CVSS: 6.2EPSS: 0%CPEs: 2EXPL: 0CVE-2025-31181 – Gnuplot: gnuplot segmentation fault on x11_graphics
https://notcve.org/view.php?id=CVE-2025-31181
27 Mar 2025 — A flaw was found in gnuplot. The X11_graphics() function may lead to a segmentation fault and cause a system crash. • https://access.redhat.com/security/cve/CVE-2025-31181 • CWE-476: NULL Pointer Dereference •
CVSS: 6.2EPSS: 0%CPEs: 2EXPL: 0CVE-2025-31180 – Gnuplot: gnuplot segmentation fault on canvas_text
https://notcve.org/view.php?id=CVE-2025-31180
27 Mar 2025 — A flaw was found in gnuplot. The CANVAS_text() function may lead to a segmentation fault and cause a system crash. • https://access.redhat.com/security/cve/CVE-2025-31180 • CWE-476: NULL Pointer Dereference •
CVSS: 6.2EPSS: 0%CPEs: 2EXPL: 0CVE-2025-31179 – Gnuplot: gnuplot segmentation fault on xstrftime
https://notcve.org/view.php?id=CVE-2025-31179
27 Mar 2025 — A flaw was found in gnuplot. The xstrftime() function may lead to a segmentation fault, causing a system crash. • https://access.redhat.com/security/cve/CVE-2025-31179 • CWE-476: NULL Pointer Dereference •
CVSS: 6.2EPSS: 0%CPEs: 2EXPL: 0CVE-2025-31178 – Gnuplot: gnuplot segmentation fault on getannotatestring
https://notcve.org/view.php?id=CVE-2025-31178
27 Mar 2025 — A flaw was found in gnuplot. The GetAnnotateString() function may lead to a segmentation fault and cause a system crash. • https://access.redhat.com/security/cve/CVE-2025-31178 • CWE-476: NULL Pointer Dereference •
CVSS: 6.2EPSS: 0%CPEs: 2EXPL: 0CVE-2025-31176 – Gnuplot: gnuplot segmentation fault on plot3d_points
https://notcve.org/view.php?id=CVE-2025-31176
27 Mar 2025 — A flaw was found in gnuplot. The plot3d_points() function may lead to a segmentation fault and cause a system crash. • https://access.redhat.com/security/cve/CVE-2025-31176 • CWE-476: NULL Pointer Dereference •
CVSS: 5.0EPSS: 0%CPEs: 7EXPL: 0CVE-2025-2487 – 389-ds-base: null pointer dereference leads to denial of service
https://notcve.org/view.php?id=CVE-2025-2487
18 Mar 2025 — A flaw was found in the 389-ds-base LDAP Server. This issue occurs when issuing a Modify DN LDAP operation through the ldap protocol, when the function return value is not tested and a NULL pointer is dereferenced. If a privileged user performs a ldap MODDN operation after a failed operation, it could lead to a Denial of Service (DoS) or system crash. An update for the redhat-ds:12 module is now available for Red Hat Directory Server 12.4 EUS for RHEL 9. Issues addressed include denial of service and null p... • https://access.redhat.com/security/cve/CVE-2025-2487 • CWE-476: NULL Pointer Dereference •
CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 0CVE-2025-1057 – Keylime: keylime registrar dos due to incompatible database entry handling
https://notcve.org/view.php?id=CVE-2025-1057
15 Mar 2025 — A flaw was found in Keylime, a remote attestation solution, where strict type checking introduced in version 7.12.0 prevents the registrar from reading database entries created by previous versions, for example, 7.11.0. Specifically, older versions store agent registration data as bytes, whereas the updated registrar expects str. This issue leads to an exception when processing agent registration requests, causing the agent to fail. • https://access.redhat.com/security/cve/CVE-2025-1057 • CWE-704: Incorrect Type Conversion or Cast •
CVSS: 7.5EPSS: 0%CPEs: 8EXPL: 0CVE-2024-8176 – Libexpat: expat: improper restriction of xml entity expansion depth in libexpat
https://notcve.org/view.php?id=CVE-2024-8176
14 Mar 2025 — A stack overflow vulnerability exists in the libexpat library due to the way it handles recursive entity expansion in XML documents. When parsing an XML document with deeply nested entity references, libexpat can be forced to recurse indefinitely, exhausting the stack space and causing a crash. This issue could lead to denial of service (DoS) or, in some cases, exploitable memory corruption, depending on the environment and library usage. It was discovered that Expat could crash due to stack overflow when p... • https://access.redhat.com/security/cve/CVE-2024-8176 • CWE-674: Uncontrolled Recursion •
CVSS: 6.4EPSS: 0%CPEs: 16EXPL: 0CVE-2025-0686 – Grub2: romfs: integer overflow when handling symlinks may lead to heap based out-of-bounds write when reading dat
https://notcve.org/view.php?id=CVE-2025-0686
03 Mar 2025 — A flaw was found in grub2. When performing a symlink lookup from a romfs filesystem, grub's romfs filesystem module uses user-controlled parameters from the filesystem geometry to determine the internal buffer size, however, it improperly checks for integer overflows. A maliciously crafted filesystem may lead some of those buffer size calculations to overflow, causing it to perform a grub_malloc() operation with a smaller size than expected. As a result, the grub_romfs_read_symlink() may cause out-of-bounds... • https://access.redhat.com/security/cve/CVE-2025-0686 • CWE-787: Out-of-bounds Write •
CVSS: 6.4EPSS: 0%CPEs: 16EXPL: 0CVE-2025-0685 – Grub2: jfs: integer overflow when handling symlinks may lead to heap based out-of-bounds write when reading data
https://notcve.org/view.php?id=CVE-2025-0685
03 Mar 2025 — A flaw was found in grub2. When reading data from a jfs filesystem, grub's jfs filesystem module uses user-controlled parameters from the filesystem geometry to determine the internal buffer size, however, it improperly checks for integer overflows. A maliciouly crafted filesystem may lead some of those buffer size calculations to overflow, causing it to perform a grub_malloc() operation with a smaller size than expected. As a result, the grub_jfs_lookup_symlink() function will write past the internal buffe... • https://access.redhat.com/security/cve/CVE-2025-0685 • CWE-787: Out-of-bounds Write •