CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0CVE-2025-25373
https://notcve.org/view.php?id=CVE-2025-25373
25 Mar 2025 — The Memory Management Module of NASA cFS (Core Flight System) Aquila has insecure permissions, which can be exploited to gain an RCE on the platform. • https://visionspace.com/nasa-cfs-version-aquila-software-vulnerability-assessment • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-27830 – Debian Security Advisory 5888-1
https://notcve.org/view.php?id=CVE-2025-27830
25 Mar 2025 — An attacker could use this issue to cause Ghostscript to crash, resulting in a denial of service, or possibly execute arbitrary code. ... An attacker could use this issue to cause Ghostscript to crash, resulting in a denial of service, or possibly execute arbitrary code. • https://bugs.ghostscript.com/show_bug.cgi?id=708241 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-27831 – Debian Security Advisory 5888-1
https://notcve.org/view.php?id=CVE-2025-27831
25 Mar 2025 — An attacker could use this issue to cause Ghostscript to crash, resulting in a denial of service, or possibly execute arbitrary code. ... An attacker could use this issue to cause Ghostscript to crash, resulting in a denial of service, or possibly execute arbitrary code. • https://bugs.ghostscript.com/show_bug.cgi?id=708132 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-27832 – Debian Security Advisory 5888-1
https://notcve.org/view.php?id=CVE-2025-27832
25 Mar 2025 — An attacker could use this issue to cause Ghostscript to crash, resulting in a denial of service, or possibly execute arbitrary code. ... An attacker could use this issue to cause Ghostscript to crash, resulting in a denial of service, or possibly execute arbitrary code. • https://bugs.ghostscript.com/show_bug.cgi?id=708133 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2025-27833 – Debian Security Advisory 5888-1
https://notcve.org/view.php?id=CVE-2025-27833
25 Mar 2025 — An attacker could use this issue to cause Ghostscript to crash, resulting in a denial of service, or possibly execute arbitrary code. ... An attacker could use this issue to cause Ghostscript to crash, resulting in a denial of service, or possibly execute arbitrary code. • https://bugs.ghostscript.com/show_bug.cgi?id=708259 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-27834 – Debian Security Advisory 5888-1
https://notcve.org/view.php?id=CVE-2025-27834
25 Mar 2025 — An attacker could use this issue to cause Ghostscript to crash, resulting in a denial of service, or possibly execute arbitrary code. ... An attacker could use this issue to cause Ghostscript to crash, resulting in a denial of service, or possibly execute arbitrary code. • https://bugs.ghostscript.com/show_bug.cgi?id=708253 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-27835 – Debian Security Advisory 5888-1
https://notcve.org/view.php?id=CVE-2025-27835
25 Mar 2025 — An attacker could use this issue to cause Ghostscript to crash, resulting in a denial of service, or possibly execute arbitrary code. ... An attacker could use this issue to cause Ghostscript to crash, resulting in a denial of service, or possibly execute arbitrary code. • https://bugs.ghostscript.com/show_bug.cgi?id=708131 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-27836 – Debian Security Advisory 5888-1
https://notcve.org/view.php?id=CVE-2025-27836
25 Mar 2025 — An attacker could use this issue to cause Ghostscript to crash, resulting in a denial of service, or possibly execute arbitrary code. ... An attacker could use this issue to cause Ghostscript to crash, resulting in a denial of service, or possibly execute arbitrary code. • https://bugs.ghostscript.com/show_bug.cgi?id=708192 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-30091
https://notcve.org/view.php?id=CVE-2025-30091
25 Mar 2025 — In Tiny MoxieManager PHP before 4.0.0, remote code execution can occur in the installer command. This vulnerability allows unauthenticated attackers to inject and execute arbitrary code. • https://www.moxiemanager.com/changelog • CWE-96: Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection') •
CVSS: 10.0EPSS: 82%CPEs: 2EXPL: 15CVE-2025-1974 – ingress-nginx admission controller RCE escalation
https://notcve.org/view.php?id=CVE-2025-1974
24 Mar 2025 — A security issue was discovered in Kubernetes where under certain conditions, an unauthenticated attacker with access to the pod network can achieve arbitrary code execution in the context of the ingress-nginx controller. This can lead to disclosure of Secrets accessible to the controller. (Note that in the default installation, the controller can access all Secrets cluster-wide.) • https://github.com/dttuss/IngressNightmare-RCE-POC • CWE-653: Improper Isolation or Compartmentalization •