CVSS: 7.7EPSS: 0%CPEs: 31EXPL: 0CVE-2025-13601 – Glib: integer overflow in in g_escape_uri_string()
https://notcve.org/view.php?id=CVE-2025-13601
26 Nov 2025 — A heap-based buffer overflow problem was found in glib through an incorrect calculation of buffer size in the g_escape_uri_string() function. If the string to escape contains a very large number of unacceptable characters (which would need escaping), the calculation of the length of the escaped string could overflow, leading to a potential write off the end of the newly allocated string. It was discovered that GLib incorrectly handled escaping URI strings. An attacker could use this issue to cause GLib to c... • https://access.redhat.com/security/cve/CVE-2025-13601 • CWE-190: Integer Overflow or Wraparound •
CVSS: 10.0EPSS: 0%CPEs: 22EXPL: 0CVE-2025-10230 – Samba: command injection in wins server hook script
https://notcve.org/view.php?id=CVE-2025-10230
15 Oct 2025 — A flaw was found in Samba, in the front-end WINS hook handling: NetBIOS names from registration packets are passed to a shell without proper validation or escaping. Unsanitized NetBIOS name data from WINS registration packets are inserted into a shell command and executed by the Samba Active Directory Domain Controller’s wins hook, allowing an unauthenticated network attacker to achieve remote command execution as the Samba process. USN-7826-1 fixed vulnerabilities in Samba. This update provides the corresp... • https://access.redhat.com/security/cve/CVE-2025-10230 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 4.3EPSS: 0%CPEs: 24EXPL: 0CVE-2025-9640 – Samba: vfs_streams_xattr uninitialized memory write possible
https://notcve.org/view.php?id=CVE-2025-9640
15 Oct 2025 — A flaw was found in Samba, in the vfs_streams_xattr module, where uninitialized heap memory could be written into alternate data streams. This allows an authenticated user to read residual memory content that may include sensitive data, resulting in an information disclosure vulnerability. USN-7826-1 fixed vulnerabilities in Samba. This update provides the corresponding update for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. Andrew Walker discovered that Samba incorrectly initi... • https://access.redhat.com/security/cve/CVE-2025-9640 • CWE-908: Use of Uninitialized Resource •
CVSS: 9.0EPSS: 0%CPEs: 37EXPL: 0CVE-2025-11561 – Sssd: sssd default kerberos configuration allows privilege escalation on ad-joined linux systems
https://notcve.org/view.php?id=CVE-2025-11561
09 Oct 2025 — A flaw was found in the integration of Active Directory and the System Security Services Daemon (SSSD) on Linux systems. In default configurations, SSSD does not enable the Kerberos local authentication plugin (sssd_krb5_localauth_plugin), allowing an attacker with permission to modify certain AD attributes (such as userPrincipalName or samAccountName) to impersonate privileged users. This can result in unauthorized access or privilege escalation on domain-joined Linux hosts. A flaw was found in the integra... • https://access.redhat.com/security/cve/CVE-2025-11561 • CWE-269: Improper Privilege Management •
CVSS: 5.4EPSS: 0%CPEs: 29EXPL: 0CVE-2025-11065 – Github.com/go-viper/mapstructure/v2: go-viper's mapstructure may leak sensitive information in logs in github.com/go-viper/mapstructure
https://notcve.org/view.php?id=CVE-2025-11065
09 Oct 2025 — A flaw was found in github.com/go-viper/mapstructure/v2, in the field processing component using mapstructure.WeakDecode. This vulnerability allows information disclosure through detailed error messages that may leak sensitive input values via malformed user-supplied data processed in security-critical contexts. These are all security issues fixed in the grafana-11.6.6-1.1 package on the GA media of openSUSE Tumbleweed. • https://access.redhat.com/security/cve/CVE-2025-11065 • CWE-209: Generation of Error Message Containing Sensitive Information •
CVSS: 7.1EPSS: 0%CPEs: 3EXPL: 0CVE-2025-6242 – Vllm: server side request forgery (ssrf) in mediaconnector
