CVSS: 7.7EPSS: 0%CPEs: 8EXPL: 0CVE-2025-13601 – Glib: integer overflow in in g_escape_uri_string()
https://notcve.org/view.php?id=CVE-2025-13601
26 Nov 2025 — A heap-based buffer overflow problem was found in glib through an incorrect calculation of buffer size in the g_escape_uri_string() function. If the string to escape contains a very large number of unacceptable characters (which would need escaping), the calculation of the length of the escaped string could overflow, leading to a potential write off the end of the newly allocated string. • https://access.redhat.com/security/cve/CVE-2025-13601 • CWE-190: Integer Overflow or Wraparound •
CVSS: 8.6EPSS: 0%CPEs: 4EXPL: 0CVE-2025-64512 – pdfminer.six vulnerable to Arbitrary Code Execution via Crafted PDF Input
https://notcve.org/view.php?id=CVE-2025-64512
10 Nov 2025 — Pdfminer.six is a community maintained fork of the original PDFMiner, a tool for extracting information from PDF documents. Prior to version 20251107, pdfminer.six will execute arbitrary code from a malicious pickle file if provided with a malicious PDF file. The `CMapDB._load_data()` function in pdfminer.six uses `pickle.loads()` to deserialize pickle files. These pickle files are supposed to be part of the pdfminer.six distribution stored in the `cmap/` directory, but a malicious PDF can specify an altern... • https://github.com/pdfminer/pdfminer.six/commit/b808ee05dd7f0c8ea8ec34bdf394d40e63501086 • CWE-502: Deserialization of Untrusted Data •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2025-58149 – Incorrect removal of permissions on PCI device unplug
https://notcve.org/view.php?id=CVE-2025-58149
31 Oct 2025 — When passing through PCI devices, the detach logic in libxl won't remove access permissions to any 64bit memory BARs the device might have. As a result a domain can still have access any 64bit memory BAR when such device is no longer assigned to the domain. For PV domains the permission leak allows the domain itself to map the memory in the page-tables. For HVM it would require a compromised device model or stubdomain to map the leaked memory into the HVM domain p2m. When passing through PCI devices, the de... • https://xenbits.xenproject.org/xsa/advisory-476.html • CWE-672: Operation on a Resource after Expiration or Release •
CVSS: 7.8EPSS: 0%CPEs: 39EXPL: 0CVE-2025-62229 – Xorg: xmayland: use-after-free in xpresentnotify structure creation
https://notcve.org/view.php?id=CVE-2025-62229
29 Oct 2025 — A flaw was found in the X.Org X server and Xwayland when processing X11 Present extension notifications. Improper error handling during notification creation can leave dangling pointers that lead to a use-after-free condition. This can cause memory corruption or a crash, potentially allowing an attacker to execute arbitrary code or cause a denial of service. This vulnerability allows local attackers to escalate privileges on affected installations of X.Org Server. An attacker must first obtain the ability t... • https://access.redhat.com/security/cve/CVE-2025-62229 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 39EXPL: 0CVE-2025-62230 – Xorg: xwayland: use-after-free in xkb client resource removal
https://notcve.org/view.php?id=CVE-2025-62230
29 Oct 2025 — A flaw was discovered in the X.Org X server’s X Keyboard (Xkb) extension when handling client resource cleanup. The software frees certain data structures without properly detaching related resources, leading to a use-after-free condition. This can cause memory corruption or a crash when affected clients disconnect. This vulnerability allows local attackers to escalate privileges on affected installations of X.Org Server. An attacker must first obtain the ability to execute low-privileged code on the target... • https://access.redhat.com/security/cve/CVE-2025-62230 • CWE-416: Use After Free •
CVSS: 9.0EPSS: 0%CPEs: 39EXPL: 0CVE-2025-62231 – Xorg: xmayland: value overflow in xkbsetcompatmap()
https://notcve.org/view.php?id=CVE-2025-62231
29 Oct 2025 — A flaw was identified in the X.Org X server’s X Keyboard (Xkb) extension where improper bounds checking in the XkbSetCompatMap() function can cause an unsigned short overflow. If an attacker sends specially crafted input data, the value calculation may overflow, leading to memory corruption or a crash. This vulnerability allows local attackers to escalate privileges on affected installations of X.Org Server. An attacker must first obtain the ability to execute low-privileged code on the target system in ord... • https://access.redhat.com/security/cve/CVE-2025-62231 • CWE-190: Integer Overflow or Wraparound •
CVSS: 8.0EPSS: 0%CPEs: 16EXPL: 0CVE-2025-58147 – x86: Incorrect input sanitisation in Viridian hypercalls
https://notcve.org/view.php?id=CVE-2025-58147
27 Oct 2025 — [This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Some Viridian hypercalls can specify a mask of vCPU IDs as an input, in one of three formats. Xen has boundary checking bugs with all three formats, which can cause out-of-bounds reads and writes while processing the inputs. * CVE-2025-58147. Hypercalls using the HV_VP_SET Sparse format can cause vpmask_set() to write out of bounds when converting the bitmap to Xen's format. * CVE... • https://xenbits.xenproject.org/xsa/advisory-475.html • CWE-125: Out-of-bounds Read •
CVSS: 8.0EPSS: 0%CPEs: 16EXPL: 0CVE-2025-58148 – x86: Incorrect input sanitisation in Viridian hypercalls
https://notcve.org/view.php?id=CVE-2025-58148
27 Oct 2025 — [This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Some Viridian hypercalls can specify a mask of vCPU IDs as an input, in one of three formats. Xen has boundary checking bugs with all three formats, which can cause out-of-bounds reads and writes while processing the inputs. * CVE-2025-58147. Hypercalls using the HV_VP_SET Sparse format can cause vpmask_set() to write out of bounds when converting the bitmap to Xen's format. * CVE... • https://xenbits.xenproject.org/xsa/advisory-475.html • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •
CVSS: 5.4EPSS: 0%CPEs: 3EXPL: 0CVE-2025-62401 – Moodle: possible to bypass timer in timed assignments
https://notcve.org/view.php?id=CVE-2025-62401
23 Oct 2025 — An issue in Moodle’s timed assignment feature allowed students to bypass the time restriction, potentially giving them more time than allowed to complete an assessment. • https://access.redhat.com/security/cve/CVE-2025-62401 • CWE-285: Improper Authorization •
CVSS: 4.3EPSS: 0%CPEs: 3EXPL: 0CVE-2025-62395 – Moodle: external cohort search service leaks system cohort data
https://notcve.org/view.php?id=CVE-2025-62395
23 Oct 2025 — A flaw in the cohort search web service allowed users with permissions in lower contexts to access cohort information from the system context, revealing restricted administrative data. • https://access.redhat.com/security/cve/CVE-2025-62395 • CWE-284: Improper Access Control •