CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2025-46400 – Xfig: fig2dev segmentation fault in read_arcobject
https://notcve.org/view.php?id=CVE-2025-46400
23 Apr 2025 — Segmentation fault in fig2dev in version 3.2.9a allows an attacker to availability via local input manipulation via read_arcobject function. In xfig diagramming tool, a segmentation fault while running fig2dev allows an attacker to availability via local input manipulation via read_arcobject function. These are all security issues fixed in the transfig-3.2.9a-3.1 package on the GA media of openSUSE Tumbleweed. • https://sourceforge.net/p/mcj/tickets/187 • CWE-476: NULL Pointer Dereference •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2025-46399 – Xfig: transfig: fig2dev segmentation fault vulnerability
https://notcve.org/view.php?id=CVE-2025-46399
23 Apr 2025 — Segmentation fault in fig2dev in version 3.2.9a allows an attacker to availability via local input manipulation via genge_itp_spline function. A flaw was found in fig2dev. This vulnerability allows availability via local input manipulation via genge_itp_spline function. Rejected reason: Red Hat Product Security has come to the conclusion that this CVE is not needed. These are all security issues fixed in the transfig-3.2.9a-3.1 package on the GA media of openSUSE Tumbleweed. • https://sourceforge.net/p/mcj/tickets/190 • CWE-476: NULL Pointer Dereference •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2025-46398 – Xfig: fig2dev stack-overflow via read_objects
https://notcve.org/view.php?id=CVE-2025-46398
23 Apr 2025 — Stack-overflow in fig2dev in version 3.2.9a allows an attacker possible code execution via local input manipulation via read_objects function. In xfig diagramming tool, a stack-overflow while running fig2dev allows memory corruption via local input manipulation via read_objects function. Rejected reason: Red Hat Product Security has come to the conclusion that this CVE is not needed. These are all security issues fixed in the transfig-3.2.9a-3.1 package on the GA media of openSUSE Tumbleweed. • https://sourceforge.net/p/mcj/tickets/191 • CWE-121: Stack-based Buffer Overflow •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2025-46397 – Xfig: fig2dev stack-overflow
https://notcve.org/view.php?id=CVE-2025-46397
23 Apr 2025 — Stack-overflow in fig2dev in version 3.2.9a allows an attacker possible code execution via local input manipulation via bezier_spline function. In xfig diagramming tool, a stack-overflow while running fig2dev allows memory corruption via local input manipulation at the bezier_spline function. Rejected reason: Red Hat Product Security has come to the conclusion that this CVE is not needed. These are all security issues fixed in the transfig-3.2.9a-3.1 package on the GA media of openSUSE Tumbleweed. • https://sourceforge.net/p/mcj/tickets/192 • CWE-121: Stack-based Buffer Overflow •
CVSS: 2.9EPSS: 0%CPEs: 2EXPL: 0CVE-2023-26819
https://notcve.org/view.php?id=CVE-2023-26819
19 Apr 2025 — cJSON 1.7.15 might allow a denial of service via a crafted JSON document such as {"a": true, "b": [ null,9999999999999999999999999999999999999999999999912345678901234567]}. cJSON 1.7.15 podría permitir una denegación de servicio a través de un documento JSON manipulado como {"a": true, "b": [ null,99999999999999999999999999999999999999999999912345678901234567]}. • https://github.com/boofish/json_bugs/tree/main/cjson • CWE-440: Expected Behavior Violation •
CVSS: 9.0EPSS: 0%CPEs: 29EXPL: 0CVE-2025-32911 – Libsoup: double free on soup_message_headers_get_content_disposition() through "soup-message-headers.c" via "params" ghashtable value
https://notcve.org/view.php?id=CVE-2025-32911
15 Apr 2025 — A flaw was found in libsoup, which is vulnerable to a use-after-free memory issue not on the heap in the soup_message_headers_get_content_disposition() function. This flaw allows a malicious HTTP client to cause memory corruption in the libsoup server. A use-after-free type vulnerability was found in libsoup, in the soup_message_headers_get_content_disposition() function. This flaw allows a malicious HTTP client to cause memory corruption in the libsoup server. This update for libsoup fixes the following is... • https://access.redhat.com/security/cve/CVE-2025-32911 • CWE-590: Free of Memory not on the Heap •
CVSS: 6.6EPSS: 0%CPEs: 3EXPL: 0CVE-2025-3523 – thunderbird: User Interface (UI) Misrepresentation of attachment URL
https://notcve.org/view.php?id=CVE-2025-3523
15 Apr 2025 — When an email contains multiple attachments with external links via the X-Mozilla-External-Attachment-URL header, only the last link is shown when hovering over any attachment. Although the correct link is used on click, the misleading hover text could trick users into downloading content from untrusted sources. This vulnerability affects Thunderbird < 137.0.2 and Thunderbird < 128.9.2. This update for MozillaThunderbird fixes the following issues. Mozilla Thunderbird 128.9.2 Leak of hashed Window credentia... • https://bugzilla.mozilla.org/show_bug.cgi?id=1958385 • CWE-451: User Interface (UI) Misrepresentation of Critical Information •
CVSS: 7.5EPSS: 0%CPEs: 24EXPL: 0CVE-2025-2830 – thunderbird: Information Disclosure of /tmp directory listing
https://notcve.org/view.php?id=CVE-2025-2830
15 Apr 2025 — By crafting a malformed file name for an attachment in a multipart message, an attacker can trick Thunderbird into including a directory listing of /tmp when the message is forwarded or edited as a new message. This vulnerability could allow attackers to disclose sensitive information from the victim's system. This vulnerability is not limited to Linux; similar behavior has been observed on Windows as well. This vulnerability affects Thunderbird < 137.0.2 and Thunderbird < 128.9.2. An update for thunderbird... • https://bugzilla.mozilla.org/show_bug.cgi?id=1956379 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 24EXPL: 0CVE-2025-3522 – thunderbird: Leak of hashed Window credentials via crafted attachment URL
https://notcve.org/view.php?id=CVE-2025-3522
15 Apr 2025 — Thunderbird processes the X-Mozilla-External-Attachment-URL header to handle attachments which can be hosted externally. When an email is opened, Thunderbird accesses the specified URL to determine file size, and navigates to it when the user clicks the attachment. Because the URL is not validated or sanitized, it can reference internal resources like chrome:// or SMB share file:// links, potentially leading to hashed Windows credential leakage and opening the door to more serious security issues. This vuln... • https://bugzilla.mozilla.org/show_bug.cgi?id=1955372 • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') CWE-1220: Insufficient Granularity of Access Control •
CVSS: 5.9EPSS: 0%CPEs: 13EXPL: 0CVE-2025-3576 – Krb5: kerberos rc4-hmac-md5 checksum vulnerability enabling message spoofing via md5 collisions
https://notcve.org/view.php?id=CVE-2025-3576
15 Apr 2025 — A vulnerability in the MIT Kerberos implementation allows GSSAPI-protected messages using RC4-HMAC-MD5 to be spoofed due to weaknesses in the MD5 checksum design. If RC4 is preferred over stronger encryption types, an attacker could exploit MD5 collisions to forge message integrity codes. This may lead to unauthorized message tampering. It was discovered that Kerberos allowed the usage of weak cryptographic standards. An attacker could possibly use this issue to expose sensitive information. • https://access.redhat.com/security/cve/CVE-2025-3576 • CWE-328: Use of Weak Hash •