CVSS: 6.4EPSS: 0%CPEs: 31EXPL: 0CVE-2025-6425 – firefox: thunderbird: The WebCompat WebExtension shipped with Firefox exposed a persistent UUID
https://notcve.org/view.php?id=CVE-2025-6425
24 Jun 2025 — An attacker who enumerated resources from the WebCompat extension could have obtained a persistent UUID that identified the browser, and persisted between containers and normal/private browsing mode, but not profiles. This vulnerability affects Firefox < 140, Firefox ESR < 115.25, and Firefox ESR < 128.12. An attacker who enumerated resources from the WebCompat extension could have obtained a persistent UUID that identified the browser, and persisted between containers and normal/private browsing mode, but ... • https://bugzilla.mozilla.org/show_bug.cgi?id=1717672 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 10.0EPSS: 0%CPEs: 15EXPL: 0CVE-2025-6424 – firefox: thunderbird: Use-after-free in FontFaceSet
https://notcve.org/view.php?id=CVE-2025-6424
24 Jun 2025 — A use-after-free in FontFaceSet resulted in a potentially exploitable crash. This vulnerability affects Firefox < 140, Firefox ESR < 115.25, and Firefox ESR < 128.12. A use-after-free in FontFaceSet resulted in a potentially exploitable crash. This vulnerability affects Firefox < 140, Firefox ESR < 115.25, Firefox ESR < 128.12, Thunderbird < 140, and Thunderbird < 128.12. A flaw was found in Firefox and Thunderbird. • https://bugzilla.mozilla.org/show_bug.cgi?id=1966423 • CWE-416: Use After Free •
CVSS: 6.2EPSS: 0%CPEs: 35EXPL: 0CVE-2025-49175 – Xorg-x11-server-xwayland: xorg-x11-server: tigervnc: out-of-bounds read in x rendering extension animated cursors
https://notcve.org/view.php?id=CVE-2025-49175
17 Jun 2025 — A flaw was found in the X Rendering extension's handling of animated cursors. If a client provides no cursors, the server assumes at least one is present, leading to an out-of-bounds read and potential crash. USN-7573-1 fixed several vulnerabilities in X.Org. This update provides the corresponding update for Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. Nils Emmerich discovered that the X.Org X Server incorrectly handled certain memory operations. • https://access.redhat.com/security/cve/CVE-2025-49175 • CWE-125: Out-of-bounds Read •
CVSS: 7.3EPSS: 0%CPEs: 35EXPL: 0CVE-2025-49176 – Xorg-x11-server-xwayland: xorg-x11-server: tigervnc: integer overflow in big requests extension
https://notcve.org/view.php?id=CVE-2025-49176
17 Jun 2025 — A flaw was found in the Big Requests extension. The request length is multiplied by 4 before checking against the maximum allowed size, potentially causing an integer overflow and bypassing the size check. This update for xorg-x11-server fixes the following issues. Out-of-bounds access in X Rendering extension (Animated cursors). Integer overflow in Big Requests Extension. • https://access.redhat.com/security/cve/CVE-2025-49176 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 35EXPL: 0CVE-2025-49180 – Xorg-x11-server-xwayland: xorg-x11-server: tigervnc: integer overflow in x resize, rotate and reflect (randr) extension
https://notcve.org/view.php?id=CVE-2025-49180
17 Jun 2025 — A flaw was found in the RandR extension, where the RRChangeProviderProperty function does not properly validate input. This issue leads to an integer overflow when computing the total size to allocate. USN-7573-1 fixed several vulnerabilities in X.Org. This update provides the corresponding update for Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. Nils Emmerich discovered that the X.Org X Server incorrectly handled certain memory operations. • https://access.redhat.com/security/cve/CVE-2025-49180 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.0EPSS: 0%CPEs: 5EXPL: 5CVE-2025-6019 – Libblockdev: lpe from allow_active to root in libblockdev via udisks
https://notcve.org/view.php?id=CVE-2025-6019
17 Jun 2025 — A Local Privilege Escalation (LPE) vulnerability was found in libblockdev. Generally, the "allow_active" setting in Polkit permits a physically present user to take certain actions based on the session type. Due to the way libblockdev interacts with the udisks daemon, an "allow_active" user on a system may be able escalate to full root privileges on the target host. Normally, udisks mounts user-provided filesystem images with security flags like nosuid and nodev to prevent privilege escalation. However, a l... • https://packetstorm.news/files/id/207433 • CWE-250: Execution with Unnecessary Privileges •
CVSS: 5.5EPSS: 0%CPEs: 35EXPL: 0CVE-2025-49178 – Xorg-x11-server-xwayland: xorg-x11-server: tigervnc: unprocessed client request due to bytes to ignore
https://notcve.org/view.php?id=CVE-2025-49178
17 Jun 2025 — A flaw was found in the X server's request handling. Non-zero 'bytes to ignore' in a client's request can cause the server to skip processing another client's request, potentially leading to a denial of service. This update for xorg-x11-server fixes the following issues. Out-of-bounds access in X Rendering extension (Animated cursors). Integer overflow in Big Requests Extension. • https://access.redhat.com/security/cve/CVE-2025-49178 • CWE-667: Improper Locking •
CVSS: 9.4EPSS: 0%CPEs: 39EXPL: 0CVE-2025-49794 – Libxml: heap use after free (uaf) leads to denial of service (dos)
https://notcve.org/view.php?id=CVE-2025-49794
16 Jun 2025 — A use-after-free vulnerability was found in libxml2. This issue occurs when parsing XPath elements under certain circumstances when the XML schematron has the
CVSS: 2.5EPSS: 0%CPEs: 24EXPL: 0CVE-2025-6170 – Libxml2: stack buffer overflow in xmllint interactive shell command handling
https://notcve.org/view.php?id=CVE-2025-6170
16 Jun 2025 — A flaw was found in the interactive shell of the xmllint command-line tool, used for parsing XML files. When a user inputs an overly long command, the program does not check the input size properly, which can cause it to crash. This issue might allow attackers to run harmful code in rare configurations without modern protections. Ahmed Lekssays discovered that libxml2 did not properly perform certain mathematical operations, leading to an integer overflow. An attacker could possibly use this issue to cause ... • https://access.redhat.com/security/cve/CVE-2025-6170 • CWE-121: Stack-based Buffer Overflow •
CVSS: 9.4EPSS: 0%CPEs: 39EXPL: 0CVE-2025-49796 – Libxml: type confusion leads to denial of service (dos)
https://notcve.org/view.php?id=CVE-2025-49796
16 Jun 2025 — A vulnerability was found in libxml2. Processing certain sch:name elements from the input XML file can trigger a memory corruption issue. This flaw allows an attacker to craft a malicious XML input file that can lead libxml to crash, resulting in a denial of service or other possible undefined behavior due to sensitive data being corrupted in memory. Ahmed Lekssays discovered that libxml2 did not properly perform certain mathematical operations, leading to an integer overflow. An attacker could possibly use... • https://access.redhat.com/security/cve/CVE-2025-49796 • CWE-125: Out-of-bounds Read •