CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2025-67268 – Ubuntu Security Notice USN-7948-1
https://notcve.org/view.php?id=CVE-2025-67268
02 Jan 2026 — gpsd before commit dc966aa contains a heap-based out-of-bounds write vulnerability in the drivers/driver_nmea2000.c file. The hnd_129540 function, which handles NMEA2000 PGN 129540 (GNSS Satellites in View) packets, fails to validate the user-supplied satellite count against the size of the skyview array (184 elements). This allows an attacker to write beyond the bounds of the array by providing a satellite count up to 255, leading to memory corruption, Denial of Service (DoS), and potentially arbitrary cod... • https://github.com/Jaenact/gspd_cve/blob/main/CVE-2025-67268/README.md • CWE-122: Heap-based Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2025-67269 – Ubuntu Security Notice USN-7948-1
https://notcve.org/view.php?id=CVE-2025-67269
02 Jan 2026 — An integer underflow vulnerability exists in the `nextstate()` function in `gpsd/packet.c` of gpsd versions prior to commit `ffa1d6f40bca0b035fc7f5e563160ebb67199da7`. When parsing a NAVCOM packet, the payload length is calculated using `lexer->length = (size_t)c - 4` without checking if the input byte `c` is less than 4. This results in an unsigned integer underflow, setting `lexer->length` to a very large value (near `SIZE_MAX`). The parser then enters a loop attempting to consume this massive number of b... • https://github.com/Jaenact/gspd_cve/blob/main/CVE-2025-67269/README.md • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2025-66864
https://notcve.org/view.php?id=CVE-2025-66864
29 Dec 2025 — An issue was discovered in function d_print_comp_inner in file cp-demangle.c in BinUtils 2.26 allows attackers to cause a denial of service via crafted PE file. • https://github.com/caozhzh/CRGF-Vul/blob/main/cxxfilt/crash5.md • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2025-66866
https://notcve.org/view.php?id=CVE-2025-66866
29 Dec 2025 — An issue was discovered in function d_abi_tags in file cp-demangle.c in BinUtils 2.26 allows attackers to cause a denial of service via crafted PE file. • https://github.com/caozhzh/CRGF-Vul/blob/main/cxxfilt/crash6.md • CWE-20: Improper Input Validation •
CVSS: 6.3EPSS: 0%CPEs: 5EXPL: 0CVE-2025-68161 – Apache Log4j Core: Missing TLS hostname verification in Socket appender
https://notcve.org/view.php?id=CVE-2025-68161
18 Dec 2025 — The Socket Appender in Apache Log4j Core versions 2.0-beta9 through 2.25.2 does not perform TLS hostname verification of the peer certificate, even when the verifyHostName https://logging.apache.org/log4j/2.x/manual/appenders/network.html#SslConfiguration-attr-verifyHostName configuration attribute or the log4j2.sslVerifyHostName https://logging.apache.org/log4j/2.x/manual/systemproperties.html#log4j2.sslVerifyHostName system property is set to true. This issue may allow a man-in-the-middle attacker to inte... • https://github.com/apache/logging-log4j2/pull/4002 • CWE-297: Improper Validation of Certificate with Host Mismatch •
CVSS: 3.3EPSS: 0%CPEs: 8EXPL: 0CVE-2025-9615 – Networkmanager: networkmanager file access
https://notcve.org/view.php?id=CVE-2025-9615
17 Dec 2025 — A flaw was found in NetworkManager. The NetworkManager package allows access to files that may belong to other users. NetworkManager allows non-root users to configure the system's network. The daemon runs with root privileges and can access files owned by users different from the one who added the connection. These are all security issues fixed in the NetworkManager-applet-l2tp-1.52.0-1.1 package on the GA media of openSUSE Tumbleweed. • https://access.redhat.com/security/cve/CVE-2025-9615 • CWE-281: Improper Preservation of Permissions •
CVSS: 8.5EPSS: 0%CPEs: 6EXPL: 0CVE-2025-14523 – Libsoup: libsoup: duplicate host header handling causes host-parsing discrepancy (first- vs last-value wins)
https://notcve.org/view.php?id=CVE-2025-14523
11 Dec 2025 — A flaw in libsoup’s HTTP header handling allows multiple Host: headers in a request and returns the last occurrence for server-side processing. Common front proxies often honor the first Host: header, so this mismatch can cause vhost confusion where a proxy routes a request to one backend but the backend interprets it as destined for another host. This discrepancy enables request-smuggling style attacks, cache poisoning, or bypassing host-based access controls when an attacker supplies duplicate Host header... • https://access.redhat.com/security/cve/CVE-2025-14523 • CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') •
CVSS: 8.1EPSS: 0%CPEs: 6EXPL: 0CVE-2025-14333 – Memory safety bugs fixed in Firefox ESR 140.6, Thunderbird ESR 140.6, Firefox 146 and Thunderbird 146
https://notcve.org/view.php?id=CVE-2025-14333
09 Dec 2025 — Memory safety bugs present in Firefox ESR 140.5, Thunderbird ESR 140.5, Firefox 145 and Thunderbird 145. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 146 and Firefox ESR < 140.6. Memory safety bugs present in Firefox ESR 140.5, Thunderbird ESR 140.5, Firefox 145 and Thunderbird 145. Some of these bugs showed evidence of memory corruption and we presume that wi... • https://bugzilla.mozilla.org/buglist.cgi?bug_id=1966501%2C1997639 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.5EPSS: 0%CPEs: 10EXPL: 0CVE-2025-14331 – Same-origin policy bypass in the Request Handling component
https://notcve.org/view.php?id=CVE-2025-14331
09 Dec 2025 — Same-origin policy bypass in the Request Handling component. This vulnerability affects Firefox < 146, Firefox ESR < 115.31, and Firefox ESR < 140.6. Same-origin policy bypass in the Request Handling component. This vulnerability affects Firefox < 146, Firefox ESR < 115.31, Firefox ESR < 140.6, Thunderbird < 146, and Thunderbird < 140.6. Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, sandbox escape, same-origin ... • https://bugzilla.mozilla.org/show_bug.cgi?id=2000218 • CWE-346: Origin Validation Error •
CVSS: 9.8EPSS: 0%CPEs: 6EXPL: 0CVE-2025-14330 – JIT miscompilation in the JavaScript Engine: JIT component
https://notcve.org/view.php?id=CVE-2025-14330
09 Dec 2025 — JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability affects Firefox < 146 and Firefox ESR < 140.6. JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability affects Firefox < 146, Firefox ESR < 140.6, Thunderbird < 146, and Thunderbird < 140.6. Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, sandbox escape, same-origin policy bypass or privilege escalation. • https://bugzilla.mozilla.org/show_bug.cgi?id=1997503 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-686: Function Call With Incorrect Argument Type CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •