CVSS: 3.7EPSS: 0%CPEs: 2EXPL: 0CVE-2025-6052 – Glib: integer overflow in g_string_maybe_expand() leading to potential buffer overflow in glib gstring
https://notcve.org/view.php?id=CVE-2025-6052
13 Jun 2025 — A flaw was found in how GLib’s GString manages memory when adding data to strings. If a string is already very large, combining it with more input can cause a hidden overflow in the size calculation. This makes the system think it has enough memory when it doesn’t. As a result, data may be written past the end of the allocated memory, leading to crashes or memory corruption. • https://access.redhat.com/security/cve/CVE-2025-6052 • CWE-190: Integer Overflow or Wraparound •
CVSS: 6.6EPSS: 0%CPEs: 2EXPL: 0CVE-2025-6035 – Gimp: gimp integer overflow
https://notcve.org/view.php?id=CVE-2025-6035
13 Jun 2025 — A flaw was found in GIMP. An integer overflow vulnerability exists in the GIMP "Despeckle" plug-in. The issue occurs due to unchecked multiplication of image dimensions, such as width, height, and bytes-per-pixel (img_bpp), which can result in allocating insufficient memory and subsequently performing out-of-bounds writes. This issue could lead to heap corruption, a potential denial of service (DoS), or arbitrary code execution in certain scenarios. • https://access.redhat.com/security/cve/CVE-2025-6035 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2025-6021 – Libxml2: integer overflow in xmlbuildqname() leads to stack buffer overflow in libxml2
https://notcve.org/view.php?id=CVE-2025-6021
12 Jun 2025 — A flaw was found in libxml2's xmlBuildQName function, where integer overflows in buffer size calculations can lead to a stack-based buffer overflow. This issue can result in memory corruption or a denial of service when processing crafted input. • https://access.redhat.com/security/cve/CVE-2025-6021 • CWE-121: Stack-based Buffer Overflow •
CVSS: 3.9EPSS: 0%CPEs: 4EXPL: 0CVE-2025-5914 – Libarchive: double free at archive_read_format_rar_seek_data() in archive_read_support_format_rar.c
https://notcve.org/view.php?id=CVE-2025-5914
09 Jun 2025 — A vulnerability has been identified in the libarchive library, specifically within the archive_read_format_rar_seek_data() function. This flaw involves an integer overflow that can ultimately lead to a double-free condition. Exploiting a double-free vulnerability can result in memory corruption, enabling an attacker to execute arbitrary code or cause a denial-of-service condition. Se ha identificado una vulnerabilidad en la librería libarchive, específicamente en la función archive_read_format_rar_seek_data... • https://access.redhat.com/security/cve/CVE-2025-5914 • CWE-415: Double Free •
CVSS: 3.9EPSS: 0%CPEs: 3EXPL: 0CVE-2025-5918 – Libarchive: reading past eof may be triggered for piped file streams
https://notcve.org/view.php?id=CVE-2025-5918
09 Jun 2025 — A vulnerability has been identified in the libarchive library. This flaw can be triggered when file streams are piped into bsdtar, potentially allowing for reading past the end of the file. This out-of-bounds read can lead to unintended consequences, including unpredictable program behavior, memory corruption, or a denial-of-service condition. Se ha identificado una vulnerabilidad en la librería libarchive. Esta falla puede activarse cuando se canalizan flujos de archivos a bsdtar, lo que podría permitir la... • https://access.redhat.com/security/cve/CVE-2025-5918 • CWE-125: Out-of-bounds Read •
CVSS: 2.8EPSS: 0%CPEs: 3EXPL: 0CVE-2025-5917 – Libarchive: off by one error in build_ustar_entry_name() at archive_write_set_format_pax.c
https://notcve.org/view.php?id=CVE-2025-5917
09 Jun 2025 — A vulnerability has been identified in the libarchive library. This flaw involves an 'off-by-one' miscalculation when handling prefixes and suffixes for file names. This can lead to a 1-byte write overflow. While seemingly small, such an overflow can corrupt adjacent memory, leading to unpredictable program behavior, crashes, or in specific circumstances, could be leveraged as a building block for more sophisticated exploitation. Se ha identificado una vulnerabilidad en la librería libarchive. • https://access.redhat.com/security/cve/CVE-2025-5917 • CWE-787: Out-of-bounds Write •
CVSS: 3.9EPSS: 0%CPEs: 3EXPL: 0CVE-2025-5916 – Libarchive: integer overflow while reading warc files at archive_read_support_format_warc.c
https://notcve.org/view.php?id=CVE-2025-5916
09 Jun 2025 — A vulnerability has been identified in the libarchive library. This flaw involves an integer overflow that can be triggered when processing a Web Archive (WARC) file that claims to have more than INT64_MAX - 4 content bytes. An attacker could craft a malicious WARC archive to induce this overflow, potentially leading to unpredictable program behavior, memory corruption, or a denial-of-service condition within applications that process such archives using libarchive. Se ha identificado una vulnerabilidad en ... • https://access.redhat.com/security/cve/CVE-2025-5916 • CWE-190: Integer Overflow or Wraparound •
CVSS: 3.9EPSS: 0%CPEs: 3EXPL: 0CVE-2025-5915 – Libarchive: heap buffer over read in copy_from_lzss_window() at archive_read_support_format_rar.c
https://notcve.org/view.php?id=CVE-2025-5915
09 Jun 2025 — A vulnerability has been identified in the libarchive library. This flaw can lead to a heap buffer over-read due to the size of a filter block potentially exceeding the Lempel-Ziv-Storer-Schieber (LZSS) window. This means the library may attempt to read beyond the allocated memory buffer, which can result in unpredictable program behavior, crashes (denial of service), or the disclosure of sensitive information from adjacent memory regions. Se ha identificado una vulnerabilidad en la librería libarchive. Est... • https://access.redhat.com/security/cve/CVE-2025-5915 • CWE-122: Heap-based Buffer Overflow •
CVSS: 7.1EPSS: 0%CPEs: 5EXPL: 0CVE-2025-5791 – Users: `root` appended to group listings
https://notcve.org/view.php?id=CVE-2025-5791
06 Jun 2025 — A flaw was found in the user's crate for Rust. This vulnerability allows privilege escalation via incorrect group listing when a user or process has fewer than exactly 1024 groups, leading to the erroneous inclusion of the root group in the access list. • https://access.redhat.com/security/cve/CVE-2025-5791 • CWE-266: Incorrect Privilege Assignment •
CVSS: 6.8EPSS: 0%CPEs: 5EXPL: 0CVE-2025-0620 – Samba: smbd doesn't pick up group membership changes when re-authenticating an expired smb session
https://notcve.org/view.php?id=CVE-2025-0620
06 Jun 2025 — A flaw was found in Samba. The smbd service daemon does not pick up group membership changes when re-authenticating an expired SMB session. This issue can expose file shares until clients disconnect and then connect again. It was discovered that Samba incorrectly handled certain group membership changes when using Kerberos authentication. A remote user could possibly use this issue to continue to access resources after being removed by an administrator. • https://access.redhat.com/security/cve/CVE-2025-0620 • CWE-552: Files or Directories Accessible to External Parties •