CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2025-50817
https://notcve.org/view.php?id=CVE-2025-50817
14 Aug 2025 — A vulnerability in the Python-Future 1.0.0 module allows for arbitrary code execution via the unintended import of a file named test.py. When the module is loaded, it automatically imports test.py, if present in the same directory or in the sys.path. This behavior can be exploited by an attacker who has the ability to write files to the server, allowing the execution of arbitrary code. • https://pypi.org/project/future • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2025-8941 – Linux-pam: incomplete fix for cve-2025-6020
https://notcve.org/view.php?id=CVE-2025-8941
13 Aug 2025 — A flaw was found in linux-pam. The pam_namespace module may improperly handle user-controlled paths, allowing local users to exploit symlink attacks and race conditions to elevate their privileges to root. This CVE provides a "complete" fix for CVE-2025-6020. • https://access.redhat.com/security/cve/CVE-2025-8941 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 8.2EPSS: 0%CPEs: 2EXPL: 0CVE-2025-55163 – Netty MadeYouReset HTTP/2 DDoS Vulnerability
https://notcve.org/view.php?id=CVE-2025-55163
13 Aug 2025 — Netty is an asynchronous, event-driven network application framework. Prior to versions 4.1.124.Final and 4.2.4.Final, Netty is vulnerable to MadeYouReset DDoS. This is a logical vulnerability in the HTTP/2 protocol, that uses malformed HTTP/2 control frames in order to break the max concurrent streams limit - which results in resource exhaustion and distributed denial of service. This issue has been patched in versions 4.1.124.Final and 4.2.4.Final. A flaw was found in Netty where malformed client requests... • https://github.com/netty/netty/security/advisories/GHSA-prj3-ccx8-p6x4 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-8916 – Possible DOS in processing large name constraint structures in PKIXCertPathReveiwer
https://notcve.org/view.php?id=CVE-2025-8916
13 Aug 2025 — Allocation of Resources Without Limits or Throttling vulnerability in Legion of the Bouncy Castle Inc. Bouncy Castle for Java bcpkix, bcprov, bcpkix-fips on All (API modules) allows Excessive Allocation. This vulnerability is associated with program files https://github.Com/bcgit/bc-java/blob/main/pkix/src/main/java/org/bouncycastle/pkix/jcajce/PKIXCertP... https://github.Com/bcgit/bc-java/blob/main/pkix/src/main/java/org/bouncycastle/pkix/jcajce/PKIXCertPathReviewer.java , https://github.Com/bcgit/bc-java/... • https://github.com/bcgit/bc-java/wiki/CVE%E2%80%902025%E2%80%908916 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 0CVE-2025-32086
https://notcve.org/view.php?id=CVE-2025-32086
12 Aug 2025 — Improperly implemented security check for standard in the DDRIO configuration for some Intel(R) Xeon(R) 6 Processors when using Intel(R) SGX or Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via local access. • https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01367.html • CWE-358: Improperly Implemented Security Check for Standard •
CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 0CVE-2025-26403
https://notcve.org/view.php?id=CVE-2025-26403
12 Aug 2025 — Out-of-bounds write in the memory subsystem for some Intel(R) Xeon(R) 6 processors when using Intel(R) SGX or Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via local access. • https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01367.html • CWE-787: Out-of-bounds Write •
CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 0CVE-2025-24305
https://notcve.org/view.php?id=CVE-2025-24305
12 Aug 2025 — Insufficient control flow management in the Alias Checking Trusted Module (ACTM) firmware for some Intel(R) Xeon(R) processors may allow a privileged user to potentially enable escalation of privilege via local access. • https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01313.html • CWE-691: Insufficient Control Flow Management •
CVSS: 7.9EPSS: 0%CPEs: 2EXPL: 0CVE-2025-22889
https://notcve.org/view.php?id=CVE-2025-22889
12 Aug 2025 — Improper handling of overlap between protected memory ranges for some Intel(R) Xeon(R) 6 processor with Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via local access. • https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01311.html • CWE-1260: Improper Handling of Overlap Between Protected Memory Ranges •
CVSS: 7.4EPSS: 0%CPEs: 2EXPL: 0CVE-2025-22840
https://notcve.org/view.php?id=CVE-2025-22840
12 Aug 2025 — Sequence of processor instructions leads to unexpected behavior for some Intel(R) Xeon(R) 6 Scalable processors may allow an authenticated user to potentially enable escalation of privilege via local access • https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01308.html • CWE-1281: Sequence of Processor Instructions Leads to Unexpected Behavior •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2025-22839
https://notcve.org/view.php?id=CVE-2025-22839
12 Aug 2025 — Insufficient granularity of access control in the OOB-MSM for some Intel(R) Xeon(R) 6 Scalable processors may allow a privileged user to potentially enable escalation of privilege via adjacent access. • https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01310.html • CWE-1220: Insufficient Granularity of Access Control •