https://notcve.org/view.php?id=CVE-2025-6242
07 Oct 2025 — A Server-Side Request Forgery (SSRF) vulnerability exists in the MediaConnector class within the vLLM project's multimodal feature set. The load_from_url and load_from_url_async methods fetch and process media from user-provided URLs without adequate restrictions on the target hosts. This allows an attacker to coerce the vLLM server into making arbitrary requests to internal network resources. • https://access.redhat.com/security/cve/CVE-2025-6242 • CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 7.8EPSS: 1%CPEs: 42EXPL: 0CVE-2025-41244 – Broadcom VMware Aria Operations and VMware Tools Privilege Defined with Unsafe Actions Vulnerability
https://notcve.org/view.php?id=CVE-2025-41244
29 Sep 2025 — VMware Aria Operations and VMware Tools contain a local privilege escalation vulnerability. A malicious local actor with non-administrative privileges having access to a VM with VMware Tools installed and managed by Aria Operations with SDMP enabled may exploit this vulnerability to escalate privileges to root on the same VM. A flaw was found in VMWare open-vm-tools. A malicious actor with non-administrative privileges on a guest Virtual Machine (VM) could exploit this vulnerability to gain root privileges ... • http://support.broadcom.com/group/ecx/support-content-view/-/support-content/Security%20Advisories/VMSA-2025-0015--VMware-Aria-Operations-and-VMware-Tools-updates-address-multiple-vulnerabilities--CVE-2025-41244-CVE-2025-41245--CVE-2025-41246-/36149 • CWE-267: Privilege Defined With Unsafe Actions CWE-280: Improper Handling of Insufficient Permissions or Privileges •
CVSS: 7.8EPSS: 0%CPEs: 32EXPL: 0CVE-2025-11021 – Libsoup: out-of-bounds read in cookie date handling of libsoup http library
https://notcve.org/view.php?id=CVE-2025-11021
26 Sep 2025 — A flaw was found in the cookie date handling logic of the libsoup HTTP library, widely used by GNOME and other applications for web communication. When processing cookies with specially crafted expiration dates, the library may perform an out-of-bounds memory read. This flaw could result in unintended disclosure of memory contents, potentially exposing sensitive information from the process using libsoup. This update for libsoup fixes the following issues. Ignored invalid date when processing cookies to pre... • https://access.redhat.com/security/cve/CVE-2025-11021 • CWE-125: Out-of-bounds Read •
CVSS: 10.0EPSS: 0%CPEs: 38EXPL: 0CVE-2025-9900 – Libtiff: libtiff write-what-where
https://notcve.org/view.php?id=CVE-2025-9900
23 Sep 2025 — A flaw was found in Libtiff. This vulnerability is a "write-what-where" condition, triggered when the library processes a specially crafted TIFF image file. By providing an abnormally large image height value in the file's metadata, an attacker can trick the library into writing attacker-controlled color data to an arbitrary memory location. This memory corruption can be exploited to cause a denial of service (application crash) or to achieve arbitrary code execution with the permissions of the user. Xudong... • https://access.redhat.com/security/cve/CVE-2025-9900 • CWE-123: Write-what-where Condition •
CVSS: 7.8EPSS: 0%CPEs: 26EXPL: 0CVE-2025-8941 – Linux-pam: incomplete fix for cve-2025-6020
https://notcve.org/view.php?id=CVE-2025-8941
13 Aug 2025 — A flaw was found in linux-pam. The pam_namespace module may improperly handle user-controlled paths, allowing local users to exploit symlink attacks and race conditions to elevate their privileges to root. This CVE provides a "complete" fix for CVE-2025-6020. Se encontró una falla en linux-pam. El módulo pam_namespace podría gestionar incorrectamente las rutas controladas por el usuario, lo que permite a los usuarios locales explotar ataques de enlaces simbólicos y condiciones de ejecución para elevar sus p... • https://access.redhat.com/errata/RHSA-2025:14557 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •