Firefox ESR 140.0, Thunderbird ESR 140.0, Firefox 140 and Thunderbird 140. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 141, Firefox ESR < 128.13, Firefox ESR < 140.1, Thunderbird < 141, Thunderbird < 128.13, and Thunderbird < 140.1. A flaw was found in Firefox and Thunderbird. The Mozil... • https://bugzilla.mozilla.org/buglist.cgi?bug_id=1975961%2C1975961%2C1975961 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 0%CPEs: 19EXPL: 0CVE-2025-8040 – Memory safety bugs fixed in Firefox ESR 140.1, Thunderbird ESR 140.1, Firefox 141 and Thunderbird 141
https://notcve.org/view.php?id=CVE-2025-8040
22 Jul 2025 — Memory safety bugs present in Firefox ESR 140.0, Thunderbird ESR 140.0, Firefox 140 and Thunderbird 140. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 141, Firefox ESR < 140.1, Thunderbird < 141, and Thunderbird < 140.1. These are all security issues fixed in the MozillaThunderbird-140.1.0-1.1 package on the GA media of openSUSE Tumbleweed. • https://bugzilla.mozilla.org/buglist.cgi?bug_id=1975058%2C1975058%2C1975998%2C1975998 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •