CVSS: 8.8EPSS: 0%CPEs: 33EXPL: 11CVE-2025-32462 – Sudo 1.9.17 Host Option - Elevation of Privilege
https://notcve.org/view.php?id=CVE-2025-32462
30 Jun 2025 — Sudo before 1.9.17p1, when used with a sudoers file that specifies a host that is neither the current host nor ALL, allows listed users to execute commands on unintended machines. A privilege escalation vulnerability was found in Sudo. In certain configurations, unauthorized users can gain elevated system privileges via the Sudo host option (`-h` or `--host`). When using the default sudo security policy plugin (sudoers), the host option is intended to be used in conjunction with the list option (`-l` or `--... • https://packetstorm.news/files/id/206211 • CWE-863: Incorrect Authorization •
CVSS: 9.3EPSS: 0%CPEs: 16EXPL: 45CVE-2025-32463 – Sudo chroot 1.9.17 - Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2025-32463
30 Jun 2025 — Sudo before 1.9.17p1 allows local users to obtain root access because /etc/nsswitch.conf from a user-controlled directory is used with the --chroot option. A flaw was found in Sudo. This flaw allows a local attacker to escalate their privileges by tricking Sudo into loading an arbitrary shared library using the user-specified root directory via the `-R` (`--chroot`) option. An attacker can run arbitrary commands as root on systems that support `/etc/nsswitch.conf`. Rich Mirch discovered that Sudo incorrectl... • https://packetstorm.news/files/id/206210 • CWE-427: Uncontrolled Search Path Element CWE-829: Inclusion of Functionality from Untrusted Control Sphere •
CVSS: 8.5EPSS: 0%CPEs: 22EXPL: 0CVE-2025-5318 – Libssh: out-of-bounds read in sftp_handle()
https://notcve.org/view.php?id=CVE-2025-5318
24 Jun 2025 — A flaw was found in the libssh library. An out-of-bounds read can be triggered in the sftp_handle function due to an incorrect comparison check that permits the function to access memory beyond the valid handle list and to return an invalid pointer, which is used in further processing. This vulnerability allows an authenticated remote attacker to potentially read unintended memory regions, exposing sensitive information or affect service behavior. Ronald Crane discovered that libssh incorrectly handled cert... • https://access.redhat.com/security/cve/CVE-2025-5318 • CWE-125: Out-of-bounds Read •
CVSS: 8.1EPSS: 0%CPEs: 12EXPL: 0CVE-2025-47219 – SUSE Security Advisory - SUSE-SU-2025:02058-1
https://notcve.org/view.php?id=CVE-2025-47219
21 Jun 2025 — In GStreamer through 1.26.1, the isomp4 plugin's qtdemux_parse_trak function may read past the end of a heap buffer while parsing an MP4 file, possibly leading to information disclosure. En GStreamer hasta la versión 1.26.1, la función qtdemux_parse_trak del complemento isomp4 puede leer más allá del final de un búfer de montón mientras analiza un archivo MP4, lo que posiblemente conduzca a una divulgación de información. This update for gstreamer-plugins-good fixes the following issues. Fixed out-of-bounds... • https://github.com/atredispartners/advisories/blob/master/2025/ATREDIS-2025-0003.md • CWE-125: Out-of-bounds Read •
CVSS: 6.6EPSS: 0%CPEs: 13EXPL: 0CVE-2025-47183 – SUSE Security Advisory - SUSE-SU-2025:02058-1
https://notcve.org/view.php?id=CVE-2025-47183
21 Jun 2025 — In GStreamer through 1.26.1, the isomp4 plugin's qtdemux_parse_tree function may read past the end of a heap buffer while parsing an MP4 file, leading to information disclosure. En GStreamer hasta la versión 1.26.1, la función qtdemux_parse_tree del complemento isomp4 puede leer más allá del final de un búfer de montón mientras analiza un archivo MP4, lo que provoca la divulgación de información. This update for gstreamer-plugins-good fixes the following issues. Fixed out-of-bounds read in MOV/MP4 demuxer. ... • https://github.com/atredispartners/advisories/blob/master/2025/ATREDIS-2025-0003.md • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 16EXPL: 5CVE-2025-6018 – Pam-config: lpe from unprivileged to allow_active in pam
https://notcve.org/view.php?id=CVE-2025-6018
18 Jun 2025 — A Local Privilege Escalation (LPE) vulnerability has been discovered in pam-config within Linux Pluggable Authentication Modules (PAM). This flaw allows an unprivileged local attacker (for example, a user logged in via SSH) to obtain the elevated privileges normally reserved for a physically present, "allow_active" user. The highest risk is that the attacker can then perform all allow_active yes Polkit actions, which are typically restricted to console users, potentially gaining unauthorized control over sy... • https://packetstorm.news/files/id/207433 • CWE-863: Incorrect Authorization •
CVSS: 3.3EPSS: 0%CPEs: 13EXPL: 0CVE-2025-6199 – Gdk-pixbuf: uninitialized memory disclosure in gdkpixbuf gif lzw decoder
https://notcve.org/view.php?id=CVE-2025-6199
17 Jun 2025 — A flaw was found in the GIF parser of GdkPixbuf’s LZW decoder. When an invalid symbol is encountered during decompression, the decoder sets the reported output size to the full buffer length rather than the actual number of written bytes. This logic error results in uninitialized sections of the buffer being included in the output, potentially leaking arbitrary memory contents in the processed image. It was discovered that GDK-Pixbuf incorrectly handled certain GIF files. An attacker could possibly use this... • https://access.redhat.com/security/cve/CVE-2025-6199 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 0%CPEs: 35EXPL: 0CVE-2025-49178 – Xorg-x11-server-xwayland: xorg-x11-server: tigervnc: unprocessed client request due to bytes to ignore
https://notcve.org/view.php?id=CVE-2025-49178
17 Jun 2025 — A flaw was found in the X server's request handling. Non-zero 'bytes to ignore' in a client's request can cause the server to skip processing another client's request, potentially leading to a denial of service. This update for xorg-x11-server fixes the following issues. Out-of-bounds access in X Rendering extension (Animated cursors). Integer overflow in Big Requests Extension. • https://access.redhat.com/security/cve/CVE-2025-49178 • CWE-667: Improper Locking •
CVSS: 6.2EPSS: 0%CPEs: 35EXPL: 0CVE-2025-49175 – Xorg-x11-server-xwayland: xorg-x11-server: tigervnc: out-of-bounds read in x rendering extension animated cursors
https://notcve.org/view.php?id=CVE-2025-49175
17 Jun 2025 — A flaw was found in the X Rendering extension's handling of animated cursors. If a client provides no cursors, the server assumes at least one is present, leading to an out-of-bounds read and potential crash. USN-7573-1 fixed several vulnerabilities in X.Org. This update provides the corresponding update for Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. Nils Emmerich discovered that the X.Org X Server incorrectly handled certain memory operations. • https://access.redhat.com/security/cve/CVE-2025-49175 • CWE-125: Out-of-bounds Read •
CVSS: 7.3EPSS: 0%CPEs: 35EXPL: 0CVE-2025-49176 – Xorg-x11-server-xwayland: xorg-x11-server: tigervnc: integer overflow in big requests extension
https://notcve.org/view.php?id=CVE-2025-49176
17 Jun 2025 — A flaw was found in the Big Requests extension. The request length is multiplied by 4 before checking against the maximum allowed size, potentially causing an integer overflow and bypassing the size check. This update for xorg-x11-server fixes the following issues. Out-of-bounds access in X Rendering extension (Animated cursors). Integer overflow in Big Requests Extension. • https://access.redhat.com/security/cve/CVE-2025-49176 • CWE-190: Integer Overflow or Wraparound •