4716 results (0.003 seconds)

CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0

10 Jul 2025 — A flaw was found in libsoup. A NULL pointer dereference vulnerability occurs in libsoup's cookie parsing functionality. When processing a cookie without a domain parameter, the soup_cookie_jar_add_cookie() function will crash, resulting in a denial of service. • https://access.redhat.com/security/cve/CVE-2025-7370 • CWE-476: NULL Pointer Dereference •

CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0

10 Jul 2025 — A flaw was found in the libxslt library. The same memory field, psvi, is used for both stylesheet and input data, which can lead to type confusion during XML transformations. This vulnerability allows an attacker to crash the application or corrupt memory. In some cases, it may lead to denial of service or unexpected behavior. • https://access.redhat.com/security/cve/CVE-2025-7424 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •

CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0

10 Jul 2025 — A flaw was found in libxslt where the attribute type, atype, flags are modified in a way that corrupts internal memory management. When XSLT functions, such as the key() process, result in tree fragments, this corruption prevents the proper cleanup of ID attributes. As a result, the system may access freed memory, causing crashes or enabling attackers to trigger heap corruption. • https://access.redhat.com/security/cve/CVE-2025-7425 • CWE-416: Use After Free •

CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0

09 Jul 2025 — A flaw was found in GnuTLS. A double-free vulnerability exists in GnuTLS due to incorrect ownership handling in the export logic of Subject Alternative Name (SAN) entries containing an otherName. If the type-id OID is invalid or malformed, GnuTLS will call asn1_delete_structure() on an ASN.1 node it does not own, leading to a double-free condition when the parent function or caller later attempts to free the same structure. This vulnerability can be triggered using only public GnuTLS APIs and may result in ... • https://access.redhat.com/security/cve/CVE-2025-32988 • CWE-415: Double Free •

CVSS: 5.3EPSS: 0%CPEs: 3EXPL: 0

09 Jul 2025 — A heap-buffer-overread vulnerability was found in GnuTLS in how it handles the Certificate Transparency (CT) Signed Certificate Timestamp (SCT) extension during X.509 certificate parsing. This flaw allows a malicious user to create a certificate containing a malformed SCT extension (OID 1.3.6.1.4.1.11129.2.4.2) that contains sensitive data. This issue leads to the exposure of confidential information when GnuTLS verifies certificates from certain websites when the certificate (SCT) is not checked correctly. • https://access.redhat.com/security/cve/CVE-2025-32989 • CWE-295: Improper Certificate Validation •

CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0

09 Jul 2025 — A heap-buffer-overflow (off-by-one) flaw was found in the GnuTLS software in the template parsing logic within the certtool utility. When it reads certain settings from a template file, it allows an attacker to cause an out-of-bounds (OOB) NULL pointer write, resulting in memory corruption and a denial-of-service (DoS) that could potentially crash the system. • https://access.redhat.com/security/cve/CVE-2025-32990 • CWE-122: Heap-based Buffer Overflow •

CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0

09 Jul 2025 — A NULL pointer dereference flaw was found in the GnuTLS software in _gnutls_figure_common_ciphersuite(). When it reads certain settings from a template file, it can allow an attacker to cause an out-of-bounds (OOB) NULL pointer write, resulting in memory corruption and a denial of service (DoS) that could crash the system. • https://access.redhat.com/security/cve/CVE-2025-6395 • CWE-476: NULL Pointer Dereference •

CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0

08 Jul 2025 — A flaw exists in gdk‑pixbuf within the gdk_pixbuf__jpeg_image_load_increment function (io-jpeg.c) and in glib’s g_base64_encode_step (glib/gbase64.c). When processing maliciously crafted JPEG images, a heap buffer overflow can occur during Base64 encoding, allowing out-of-bounds reads from heap memory, potentially causing application crashes or arbitrary code execution. • https://access.redhat.com/security/cve/CVE-2025-7345 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-787: Out-of-bounds Write •

CVSS: 5.0EPSS: 0%CPEs: 5EXPL: 0

05 Jul 2025 — A flaw was found in libssh when using the ChaCha20 cipher with the OpenSSL library. If an attacker manages to exhaust the heap space, this error is not detected and may lead to libssh using a partially initialized cipher context. This occurs because the OpenSSL error code returned aliases with the SSH_OK code, resulting in libssh not properly detecting the error returned by the OpenSSL library. This issue can lead to undefined behavior, including compromised data confidentiality and integrity or crashes. Ro... • https://access.redhat.com/security/cve/CVE-2025-5987 • CWE-393: Return of Wrong Status Code •

CVSS: 4.2EPSS: 0%CPEs: 4EXPL: 0

04 Jul 2025 — A flaw was found in the key export functionality of libssh. The issue occurs in the internal function responsible for converting cryptographic keys into serialized formats. During error handling, a memory structure is freed but not cleared, leading to a potential double free issue if an additional failure occurs later in the function. This condition may result in heap corruption or application instability in low-memory scenarios, posing a risk to system reliability where key export operations are performed.... • https://access.redhat.com/security/cve/CVE-2025-5351 • CWE-415: Double Free •