CVSS: 3.9EPSS: 0%CPEs: 3EXPL: 0CVE-2025-5916 – Libarchive: integer overflow while reading warc files at archive_read_support_format_warc.c
https://notcve.org/view.php?id=CVE-2025-5916
09 Jun 2025 — A vulnerability has been identified in the libarchive library. This flaw involves an integer overflow that can be triggered when processing a Web Archive (WARC) file that claims to have more than INT64_MAX - 4 content bytes. An attacker could craft a malicious WARC archive to induce this overflow, potentially leading to unpredictable program behavior, memory corruption, or a denial-of-service condition within applications that process such archives using libarchive. Se ha identificado una vulnerabilidad en ... • https://access.redhat.com/security/cve/CVE-2025-5916 • CWE-190: Integer Overflow or Wraparound •
CVSS: 3.9EPSS: 0%CPEs: 3EXPL: 0CVE-2025-5915 – Libarchive: heap buffer over read in copy_from_lzss_window() at archive_read_support_format_rar.c
https://notcve.org/view.php?id=CVE-2025-5915
09 Jun 2025 — A vulnerability has been identified in the libarchive library. This flaw can lead to a heap buffer over-read due to the size of a filter block potentially exceeding the Lempel-Ziv-Storer-Schieber (LZSS) window. This means the library may attempt to read beyond the allocated memory buffer, which can result in unpredictable program behavior, crashes (denial of service), or the disclosure of sensitive information from adjacent memory regions. Se ha identificado una vulnerabilidad en la librería libarchive. Est... • https://access.redhat.com/security/cve/CVE-2025-5915 • CWE-122: Heap-based Buffer Overflow •
CVSS: 6.2EPSS: 0%CPEs: 1EXPL: 0CVE-2025-25209 – Rhcl: sharedsecretref can be used to leak secrets severity
https://notcve.org/view.php?id=CVE-2025-25209
09 Jun 2025 — The AuthPolicy metadata on Red Hat Connectivity Link contains an object which stores secretes, however it assumes those secretes are already in the kuadrant-system instead of copying it to the referred namespace. This creates space for a malicious actor with a developer persona access to leak those secrets over HTTP connection, as long the attacker knows the name of the targeted secrets and those secrets are limited to one line only. Los metadatos de AuthPolicy en Red Hat Connectivity Link contienen un obje... • https://access.redhat.com/security/cve/CVE-2025-25209 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2025-25208 – Rhcl: authorino denial of service through authpolicy with sharedsecretref severity
https://notcve.org/view.php?id=CVE-2025-25208
09 Jun 2025 — A Developer persona can bring down the Authorino service, preventing the evaluation of all AuthPolicies on the cluster Un personaje de desarrollador puede hacer caer el servicio Authorino, impidiendo la evaluación de todas las AuthPolicies en el clúster. These are all security issues fixed in the govulncheck-vulndb-0.0.20250612T141001-1.1 package on the GA media of openSUSE Tumbleweed. • https://access.redhat.com/security/cve/CVE-2025-25208 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 5.7EPSS: 0%CPEs: 1EXPL: 0CVE-2025-25207 – Rhcl: authpolicy callbacks result in denial of service in authorino severity
https://notcve.org/view.php?id=CVE-2025-25207
09 Jun 2025 — The Authorino service in the Red Hat Connectivity Link is the authorization service for zero trust API security. Authorino allows the users with developer persona to add callbacks to be executed to HTTP endpoints once the authorization process is completed. It was found that an attacker with developer persona access can add a large number of those callbacks to be executed by Authorino and as the authentication policy is enforced by a single instance of the service, this leada to a Denial of Service in Autho... • https://access.redhat.com/security/cve/CVE-2025-25207 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.1EPSS: 0%CPEs: 5EXPL: 0CVE-2025-5791 – Users: `root` appended to group listings
https://notcve.org/view.php?id=CVE-2025-5791
06 Jun 2025 — A flaw was found in the user's crate for Rust. This vulnerability allows privilege escalation via incorrect group listing when a user or process has fewer than exactly 1024 groups, leading to the erroneous inclusion of the root group in the access list. These are all security issues fixed in the mirrorsorcerer-0.1.3~1-1.1 package on the GA media of openSUSE Tumbleweed. • https://access.redhat.com/security/cve/CVE-2025-5791 • CWE-266: Incorrect Privilege Assignment •
CVSS: 6.8EPSS: 0%CPEs: 5EXPL: 0CVE-2025-0620 – Samba: smbd doesn't pick up group membership changes when re-authenticating an expired smb session
https://notcve.org/view.php?id=CVE-2025-0620
06 Jun 2025 — A flaw was found in Samba. The smbd service daemon does not pick up group membership changes when re-authenticating an expired SMB session. This issue can expose file shares until clients disconnect and then connect again. It was discovered that Samba incorrectly handled certain group membership changes when using Kerberos authentication. A remote user could possibly use this issue to continue to access resources after being removed by an administrator. • https://access.redhat.com/security/cve/CVE-2025-0620 • CWE-552: Files or Directories Accessible to External Parties •
CVSS: 4.7EPSS: 0%CPEs: 7EXPL: 0CVE-2025-4598 – Systemd-coredump: race condition that allows a local attacker to crash a suid program and gain read access to the resulting core dump
https://notcve.org/view.php?id=CVE-2025-4598
29 May 2025 — A vulnerability was found in systemd-coredump. This flaw allows an attacker to force a SUID process to crash and replace it with a non-SUID binary to access the original's privileged process coredump, allowing the attacker to read sensitive data, such as /etc/shadow content, loaded by the original process. A SUID binary or process has a special type of permission, which allows the process to run with the file owner's permissions, regardless of the user executing the binary. This allows the process to access... • https://access.redhat.com/security/cve/CVE-2025-4598 • CWE-364: Signal Handler Race Condition •
CVSS: 4.4EPSS: 0%CPEs: 3EXPL: 0CVE-2025-5278 – Coreutils: heap buffer under-read in gnu coreutils sort via key specification
https://notcve.org/view.php?id=CVE-2025-5278
27 May 2025 — A flaw was found in GNU Coreutils. The sort utility's begfield() function is vulnerable to a heap buffer under-read. The program may access memory outside the allocated buffer if a user runs a crafted command using the traditional key format. A malicious input could lead to a crash or leak sensitive data. • https://access.redhat.com/security/cve/CVE-2025-5278 • CWE-121: Stack-based Buffer Overflow •
CVSS: 7.0EPSS: 0%CPEs: 3EXPL: 1CVE-2025-5222 – Icu: stack buffer overflow in the srbroot::addtag function
https://notcve.org/view.php?id=CVE-2025-5222
27 May 2025 — A stack buffer overflow was found in Internationl components for unicode (ICU ). While running the genrb binary, the 'subtag' struct overflowed at the SRBRoot::addTag function. This issue may lead to memory corruption and local arbitrary code execution. A buffer overflow was discovered in the International Components for Unicode (ICU) library. For the stable distribution (bookworm), this problem has been fixed in version 72.1-3+deb12u1. • https://github.com/berkley4/icu-74-debian • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •