CVSS: 7.8EPSS: 0%CPEs: 35EXPL: 0CVE-2025-49180 – Xorg-x11-server-xwayland: xorg-x11-server: tigervnc: integer overflow in x resize, rotate and reflect (randr) extension
https://notcve.org/view.php?id=CVE-2025-49180
17 Jun 2025 — A flaw was found in the RandR extension, where the RRChangeProviderProperty function does not properly validate input. This issue leads to an integer overflow when computing the total size to allocate. USN-7573-1 fixed several vulnerabilities in X.Org. This update provides the corresponding update for Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. Nils Emmerich discovered that the X.Org X Server incorrectly handled certain memory operations. • https://access.redhat.com/security/cve/CVE-2025-49180 • CWE-190: Integer Overflow or Wraparound •
CVSS: 5.9EPSS: 0%CPEs: 8EXPL: 0CVE-2024-33861
https://notcve.org/view.php?id=CVE-2024-33861
12 Jun 2025 — Please review the referenced CVE identifiers for details. •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-23395 – Local root exploit via `logfile_reopen()` in screen 5.0.0 with setuid-root bit set
https://notcve.org/view.php?id=CVE-2025-23395
26 May 2025 — Screen 5.0.0 when it runs with setuid-root privileges does not drop privileges while operating on a user supplied path. This allows unprivileged users to create files in arbitrary locations with `root` ownership, the invoking user's (real) group ownership and file mode 0644. All data written to the Screen PTY will be logged into this file, allowing to escalate to root privileges • https://bugzilla.suse.com/show_bug.cgi?id=CVE-2025-23395 • CWE-271: Privilege Dropping / Lowering Errors •
CVSS: 6.0EPSS: 0%CPEs: 3EXPL: 0CVE-2025-46802 – Temporary chown() of users' TTY to mode 0666 allows PTY hijacking in screen
https://notcve.org/view.php?id=CVE-2025-46802
26 May 2025 — For a short time they PTY is set to mode 666, allowing any user on the system to connect to the screen session. These are all security issues fixed in the screen-4.9.1-5.1 package on the GA media of openSUSE Tumbleweed. • https://bugzilla.suse.com/show_bug.cgi?id=CVE-2025-46802 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 5.1EPSS: 0%CPEs: 1EXPL: 0CVE-2025-46803 – Screen creates by default world-writable PTYs
https://notcve.org/view.php?id=CVE-2025-46803
26 May 2025 — The default mode of pseudo terminals (PTYs) allocated by Screen was changed from 0620 to 0622, thereby allowing anyone to write to any Screen PTYs in the system. • https://bugzilla.suse.com/show_bug.cgi?id=CVE-2025-46803 • CWE-276: Incorrect Default Permissions •
CVSS: 3.3EPSS: 0%CPEs: 2EXPL: 0CVE-2025-46804 – Screen 5.0.0 and older versions allow file existence tests when installed setuid-root
https://notcve.org/view.php?id=CVE-2025-46804
26 May 2025 — A minor information leak when running Screen with setuid-root privileges allosw unprivileged users to deduce information about a path that would otherwise not be available. Affected are older Screen versions, as well as version 5.0.0. A minor information leak when running Screen with setuid-root privileges allows unprivileged users to deduce information about a path that would otherwise not be available. Affected are older Screen versions, as well as version 5.0.0. • https://bugzilla.suse.com/show_bug.cgi?id=CVE-2025-46804 • CWE-203: Observable Discrepancy •
CVSS: 5.7EPSS: 0%CPEs: 2EXPL: 0CVE-2025-46805 – Screen has a TOCTOU race potentially allowing to send SIGHUP, SIGCONT to privileged processes when installed setuid-root
https://notcve.org/view.php?id=CVE-2025-46805
26 May 2025 — Screen version 5.0.0 and older version 4 releases have a TOCTOU race potentially allowing to send SIGHUP, SIGCONT to privileged processes when installed setuid-root. • https://bugzilla.suse.com/show_bug.cgi?id=CVE-2025-46805 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 10.0EPSS: 0%CPEs: 12EXPL: 1CVE-2025-4919 – Mozilla Firefox SpiderMonkey Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2025-4919
17 May 2025 — An attacker was able to perform an out-of-bounds read or write on a JavaScript object by confusing array index sizes. This vulnerability affects Firefox ESR < 115.23.1. An attacker was able to perform an out-of-bounds read or write on a JavaScript object by confusing array index sizes. This vulnerability affects Firefox < 138.0.4, Firefox ESR < 128.10.1, Firefox ESR < 115.23.1, Thunderbird < 128.10.2, and Thunderbird < 138.0.2. A flaw was found in Firefox and Thunderbird. • https://github.com/HExploited/CVE-2025-4919-Exploit • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 12EXPL: 0CVE-2025-4918 – firefox: thunderbird: Out-of-bounds access when resolving Promise objects
https://notcve.org/view.php?id=CVE-2025-4918
17 May 2025 — An attacker was able to perform an out-of-bounds read or write on a JavaScript `Promise` object. This vulnerability affects Firefox ESR < 115.23.1. An attacker was able to perform an out-of-bounds read or write on a JavaScript `Promise` object. This vulnerability affects Firefox < 138.0.4, Firefox ESR < 128.10.1, Firefox ESR < 115.23.1, Thunderbird < 128.10.2, and Thunderbird < 138.0.2. A flaw was found in Firefox and Thunderbird. • https://bugzilla.mozilla.org/show_bug.cgi?id=1966612 • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •
CVSS: 5.9EPSS: 0%CPEs: 2EXPL: 0CVE-2025-4207 – PostgreSQL GB18030 encoding validation can read one byte past end of allocation for text that fails validation
https://notcve.org/view.php?id=CVE-2025-4207
08 May 2025 — Buffer over-read in PostgreSQL GB18030 encoding validation allows a database input provider to achieve temporary denial of service on platforms where a 1-byte over-read can elicit process termination. This affects the database server and also libpq. Versions before PostgreSQL 17.5, 16.9, 15.13, 14.18, and 13.21 are affected. USN-7520-1 fixed a vulnerability in PostgreSQL. This update provides the corresponding updates for Ubuntu 25.04. • https://www.postgresql.org/support/security/CVE-2025-4207 • CWE-126: Buffer Over-read •