CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-8058 – glibc: Double free in glibc
https://notcve.org/view.php?id=CVE-2025-8058
23 Jul 2025 — The regcomp function in the GNU C library version from 2.4 to 2.41 is subject to a double free if some previous allocation fails. It can be accomplished either by a malloc failure or by using an interposed malloc that injects random malloc failures. The double free can allow buffer manipulation depending of how the regex is constructed. This issue affects all architectures and ABIs supported by the GNU C library. A double-free vulnerability has been discovered in glibc (GNU C Library). • https://sourceware.org/bugzilla/show_bug.cgi?id=33185 • CWE-415: Double Free •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2025-7546 – GNU Binutils elf.c bfd_elf_set_group_contents out-of-bounds write
https://notcve.org/view.php?id=CVE-2025-7546
13 Jul 2025 — A vulnerability, which was classified as problematic, has been found in GNU Binutils 2.45. Affected by this issue is the function bfd_elf_set_group_contents of the file bfd/elf.c. The manipulation leads to out-of-bounds write. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. • https://sourceware.org/bugzilla/attachment.cgi?id=16118 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2025-7545 – GNU Binutils objcopy.c copy_section heap-based overflow
https://notcve.org/view.php?id=CVE-2025-7545
13 Jul 2025 — A vulnerability classified as problematic was found in GNU Binutils 2.45. Affected by this vulnerability is the function copy_section of the file binutils/objcopy.c. The manipulation leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. • https://sourceware.org/bugzilla/attachment.cgi?id=16117 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •
CVSS: 4.1EPSS: 0%CPEs: 1EXPL: 0CVE-2025-45582 – Red Hat Security Advisory 2026-0135-03
https://notcve.org/view.php?id=CVE-2025-45582
11 Jul 2025 — GNU Tar through 1.35 allows file overwrite via directory traversal in crafted TAR archives, with a certain two-step process. First, the victim must extract an archive that contains a ../ symlink to a critical directory. Second, the victim must extract an archive that contains a critical file, specified via a relative pathname that begins with the symlink name and ends with that critical file's name. Here, the extraction follows the symlink and overwrites the critical file. This bypasses the protection mecha... • https://github.com/i900008/vulndb/blob/main/Gnu_tar_vuln.md • CWE-24: Path Traversal: '../filedir' •
CVSS: 6.1EPSS: 0%CPEs: 35EXPL: 0CVE-2025-32989 – Gnutls: vulnerability in gnutls sct extension parsing
https://notcve.org/view.php?id=CVE-2025-32989
09 Jul 2025 — A heap-buffer-overread vulnerability was found in GnuTLS in how it handles the Certificate Transparency (CT) Signed Certificate Timestamp (SCT) extension during X.509 certificate parsing. This flaw allows a malicious user to create a certificate containing a malformed SCT extension (OID 1.3.6.1.4.1.11129.2.4.2) that contains sensitive data. This issue leads to the exposure of confidential information when GnuTLS verifies certificates from certain websites when the certificate (SCT) is not checked correctly.... • https://access.redhat.com/errata/RHSA-2025:16115 • CWE-295: Improper Certificate Validation •
CVSS: 8.5EPSS: 0%CPEs: 36EXPL: 0CVE-2025-32988 – Gnutls: vulnerability in gnutls othername san export
https://notcve.org/view.php?id=CVE-2025-32988
09 Jul 2025 — A flaw was found in GnuTLS. A double-free vulnerability exists in GnuTLS due to incorrect ownership handling in the export logic of Subject Alternative Name (SAN) entries containing an otherName. If the type-id OID is invalid or malformed, GnuTLS will call asn1_delete_structure() on an ASN.1 node it does not own, leading to a double-free condition when the parent function or caller later attempts to free the same structure. This vulnerability can be triggered using only public GnuTLS APIs and may result in ... • https://access.redhat.com/errata/RHSA-2025:16115 • CWE-415: Double Free •
CVSS: 8.5EPSS: 0%CPEs: 34EXPL: 0CVE-2025-32990 – Gnutls: vulnerability in gnutls certtool template parsing
https://notcve.org/view.php?id=CVE-2025-32990
09 Jul 2025 — A heap-buffer-overflow (off-by-one) flaw was found in the GnuTLS software in the template parsing logic within the certtool utility. When it reads certain settings from a template file, it allows an attacker to cause an out-of-bounds (OOB) NULL pointer write, resulting in memory corruption and a denial-of-service (DoS) that could potentially crash the system. It was discovered that GnuTLS incorrectly handled exporting Subject Alternative Name entries containing an otherName. A remote attacker could use this... • https://access.redhat.com/security/cve/CVE-2025-32990 • CWE-122: Heap-based Buffer Overflow •
CVSS: 4.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-6141 – GNU ncurses parse_entry.c postprocess_termcap stack-based overflow
https://notcve.org/view.php?id=CVE-2025-6141
16 Jun 2025 — A vulnerability has been found in GNU ncurses up to 6.5-20250322 and classified as problematic. This vulnerability affects the function postprocess_termcap of the file tinfo/parse_entry.c. The manipulation leads to stack-based buffer overflow. The attack needs to be approached locally. Upgrading to version 6.5-20250329 is able to address this issue. • https://invisible-island.net/ncurses/NEWS.html#index-t20250329 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-121: Stack-based Buffer Overflow •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 1CVE-2025-5899 – GNU PSPP pspp-convert.c parse_variables_option free of memory not on the heap
https://notcve.org/view.php?id=CVE-2025-5899
09 Jun 2025 — A vulnerability classified as critical was found in GNU PSPP 82fb509fb2fedd33e7ac0c46ca99e108bb3bdffb. Affected by this vulnerability is the function parse_variables_option of the file utilities/pspp-convert.c. The manipulation leads to free of memory not on the heap. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. • https://drive.google.com/file/d/1YPJLiBzOwVTcc2FzdawYxBJWGujwqy7o/view?usp=sharing • CWE-590: Free of Memory not on the Heap •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 1CVE-2025-5898 – GNU PSPP pspp-convert.c parse_variables_option out-of-bounds write
https://notcve.org/view.php?id=CVE-2025-5898
09 Jun 2025 — A vulnerability classified as critical has been found in GNU PSPP 82fb509fb2fedd33e7ac0c46ca99e108bb3bdffb. Affected is the function parse_variables_option of the file utilities/pspp-convert.c. The manipulation leads to out-of-bounds write. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. • https://drive.google.com/file/d/1ZigqDFZQn5YUWFLu1V2juDGWQgbJFAtX/view?usp=sharing • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •