Report Name: Linux Patch Wednesday August 2025
Generated: 2025-09-01 19:34:18

Product Name	Prevalence	U	C	H	M	L	A	Comment
Apache HTTP Server	0.9			1	1		2	Apache HTTP Server is a free and open-source web server that delivers web content through the internet
HTTP/2	0.9			1	1		2	HTTP/2 is a major revision of the HTTP network protocol used by the World Wide Web
Intel(R) Processor	0.9			2			2	Intel's processors from the pioneering 4-bit 4004 (1971) to the present high-end offerings
Linux Kernel	0.9				180	275	455	The Linux kernel is a free and open-source, monolithic, modular, multitasking, Unix-like operating system kernel
WordPress	0.9		1		1		2	WordPress is a widely-used open source content management system (CMS) for building websites and blogs. It provides a plugin and theme architecture and is written in PHP, typically paired with MySQL/MariaDB for storage.
nghttp2	0.9			2			2	nghttp2 is an implementation of HTTP/2 and its header compression algorithm HPACK in C
Binutils	0.8			2			2	The GNU Binary Utilities, or binutils, are a set of programming tools for creating and managing binary programs, object files, libraries, profile data, and assembly source code
Chromium	0.8		1	3	17		21	Chromium is a free and open-source web browser project, mainly developed and maintained by Google
GLPI	0.8			3	8		11	GLPI is an open source IT Asset Management, issue tracking system and service desk system
Mozilla Firefox	0.8			6	7		13	Mozilla Firefox, or simply Firefox, is a free and open-source web browser developed by the Mozilla Foundation and its subsidiary, the Mozilla Corporation
Netty	0.8				1		1	Netty is a non-blocking I/O client-server framework for the development of Java network applications such as protocol servers and clients
Node.js	0.8				2		2	Node.js is a cross-platform, open-source server environment that can run on Windows, Linux, Unix, macOS, and more
OpenSSL	0.8			2	2		4	A software library for applications that secure communications over computer networks against eavesdropping or need to identify the party at the other end
PHP	0.8				1		1	PHP is a general-purpose scripting language geared towards web development. It was originally created by Danish-Canadian programmer Rasmus Lerdorf in 1993 and released in 1995.
Safari	0.8			1	8		9	Safari is a web browser developed by Apple. It is built into Apple's operating systems, including macOS, iOS, iPadOS and their upcoming VisionOS, and uses Apple's open-source browser engine WebKit, which was derived from KHTML.
Secure Boot	0.8			1			1	Secure boot is a security standard developed by members of the PC industry to help make sure that a device boots using only software that is trusted by the Original Equipment Manufacturer (OEM)
Apache Tomcat	0.7				2	1	3	Apache Tomcat is a free and open-source implementation of the Jakarta Servlet, Jakarta Expression Language, and WebSocket technologies
FFmpeg	0.7			3	2		5	FFmpeg is a free and open-source software project consisting of a suite of libraries and programs for handling video, audio, and other multimedia files and streams
Kubernetes	0.7		1	1			2	Kubernetes is an open-source container orchestration system for automating software deployment, scaling, and management
Oracle MySQL	0.7			1	24		25	MySQL is an open-source relational database management system
Oracle VM VirtualBox	0.7			5	2		7	Oracle VM VirtualBox is a hosted hypervisor for x86 virtualization developed by Oracle Corporation
QEMU	0.7					2	2	QEMU is a generic and open source machine & userspace emulator and virtualizer
SQLite	0.7			1	2		3	SQLite is a database engine written in the C programming language
vim	0.7			2			2	Vim is a free and open-source, screen-based text editor program
Bouncy Castle	0.6				2		2	Bouncy Castle is a collection of APIs used in cryptography
ImageMagick	0.6			3	1		4	ImageMagick, invoked from the command line as magick, is a free and open-source cross-platform software suite for displaying, creating, converting, modifying, and editing raster images
Jetty	0.6				1		1	Jetty is a Java based web server and servlet engine
MongoDB	0.6				3	1	4	MongoDB is a source-available, cross-platform, document-oriented database program
Nextcloud	0.6				1		1	Nextcloud server is a self hosted personal cloud system
Oracle Java SE	0.6				1		1	Oracle Java SE
Perl	0.6			1	3		4	Perl is a family of two high-level, general-purpose, interpreted, dynamic programming languages
PostgreSQL	0.6		1	1		1	3	PostgreSQL also known as Postgres, is a free and open-source relational database management system emphasizing extensibility and SQL compliance.
Python	0.6				3	1	4	Python is a high-level, general-purpose programming language
Redis	0.6				1		1	Redis is an open-source in-memory storage, used as a distributed, in-memory key–value database, cache and message broker, with optional durability
axios	0.6			1			1	axios is a promise based HTTP client for the browser and node.js
libxml2	0.6					1	1	libxml2 is an XML toolkit implemented in C, originally developed for the GNOME Project
tiffcrop	0.6				2		2	Tiffcrop processes one or more files created according to the Tag Image File Format, Revision 6.0, specification into one or more TIFF file(s)
7-Zip	0.5			3			3	7-Zip is a free and open-source file archiver, a utility used to place groups of files within compressed containers known as "archives"
ATHLON SILVER 3050U	0.5				1		1	Product detected by h:amd:athlon_silver_3050u (exists in CPE dict)
Advanced Intrusion Detection Environment	0.5			2			2	Product detected by a:advanced_intrusion_detection_environment_project:advanced_intrusion_detection_environment (exists in CPE dict)
Amarok	0.5			1			1	Product detected by a:kde:amarok (exists in CPE dict)
Arrow	0.5			1			1	Product detected by a:apache:arrow (exists in CPE dict)
Curl	0.5			2			2	Product detected by a:haxx:curl (exists in CPE dict)
DNSSEC	0.5			1			1	The Domain Name System Security Extensions (DNSSEC) is a feature of the Domain Name System (DNS) that authenticates responses to domain name lookups
EPYC 7203	0.5			3			3	Product detected by h:amd:epyc_7203 (exists in CPE dict)
EPYC 8024PN	0.5				2		2	Product detected by h:amd:epyc_8024pn (exists in CPE dict)
GLib	0.5				1		1	Product detected by a:gnome:glib (exists in CPE dict)
Gitaly	0.5					1	1	Product detected by a:gitlab:gitaly (exists in CPE dict)
GoldenDict	0.5				1		1	Cross-platform dictionary lookup program supporting multiple formats
Gstreamer	0.5			5	1		6	Product detected by a:gstreamer_project:gstreamer (exists in CPE dict)
H300S	0.5				1		1	Product detected by h:netapp:h300s (exists in CPE dict)
HTCondor	0.5					1	1	Product detected by a:wisc:htcondor (exists in CPE dict)
HttpClient	0.5				1		1	Product detected by a:apache:httpclient (exists in CPE dict)
JWT	0.5				1		1	Product detected by a:jwt_project:jwt (exists in CPE dict)
Jena	0.5				2		2	Product detected by a:apache:jena (exists in CPE dict)
Jose4j	0.5		1				1	The jose.4.j library is a robust and easy to use open source implementation of JSON Web Token (JWT) and the JOSE specification suite (JWS, JWE, and JWK)
Jupyterlab	0.5				1		1	Product detected by a:jupyter:jupyterlab (exists in CPE dict)
Kafka	0.5		1	2			3	Product detected by a:apache:kafka (exists in CPE dict)
LibHTP	0.5				1		1	Product detected by a:oisf:libhtp (exists in CPE dict)
Mac OS X Server	0.5			1	1		2	Product detected by o:apple:mac_os_x_server (exists in CPE dict)
Mbed TLS	0.5			1			1	Mbed TLS
Mobile Security Framework	0.5			1			1	Product detected by a:opensecurity:mobile_security_framework (exists in CPE dict)
ModSecurity	0.5			1	2		3	ModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS and Nginx
NVIDIA GPU Display Driver	0.5				1		1	A NVIDIA driver is a software program that enables communication between your computer and the NVIDIA graphics processor installed in your system
POCO	0.5				1		1	Product detected by a:pocoproject:poco (exists in CPE dict)
Passenger	0.5				1		1	Product detected by a:phusion:passenger (exists in CPE dict)
Pypdf	0.5				1		1	Product detected by a:pypdf_project:pypdf (exists in CPE dict)
RSA	0.5				1		1	Product detected by a:rustcrypto:rsa (exists in CPE dict)
Ruby SAML library	0.5				1		1	The Ruby SAML library is for implementing the client side of a SAML authorization, i.e. it provides a means for managing authorization initialization and confirmation requests from identity providers
Ryzen 7 5700G	0.5				2		2	Product detected by h:amd:ryzen_7_5700g (exists in CPE dict)
Server Board S2600ST Firmware	0.5				1		1	Product detected by o:intel:server_board_s2600st_firmware (exists in CPE dict)
Slurm	0.5		1			1	2	Product detected by a:schedmd:slurm (exists in CPE dict)
Spotipy	0.5		1				1	Product detected by a:spotipy_project:spotipy (exists in CPE dict)
Starlette	0.5				1		1	Starlette is an Asynchronous Server Gateway Interface (ASGI) framework/toolkit
Suricata	0.5				3		3	Product detected by a:oisf:suricata (exists in CPE dict)
Tungstenite	0.5		1				1	Product detected by a:snapview:tungstenite (exists in CPE dict)
Yarn	0.5			1			1	Product detected by a:yarnpkg:yarn (exists in CPE dict)
aiohttp	0.5				1		1	Product detected by a:aiohttp:aiohttp (exists in CPE dict)
album_browser	0.5				1		1	Product detected by a:magnatune.com:album_browser (does NOT exist in CPE dict)
amarok	0.5		1	1	1		3	Product detected by a:amarok:amarok (does NOT exist in CPE dict)
ansible_semaphore	0.5			1			1	Product detected by a:ansible-semaphore:ansible_semaphore (exists in CPE dict)
buffered-reader	0.5				1		1	Product detected by a:sequoia-pgp:buffered-reader (does NOT exist in CPE dict)
cbor2	0.5			1			1	Product detected by a:agronholm:cbor2 (does NOT exist in CPE dict)
commons_ognl	0.5				1		1	Product detected by a:apache:commons_ognl (does NOT exist in CPE dict)
curve25519-dalek	0.5				1		1	Product detected by a:dalek:curve25519-dalek (does NOT exist in CPE dict)
devscripts	0.5				1		1	Product detected by a:debian:devscripts (exists in CPE dict)
diesel	0.5				1		1	Product detected by a:diesel:diesel (exists in CPE dict)
ethernet_800_series_controllers_driver	0.5				1		1	Product detected by a:intel:ethernet_800_series_controllers_driver (does NOT exist in CPE dict)
eza	0.5				1		1	Product detected by a:eza.rock:eza (does NOT exist in CPE dict)
firebird	0.5			1	1		2	Product detected by a:firebirdsql:firebird (exists in CPE dict)
fort_validator	0.5				1		1	Product detected by a:nicmx:fort_validator (does NOT exist in CPE dict)
i.MX 6	0.5					1	1	Product detected by h:nxp:i.mx_6 (exists in CPE dict)
iPerf	0.5				3		3	Product detected by a:iperf_project:iperf (exists in CPE dict)
iTop	0.5				4	3	7	Product detected by a:combodo:itop (exists in CPE dict)
jakarta_mail	0.5				1		1	Product detected by a:eclipse:jakarta_mail (does NOT exist in CPE dict)
jbig2enc	0.5			2	1		3	Product detected by a:jbig2enc_project:jbig2enc (exists in CPE dict)
ledgersmb	0.5			1			1	Product detected by a:ledgersmb:ledgersmb (exists in CPE dict)
libcoap	0.5			1			1	Product detected by a:libcoap:libcoap (exists in CPE dict)
libiec61850	0.5			1			1	Product detected by a:mz-automation:libiec61850 (exists in CPE dict)
libssh	0.5				1		1	Product detected by a:libssh:libssh (exists in CPE dict)
linux_kernel	0.5				1		1	Product detected by o:linux:linux_kernel (exists in CPE dict)
lxml_html_clean	0.5				1		1	Product detected by a:fedoralovespython:lxml_html_clean (does NOT exist in CPE dict)
markdown-to-jsx	0.5				1		1	Product detected by a:quantizor:markdown-to-jsx (does NOT exist in CPE dict)
mbed TLS	0.5				1	1	2	Product detected by a:arm:mbed_tls (exists in CPE dict)
micropython	0.5			1			1	Product detected by a:micropython:micropython (does NOT exist in CPE dict)
miniaudio	0.5			1			1	Product detected by a:mackron:miniaudio (does NOT exist in CPE dict)
moby	0.5					1	1	Product detected by a:mobyproject:moby (exists in CPE dict)
nats_server	0.5				1		1	Product detected by a:nats:nats_server (exists in CPE dict)
openexr	0.5			1			1	Product detected by a:openexr:openexr (exists in CPE dict)
openjpeg	0.5				1		1	Product detected by a:uclouvain:openjpeg (exists in CPE dict)
openpubkey	0.5				1		1	Product detected by a:openpubkey:openpubkey (does NOT exist in CPE dict)
openvpn3linux	0.5					1	1	Product detected by a:openvpn:openvpn3linux (does NOT exist in CPE dict)
pkcs11-provider	0.5				1		1	Product detected by a:latchset:pkcs11-provider (does NOT exist in CPE dict)
quickjs	0.5			2			2	Product detected by a:quickjs-ng:quickjs (does NOT exist in CPE dict)
robot_operating_system	0.5				5		5	Product detected by o:openrobotics:robot_operating_system (exists in CPE dict)
satellite	0.5				1		1	Product detected by a:redhat:satellite (exists in CPE dict)
sequoia-openpgp	0.5			1	1		2	Product detected by a:sequoia-pgp:sequoia-openpgp (does NOT exist in CPE dict)
shlex	0.5				1		1	Product detected by a:comex:shlex (does NOT exist in CPE dict)
snow	0.5				1		1	Product detected by a:mcginty:snow (does NOT exist in CPE dict)
sudo	0.5			2			2	Product detected by a:trifectatech:sudo (does NOT exist in CPE dict)
texmacs	0.5			1			1	Product detected by a:texmacs:texmacs (exists in CPE dict)
transpose	0.5				1		1	Product detected by a:ejmahler:transpose (does NOT exist in CPE dict)
webbrowser	0.5		1				1	Product detected by a:webbrowser_project:webbrowser (exists in CPE dict)
wolfSSL	0.5			1			1	wolfSSL is a small, portable, embedded SSL/TLS library targeted for use by embedded systems developers
xar	0.5				2		2	Product detected by a:xar_project:xar (exists in CPE dict)
GPAC	0.4				1		1	GPAC is an Open Source multimedia framework for research and academic purposes; the project covers different aspects of multimedia, with a focus on presentation technologies (graphics, animation and interactivity)
Git	0.4					1	1	Git
Keras	0.4		1		1		2	High-level neural networks API, running on top of TensorFlow, allowing model building and training
U-Boot	0.4			1			1	Das U-Boot (U-Boot) is an open-source universal boot loader used on many embedded boards and SoCs to initialize hardware, provide low-level diagnostics, and load an operating system kernel. It is implemented primarily in C with board-specific assembly.
NVIDIA Container Toolkit	0.35			1			1	The NVIDIA Container Toolkit provides the tooling and runtime components to build and run GPU-accelerated containers, exposing host NVIDIA GPUs into containerized workloads and integrating with container runtimes (Docker, containerd, CRI-O).
Artifex Ghostscript	0.3			1			1	Artifex Ghostscript is an interpreter for the PostScript® language and PDF files
CIRCL FourQ	0.3				1		1	CIRCL Go cryptographic library implementation of the FourQ elliptic curve
JOSE	0.3				1		1	JavaScript module for JSON Object Signing and Encryption (JOSE)
Sipwise rtpengine	0.3				1		1	Media-relay RTP/SRTP engine commonly deployed in SIP/VoIP infrastructure
WeasyPrint	0.3				1		1	Python library to generate PDF documents from HTML/CSS
Xdebug	0.3			1			1	Xdebug is a PHP extension that provides debugging and profiling capabilities. An unauthenticated OS command injection vulnerability exists within Xdebug versions 2.5.5 and earlier, allowing attackers to execute arbitrary OS commands via crafted input.
c-blosc2	0.3			2	1		3	c-blosc2 is a high-performance blocking data compression library optimized for binary data, offering multi-threaded and lightweight compression.
gitoxide	0.3			1	2	2	5	gitoxide is an idiomatic, lean, fast & safe pure Rust implementation of Git, designed for correctness and performance, available both as a Rust library (gix crate) and command-line interface tools.
jqlang jq	0.3			2			2	jq is a lightweight and flexible command-line JSON processor, allowing powerful querying and manipulation of JSON data streams.
spytrap-adb	0.3				1		1	Android-based tool scanning for stalkerware artifacts via ADB
Wasmtime	0.25				3	3	6	Standalone WebAssembly runtime written in Rust
form-data	0.25			1			1	JavaScript library for constructing multipart form-data
Artifex MuPDF mutool	0.2				1		1	Command-line utility 'mutool' for MuPDF, a lightweight PDF and XPS viewer
Cairo	0.2					1	1	2D graphics library used for rendering vector graphics, including PDF via Poppler
GitHub	0.2				2		2	GitHub, Inc. is an Internet hosting service for software development and version control using Git
IEEE P802.11-REVme mesh networks	0.2				1		1	Draft versions D1.1–D7.0 of the IEEE P802.11-REVme standard for mesh networking
freedesktop Poppler pdfseparate	0.2				1		1	Utility 'pdfseparate' part of Poppler, a PDF rendering library
gh (R package)	0.2				1		1	R client for interacting with GitHub API
libtiff	0.2				1		1	libtiff is a widely used library for reading and writing TIFF (Tagged Image File Format) files, offering tools like tiff2ps.
orjson	0.2				1		1	Python library for fast JSON parsing and serialization
pyjwt	0.2				1		1	Python JSON Web Token implementation
Unknown Product	0				41	46	87	Unknown Product

Vulnerability Type	Criticality	U	C	H	M	L	A
Remote Code Execution	1.0		4	15	24		43
Authentication Bypass	0.98		1	11	10		22
Code Injection	0.97		1	4	1		6
Command Injection	0.97		1	7	4		12
Arbitrary File Writing	0.95			1	3		4
Security Feature Bypass	0.9		3	12	30		45
Elevation of Privilege	0.85				7		7
Arbitrary File Reading	0.83				1		1
Information Disclosure	0.83			6	11		17
Cross Site Scripting	0.8			1	14		15
Open Redirect	0.75				1		1
Denial of Service	0.7		1	14	75	3	93
Path Traversal	0.7		1	1	4		6
Incorrect Calculation	0.5			1	10		11
Memory Corruption	0.5			22	178	23	223
Spoofing	0.4			1	3		4
Tampering	0.3			1	1		2
Unknown Vulnerability Type	0				36	319	355

Source	U	C	H	M	L	A
almalinux		2	10	23	2	37
altlinux		2	24	53	11	90
debian		10	73	342	331	756
oraclelinux		2	9	64	56	131
redhat		2	10	24	2	38
redos		3	20	38	6	67
ubuntu		1	9	53	30	93

Urgent (0)

Critical (12)

1. Security Feature Bypass - Chromium (CVE-2025-6558) - Critical [752]

Description: Insufficient validation of untrusted input in ANGLE and GPU in Google Chrome prior to 138.0.7204.157 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

almalinux: CVE-2025-6558 was patched at 2025-08-13

altlinux: CVE-2025-6558 was patched at 2025-08-08

debian: CVE-2025-6558 was patched at 2025-07-17, 2025-08-18, 2025-08-20

oraclelinux: CVE-2025-6558 was patched at 2025-08-13

redhat: CVE-2025-6558 was patched at 2025-08-13, 2025-08-25

redos: CVE-2025-6558 was patched at 2025-08-06

ubuntu: CVE-2025-6558 was patched at 2025-08-19

2. Remote Code Execution - WordPress (CVE-2024-31211) - Critical [721]

Description: WordPress is an open publishing platform for the Web. Unserialization of instances of the `WP_HTML_Token` class allows for code execution via its `__destruct()` magic method. This issue was fixed in WordPress 6.4.2 on December 6th, 2023. Versions prior to 6.4.0 are not affected.

debian: CVE-2024-31211 was patched at 2025-08-20

3. Command Injection - Kubernetes (CVE-2024-7646) - Critical [706]

Description: A security issue was discovered in ingress-nginx where an actor with permission to create Ingress objects (in the `networking.k8s.io` or `extensions` API group) can bypass annotation validation to inject arbitrary commands and obtain the credentials of the ingress-nginx controller. In the default configuration, that credential has access to all secrets in the cluster.

redos: CVE-2024-7646 was patched at 2025-08-14

4. Security Feature Bypass - Jose4j (CVE-2023-31582) - Critical [702]

Description: jose4j before v0.9.3 allows attackers to set a low iteration count of 1000 or less.

debian: CVE-2023-31582 was patched at 2025-08-20

5. Remote Code Execution - amarok (CVE-2009-0136) - Critical [678]

Description: Multiple array index errors in the Audible::Tag::readTag function in metadata/audible/audibletag.cpp in Amarok 1.4.10 through 2.0.1 allow remote attackers to cause a denial of service (application crash) or execute arbitrary code via an Audible Audio (.aa) file with a crafted (1) nlen or (2) vlen Tag value, each of which can lead to an invalid pointer dereference, or the writing of a 0x00 byte to an arbitrary memory location, after an allocation failure.

debian: CVE-2009-0136 was patched at 2025-08-20

6. Security Feature Bypass - Slurm (CVE-2023-49935) - Critical [678]

Description: An issue was discovered in SchedMD Slurm 23.02.x and 23.11.x. There is Incorrect Access Control because of a slurmd Message Integrity Bypass. An attacker can reuse root-level authentication tokens during interaction with the slurmd process. This bypasses the RPC message hashes that protect against undesired MUNGE credential reuse. The fixed versions are 23.02.7 and 23.11.1.

debian: CVE-2023-49935 was patched at 2025-08-20

7. Remote Code Execution - Kafka (CVE-2025-27819) - Critical [630]

Description: In CVE-2023-25194, we announced the RCE/Denial of service attack via SASL JAAS JndiLoginModule configuration in Kafka Connect API. But not only Kafka Connect API is vulnerable to this attack, the Apache Kafka brokers also have this vulnerability. To exploit this vulnerability, the attacker needs to be able to connect to the Kafka cluster and have the AlterConfigs permission on the cluster resource. Since Apache Kafka 3.4.0, we have added a system property ("-Dorg.apache.kafka.disallowed.login.modules") to disable the problematic login modules usage in SASL JAAS configuration. Also by default "com.sun.security.auth.module.JndiLoginModule" is disabled in Apache Kafka 3.4.0, and "com.sun.security.auth.module.JndiLoginModule,com.sun.security.auth.module.LdapLoginModule" is disabled by default in in Apache Kafka 3.9.1/4.0.0

redos: CVE-2025-27819 was patched at 2025-08-04

8. Path Traversal - webbrowser (CVE-2022-45299) - Critical [625]

Description: An issue in the IpFile argument of rust-lang webbrowser-rs v0.8.2 allows attackers to access arbitrary files via supplying a crafted URL.

debian: CVE-2022-45299 was patched at 2025-08-20

9. Authentication Bypass - Spotipy (CVE-2025-27154) - Critical [615]

Description: Spotipy is a lightweight Python library for the Spotify Web API. The `CacheHandler` class creates a cache file to store the auth token. Prior to version 2.25.1, the file created has `rw-r--r--` (644) permissions by default, when it could be locked down to `rw-------` (600) permissions. This leads to overly broad exposure of the spotify auth token. If this token can be read by an attacker (another user on the machine, or a process running as another user), it can be used to perform administrative actions on the Spotify account, depending on the scope granted to the token. Version 2.25.1 tightens the cache file permissions.

debian: CVE-2025-27154 was patched at 2025-08-20

10. Remote Code Execution - Keras (CVE-2024-3660) - Critical [614]

Description: A arbitrary code injection vulnerability in TensorFlow's Keras framework (<2.13) allows attackers to execute arbitrary code with the same permissions as the application using a model that allow arbitrary code irrespective of the application.

debian: CVE-2024-3660 was patched at 2025-08-20

11. Code Injection - PostgreSQL (CVE-2025-8714) - Critical [606]

Description: Untrusted data inclusion in pg_dump in PostgreSQL allows a malicious superuser of the origin server to inject arbitrary code for restore-time execution as the client operating system account running psql to restore the dump, via psql meta-commands. pg_dumpall is also affected. pg_restore is affected when used to generate a plain-format dump. This is similar to MySQL CVE-2024-21096. Versions before PostgreSQL 17.6, 16.10, 15.14, 14.19, and 13.22 are affected.

almalinux: CVE-2025-8714 was patched at 2025-08-28

altlinux: CVE-2025-8714 was patched at 2025-08-20, 2025-08-21, 2025-08-26

debian: CVE-2025-8714 was patched at 2025-08-20

oraclelinux: CVE-2025-8714 was patched at 2025-08-28, 2025-08-29

redhat: CVE-2025-8714 was patched at 2025-08-28

12. Denial of Service - Tungstenite (CVE-2023-43669) - Critical [601]

Description: The Tungstenite crate before 0.20.1 for Rust allows remote attackers to cause a denial of service (minutes of CPU consumption) via an excessive length of an HTTP header in a client handshake. The length affects both how many times a parse is attempted (e.g., thousands of times) and the average amount of data for each parse attempt (e.g., millions of bytes).

debian: CVE-2023-43669 was patched at 2025-08-20

High (97)

13. Remote Code Execution - gitoxide (CVE-2024-35186) - High [597]

Description: gitoxide is a pure Rust implementation of Git. During checkout, `gix-worktree-state` does not verify that paths point to locations in the working tree. A specially crafted repository can, when cloned, place new files anywhere writable by the application. This vulnerability leads to a major loss of confidentiality, integrity, and availability, but creating files outside a working tree without attempting to execute code can directly impact integrity as well. This vulnerability has been patched in version(s) 0.36.0.

debian: CVE-2024-35186 was patched at 2025-08-20

14. Denial of Service - HTTP/2 (CVE-2025-8671) - High [596]

Description: A mismatch caused by client-triggered server-sent stream resets between HTTP/2 specifications and the internal architectures of some HTTP/2 implementations may result in excessive server resource consumption leading to denial-of-service (DoS). By opening streams and then rapidly triggering the server to reset them—using malformed frames or flow control errors—an attacker can exploit incorrect stream accounting. Streams reset by the server are considered closed at the protocol level, even though backend processing continues. This allows a client to cause the server to handle an unbounded number of concurrent streams on a single connection. This CVE will be updated as affected product details are released.

debian: CVE-2025-8671 was patched at 2025-08-20

15. Code Injection - PostgreSQL (CVE-2025-8715) - High [594]

Description: Improper neutralization of newlines in pg_dump in PostgreSQL allows a user of the origin server to inject arbitrary code for restore-time execution as the client operating system account running psql to restore the dump, via psql meta-commands inside a purpose-crafted object name. The same attacks can achieve SQL injection as a superuser of the restore target server. pg_dumpall, pg_restore, and pg_upgrade are also affected. Versions before PostgreSQL 17.6, 16.10, 15.14, 14.19, and 13.22 are affected. Versions before 11.20 are unaffected. CVE-2012-0868 had fixed this class of problem, but version 11.20 reintroduced it.

almalinux: CVE-2025-8715 was patched at 2025-08-28

altlinux: CVE-2025-8715 was patched at 2025-08-20, 2025-08-21, 2025-08-26

debian: CVE-2025-8715 was patched at 2025-08-20

oraclelinux: CVE-2025-8715 was patched at 2025-08-28, 2025-08-29

redhat: CVE-2025-8715 was patched at 2025-08-28

16. Remote Code Execution - Kubernetes (CVE-2025-53547) - High [592]

Description: Helm is a package manager for Charts for Kubernetes. Prior to 3.18.4, a specially crafted Chart.yaml file along with a specially linked Chart.lock file can lead to local code execution when dependencies are updated. Fields in a Chart.yaml file, that are carried over to a Chart.lock file when dependencies are updated and this file is written, can be crafted in a way that can cause execution if that same content were in a file that is executed (e.g., a bash.rc file or shell script). If the Chart.lock file is symlinked to one of these files updating dependencies will write the lock file content to the symlinked file. This can lead to unwanted execution. Helm warns of the symlinked file but did not stop execution due to symlinking. This issue has been resolved in Helm v3.18.4.

altlinux: CVE-2025-53547 was patched at 2025-07-28

redos: CVE-2025-53547 was patched at 2025-08-22, 2025-08-28

17. Denial of Service - libiec61850 (CVE-2024-26529) - High [589]

Description: An issue in mz-automation libiec61850 v.1.5.3 and before, allows a remote attacker to cause a denial of service (DoS) via the mmsServer_handleDeleteNamedVariableListRequest function of src/mms/iso_mms/server/mms_named_variable_list_service.c.

altlinux: CVE-2024-26529 was patched at 2025-08-12

18. Command Injection - axios (CVE-2024-39338) - High [582]

Description: axios 1.7.2 allows SSRF via unexpected behavior where requests for path relative URLs get processed as protocol relative URLs.

debian: CVE-2024-39338 was patched at 2025-08-20

19. Remote Code Execution - NVIDIA Container Toolkit (CVE-2025-23266) - High [582]

Description: NVIDIA Container Toolkit for all platforms contains a vulnerability in some hooks used to initialize the container, where an attacker could execute arbitrary code with elevated permissions. A successful exploit of this vulnerability might lead to escalation of privileges, data tampering, information disclosure, and denial of service.

almalinux: CVE-2025-23266 was patched at 2025-08-12

redhat: CVE-2025-23266 was patched at 2025-08-12

20. Security Feature Bypass - Curl (CVE-2024-2466) - High [577]

Description: libcurl did not check the server certificate of TLS connections done to a host specified as an IP address, when built to use mbedTLS. libcurl would wrongly avoid using the set hostname function when the specified hostname was given as an IP address, therefore completely skipping the certificate check. This affects all uses of TLS protocols (HTTPS, FTPS, IMAPS, POPS3, SMTPS, etc).

debian: CVE-2024-2466 was patched at 2025-08-20

21. Security Feature Bypass - ledgersmb (CVE-2021-3882) - High [577]

Description: LedgerSMB does not set the 'Secure' attribute on the session authorization cookie when the client uses HTTPS and the LedgerSMB server is behind a reverse proxy. By tricking a user to use an unencrypted connection (HTTP), an attacker may be able to obtain the authentication data by capturing network traffic. LedgerSMB 1.8 and newer switched from Basic authentication to using cookie authentication with encrypted cookies. Although an attacker can't access the information inside the cookie, nor the password of the user, possession of the cookie is enough to access the application as the user from which the cookie has been obtained. In order for the attacker to obtain the cookie, first of all the server must be configured to respond to unencrypted requests, the attacker must be suitably positioned to eavesdrop on the network traffic between the client and the server *and* the user must be tricked into using unencrypted HTTP traffic. Proper audit control and separation of duties limit Integrity impact of the attack vector. Users of LedgerSMB 1.8 are urged to upgrade to known-fixed versions. Users of LedgerSMB 1.7 or 1.9 are unaffected by this vulnerability and don't need to take action. As a workaround, users may configure their Apache or Nginx reverse proxy to add the Secure attribute at the network boundary instead of relying on LedgerSMB. For Apache, please refer to the 'Header always edit' configuration command in the mod_headers module. For Nginx, please refer to the 'proxy_cookie_flags' configuration command.

ubuntu: CVE-2021-3882 was patched at 2025-07-17

22. Command Injection - Kafka (CVE-2025-27817) - High [566]

Description: A possible arbitrary file read and SSRF vulnerability has been identified in Apache Kafka Client. Apache Kafka Clients accept configuration data for setting the SASL/OAUTHBEARER connection with the brokers, including "sasl.oauthbearer.token.endpoint.url" and "sasl.oauthbearer.jwks.endpoint.url". Apache Kafka allows clients to read an arbitrary file and return the content in the error log, or sending requests to an unintended location. In applications where Apache Kafka Clients configurations can be specified by an untrusted party, attackers may use the "sasl.oauthbearer.token.endpoint.url" and "sasl.oauthbearer.jwks.endpoint.url" configuratin to read arbitrary contents of the disk and environment variables or make requests to an unintended location. In particular, this flaw may be used in Apache Kafka Connect to escalate from REST API access to filesystem/environment/URL access, which may be undesirable in certain environments, including SaaS products. Since Apache Kafka 3.9.1/4.0.0, we have added a system property ("-Dorg.apache.kafka.sasl.oauthbearer.allowed.urls") to set the allowed urls in SASL JAAS configuration. In 3.9.1, it accepts all urls by default for backward compatibility. However in 4.0.0 and newer, the default value is empty list and users have to set the allowed urls explicitly.

redos: CVE-2025-27817 was patched at 2025-08-04

23. Denial of Service - Amarok (CVE-2020-13152) - High [565]

Description: A remote user can create a specially crafted M3U file, media playlist file that when loaded by the target user, will trigger a memory leak, whereby Amarok 2.8.0 continue to waste resources over time, eventually allows attackers to cause a denial of service.

debian: CVE-2020-13152 was patched at 2025-08-20

24. Memory Corruption - EPYC 7203 (CVE-2024-21978) - High [565]

Description: Improper input validation in SEV-SNP could allow a malicious hypervisor to read or overwrite guest memory potentially leading to data leakage or data corruption.

redos: CVE-2024-21978 was patched at 2025-08-13

25. Memory Corruption - EPYC 7203 (CVE-2024-21980) - High [565]

Description: Improper restriction of write operations in SNP firmware could allow a malicious hypervisor to potentially overwrite a guest's memory or UMC seed resulting in loss of confidentiality and integrity.

redos: CVE-2024-21980 was patched at 2025-08-13

26. Security Feature Bypass - ModSecurity (CVE-2025-27110) - High [565]

Description: Libmodsecurity is one component of the ModSecurity v3 project. The library codebase serves as an interface to ModSecurity Connectors taking in web traffic and applying traditional ModSecurity processing. A bug that exists only in Libmodsecurity3 version 3.0.13 means that, in 3.0.13, Libmodsecurity3 can't decode encoded HTML entities if they contains leading zeroes. Version 3.0.14 contains a fix. No known workarounds are available.

debian: CVE-2025-27110 was patched at 2025-08-20

27. Code Injection - texmacs (CVE-2010-3394) - High [554]

Description: The (1) texmacs and (2) tm_mupad_help scripts in TeXmacs 1.0.7.4 place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.

debian: CVE-2010-3394 was patched at 2025-08-20

28. Remote Code Execution - U-Boot (CVE-2025-45512) - High [554]

Description: A lack of signature verification in the bootloader of DENX Software Engineering Das U-Boot (U-Boot) v1.1.3 allows attackers to install crafted firmware files, leading to arbitrary code execution.

debian: CVE-2025-45512 was patched at 2025-08-20

29. Memory Corruption - cbor2 (CVE-2024-26134) - High [553]

Description: cbor2 provides encoding and decoding for the Concise Binary Object Representation (CBOR) (RFC 8949) serialization format. Starting in version 5.5.1 and prior to version 5.6.2, an attacker can crash a service using cbor2 to parse a CBOR binary by sending a long enough object. Version 5.6.2 contains a patch for this issue.

debian: CVE-2024-26134 was patched at 2025-08-20

30. Information Disclosure - Gstreamer (CVE-2025-47219) - High [552]

Description: In GStreamer through 1.26.1, the isomp4 plugin's qtdemux_parse_trak function may read past the end of a heap buffer while parsing an MP4 file, possibly leading to information disclosure.

altlinux: CVE-2025-47219 was patched at 2025-07-27

debian: CVE-2025-47219 was patched at 2025-08-20

ubuntu: CVE-2025-47219 was patched at 2025-08-26

31. Memory Corruption - OpenSSL (CVE-2023-53159) - High [544]

Description: The openssl crate before 0.10.55 for Rust allows an out-of-bounds read via an empty string to X509VerifyParamRef::set_host.

debian: CVE-2023-53159 was patched at 2025-08-20

32. Memory Corruption - c-blosc2 (CVE-2024-3204) - High [544]

Description: A vulnerability has been found in c-blosc2 up to 2.13.2 and classified as critical. Affected by this vulnerability is the function ndlz4_decompress of the file /src/c-blosc2/plugins/codecs/ndlz/ndlz4x4.c. The manipulation leads to heap-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 2.14.3 is able to address this issue. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-259051.

debian: CVE-2024-3204 was patched at 2025-08-20

33. Path Traversal - Artifex Ghostscript (CVE-2025-27837) - High [544]

Description: An issue was discovered in Artifex Ghostscript before 10.05.0. Access to arbitrary files can occur through a truncated path with invalid UTF-8 characters, for base/gp_mswin.c and base/winrtsup.cpp.

altlinux: CVE-2025-27837 was patched at 2025-07-21, 2025-08-06, 2025-08-26

34. Memory Corruption - EPYC 7203 (CVE-2023-31355) - High [541]

Description: Improper restriction of write operations in SNP firmware could allow a malicious hypervisor to overwrite a guest's UMC seed potentially allowing reading of memory from a decommissioned guest.

redos: CVE-2023-31355 was patched at 2025-08-13

35. Security Feature Bypass - Curl (CVE-2025-4947) - High [541]

Description: libcurl accidentally skips the certificate verification for QUIC connections when connecting to a host specified as an IP address in the URL. Therefore, it does not detect impostors or man-in-the-middle attacks.

debian: CVE-2025-4947 was patched at 2025-08-20

36. Command Injection - vim (CVE-2025-53905) - High [539]

Description: Vim is an open source, command line text editor. Prior to version 9.1.1552, a path traversal issue in Vim’s tar.vim plugin can allow overwriting of arbitrary files when opening specially crafted tar archives. Impact is low because this exploit requires direct user interaction. However, successfully exploitation can lead to overwriting sensitive files or placing executable code in privileged locations, depending on the permissions of the process editing the archive. The victim must edit such a file using Vim which will reveal the filename and the file content, a careful user may suspect some strange things going on. Successful exploitation could results in the ability to execute arbitrary commands on the underlying operating system. Version 9.1.1552 contains a patch for the vulnerability.

debian: CVE-2025-53905 was patched at 2025-07-17

redos: CVE-2025-53905 was patched at 2025-08-07

37. Command Injection - vim (CVE-2025-53906) - High [539]

Description: Vim is an open source, command line text editor. Prior to version 9.1.1551, a path traversal issue in Vim’s zip.vim plugin can allow overwriting of arbitrary files when opening specially crafted zip archives. Impact is low because this exploit requires direct user interaction. However, successfully exploitation can lead to overwriting sensitive files or placing executable code in privileged locations, depending on the permissions of the process editing the archive. The victim must edit such a file using Vim which will reveal the filename and the file content, a careful user may suspect some strange things going on. Successful exploitation could results in the ability to execute arbitrary commands on the underlying operating system. Version 9.1.1551 contains a patch for the vulnerability.

debian: CVE-2025-53906 was patched at 2025-07-17

redos: CVE-2025-53906 was patched at 2025-08-07

38. Memory Corruption - c-blosc2 (CVE-2024-3203) - High [532]

Description: A vulnerability, which was classified as critical, was found in c-blosc2 up to 2.13.2. Affected is the function ndlz8_decompress of the file /src/c-blosc2/plugins/codecs/ndlz/ndlz8x8.c. The manipulation leads to heap-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 2.14.3 is able to address this issue. It is recommended to upgrade the affected component. VDB-259050 is the identifier assigned to this vulnerability.

debian: CVE-2024-3203 was patched at 2025-08-20

39. Denial of Service - 7-Zip (CVE-2025-53816) - High [529]

Description: 7-Zip is a file archiver with a high compression ratio. Zeroes written outside heap buffer in RAR5 handler may lead to memory corruption and denial of service in versions of 7-Zip prior to 25.0.0. Version 25.0.0 contains a fix for the issue.

debian: CVE-2025-53816 was patched at 2025-08-20

redos: CVE-2025-53816 was patched at 2025-08-04

40. Denial of Service - 7-Zip (CVE-2025-53817) - High [529]

Description: 7-Zip is a file archiver with a high compression ratio. 7-Zip supports extracting from Compound Documents. Prior to version 25.0.0, a null pointer dereference in the Compound handler may lead to denial of service. Version 25.0.0 contains a fix cor the issue.

debian: CVE-2025-53817 was patched at 2025-08-20

redos: CVE-2025-53817 was patched at 2025-08-04

41. Denial of Service - Yarn (CVE-2025-8262) - High [529]

Description: A vulnerability was found in yarnpkg Yarn up to 1.22.22. It has been classified as problematic. Affected is the function explodeHostedGitFragment of the file src/resolvers/exotics/hosted-git-resolver.js. The manipulation leads to inefficient regular expression complexity. It is possible to launch the attack remotely. The patch is identified as 97731871e674bf93bcbf29e9d3258da8685f3076. It is recommended to apply a patch to fix this issue.

debian: CVE-2025-8262 was patched at 2025-08-20

42. Memory Corruption - miniaudio (CVE-2024-41147) - High [529]

Description: An out-of-bounds write vulnerability exists in the ma_dr_flac__decode_samples__lpc functionality of Miniaudio miniaudio v0.11.21. A specially crafted .flac file can lead to memory corruption. An attacker can provide a malicious file to trigger this vulnerability.

debian: CVE-2024-41147 was patched at 2025-08-20

43. Security Feature Bypass - DNSSEC (CVE-2025-25188) - High [529]

Description: Hickory DNS is a Rust based DNS client, server, and resolver. A vulnerability present starting in version 0.8.0 and prior to versions 0.24.3 and 0.25.0-alpha.5 impacts Hickory DNS users relying on DNSSEC verification in the client library, stub resolver, or recursive resolver. The DNSSEC validation routines treat entire RRsets of DNSKEY records as trusted once they have established trust in only one of the DNSKEYs. As a result, if a zone includes a DNSKEY with a public key that matches a configured trust anchor, all keys in that zone will be trusted to authenticate other records in the zone. There is a second variant of this vulnerability involving DS records, where an authenticated DS record covering one DNSKEY leads to trust in signatures made by an unrelated DNSKEY in the same zone. Versions 0.24.3 and 0.25.0-alpha.5 fix the issue.

debian: CVE-2025-25188 was patched at 2025-08-20

44. Remote Code Execution - FFmpeg (CVE-2024-22860) - High [521]

Description: Integer overflow vulnerability in FFmpeg before n6.1, allows remote attackers to execute arbitrary code via the jpegxl_anim_read_packet component in the JPEG XL Animation decoder.

debian: CVE-2024-22860 was patched at 2025-08-20

45. Memory Corruption - Secure Boot (CVE-2024-2312) - High [520]

Description: GRUB2 does not call the module fini functions on exit, leading to Debian/Ubuntu's peimage GRUB2 module leaving UEFI system table hooks after exit. This lead to a use-after-free condition, and could possibly lead to secure boot bypass.

debian: CVE-2024-2312 was patched at 2025-08-20

46. Denial of Service - sequoia-openpgp (CVE-2024-58261) - High [517]

Description: The sequoia-openpgp crate 1.13.0 before 1.21.0 for Rust allows an infinite loop of "Reading a cert: Invalid operation: Not a Key packet" messages for RawCertParser operations that encounter an unsupported primary key type.

debian: CVE-2024-58261 was patched at 2025-08-20

47. Information Disclosure - Gstreamer (CVE-2025-47183) - High [517]

Description: In GStreamer through 1.26.1, the isomp4 plugin's qtdemux_parse_tree function may read past the end of a heap buffer while parsing an MP4 file, leading to information disclosure.

altlinux: CVE-2025-47183 was patched at 2025-07-27

debian: CVE-2025-47183 was patched at 2025-08-20

ubuntu: CVE-2025-47183 was patched at 2025-08-26

48. Memory Corruption - libcoap (CVE-2024-0962) - High [517]

Description: A vulnerability was found in obgm libcoap 4.3.4. It has been rated as critical. Affected by this issue is the function get_split_entry of the file src/coap_oscore.c of the component Configuration File Handler. The manipulation leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue. VDB-252206 is the identifier assigned to this vulnerability.

debian: CVE-2024-0962 was patched at 2025-08-20

49. Memory Corruption - quickjs (CVE-2024-13903) - High [517]

Description: A vulnerability was found in quickjs-ng QuickJS up to 0.8.0. It has been declared as problematic. Affected by this vulnerability is the function JS_GetRuntime of the file quickjs.c of the component qjs. The manipulation leads to stack-based buffer overflow. The attack can be launched remotely. Upgrading to version 0.9.0 is able to address this issue. The patch is named 99c02eb45170775a9a679c32b45dd4000ea67aff. It is recommended to upgrade the affected component.

debian: CVE-2024-13903 was patched at 2025-08-20

50. Security Feature Bypass - Advanced Intrusion Detection Environment (CVE-2025-54389) - High [517]

Description: AIDE is an advanced intrusion detection environment. Prior to version 0.19.2, there is an improper output neutralization vulnerability in AIDE. An attacker can craft a malicious filename by including terminal escape sequences to hide the addition or removal of the file from the report and/or tamper with the log output. A local user might exploit this to bypass the AIDE detection of malicious files. Additionally the output of extended attribute key names and symbolic links targets are also not properly neutralized. This issue has been patched in version 0.19.2. A workaround involves configuring AIDE to write the report output to a regular file, redirecting stdout to a regular file, or redirecting the log output written to stderr to a regular file.

almalinux: CVE-2025-54389 was patched at 2025-08-25, 2025-08-26

debian: CVE-2025-54389 was patched at 2025-08-14, 2025-08-20

oraclelinux: CVE-2025-54389 was patched at 2025-08-25, 2025-08-26

redhat: CVE-2025-54389 was patched at 2025-08-25, 2025-08-26

ubuntu: CVE-2025-54389 was patched at 2025-08-14

51. Remote Code Execution - FFmpeg (CVE-2024-22862) - High [509]

Description: Integer overflow vulnerability in FFmpeg before n6.1, allows remote attackers to execute arbitrary code via the JJPEG XL Parser.

debian: CVE-2024-22862 was patched at 2025-08-20

52. Authentication Bypass - Oracle MySQL (CVE-2018-3258) - High [505]

Description: Vulnerability in the MySQL Connectors component of Oracle MySQL (subcomponent: Connector/J). Supported versions that are affected are 8.0.12 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks of this vulnerability can result in takeover of MySQL Connectors. CVSS 3.0 Base Score 8.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).

redos: CVE-2018-3258 was patched at 2025-08-06

53. Denial of Service - Gstreamer (CVE-2025-47808) - High [505]

Description: In GStreamer through 1.26.1, the subparse plugin's tmplayer_parse_line function may dereference a NULL pointer while parsing a subtitle file, leading to a crash.

debian: CVE-2025-47808 was patched at 2025-08-20

ubuntu: CVE-2025-47808 was patched at 2025-08-26

54. Information Disclosure - Mbed TLS (CVE-2025-49087) - High [505]

Description: In Mbed TLS 3.6.1 through 3.6.3 before 3.6.4, a timing discrepancy in block cipher padding removal allows an attacker to recover the plaintext when PKCS#7 padding mode is used.

altlinux: CVE-2025-49087 was patched at 2025-08-19

debian: CVE-2025-49087 was patched at 2025-08-20

55. Memory Corruption - firebird (CVE-2025-24975) - High [505]

Description: Firebird is a relational database. Prior to snapshot versions 4.0.6.3183, 5.0.2.1610, and 6.0.0.609, Firebird is vulnerable if ExtConnPoolSize is not set equal to 0. If connections stored in ExtConnPool are not verified for presence and suitability of the CryptCallback interface is used when created versus what is available could result in a segfault in the server process. Encrypted databases, accessed by execute statement on external, may be accessed later by an attachment missing a key to that database. In a case when execute statement are chained, segfault may happen. Additionally, the segfault may affect unencrypted databases. This issue has been patched in snapshot versions 4.0.6.3183, 5.0.2.1610, and 6.0.0.609 and point releases 4.0.6 and 5.0.2. A workaround for this issue involves setting ExtConnPoolSize equal to 0 in firebird.conf.

debian: CVE-2025-24975 was patched at 2025-08-20, 2025-08-30

56. Memory Corruption - micropython (CVE-2024-8948) - High [505]

Description: A vulnerability was found in MicroPython 1.23.0. It has been rated as critical. Affected by this issue is the function mpz_as_bytes of the file py/objint.c. The manipulation leads to heap-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The patch is identified as 908ab1ceca15ee6fd0ef82ca4cba770a3ec41894. It is recommended to apply a patch to fix this issue. In micropython objint component, converting zero from int to bytes leads to heap buffer-overflow-write at mpz_as_bytes.

debian: CVE-2024-8948 was patched at 2025-08-20

57. Arbitrary File Writing - 7-Zip (CVE-2025-55188) - High [502]

Description: 7-Zip before 25.01 does not always properly handle symbolic links during extraction.

altlinux: CVE-2025-55188 was patched at 2025-08-21

debian: CVE-2025-55188 was patched at 2025-08-20

redos: CVE-2025-55188 was patched at 2025-08-28

58. Authentication Bypass - Oracle VM VirtualBox (CVE-2025-53024) - High [500]

Description: Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is 7.1.10. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.1 Base Score 8.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H).

altlinux: CVE-2025-53024 was patched at 2025-08-11

59. Authentication Bypass - Oracle VM VirtualBox (CVE-2025-53027) - High [500]

Description: Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is 7.1.10. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.1 Base Score 8.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H).

altlinux: CVE-2025-53027 was patched at 2025-08-11

60. Authentication Bypass - Oracle VM VirtualBox (CVE-2025-53028) - High [500]

Description: Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is 7.1.10. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.1 Base Score 8.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H).

altlinux: CVE-2025-53028 was patched at 2025-08-11

61. Cross Site Scripting - Mobile Security Framework (CVE-2025-46335) - High [500]

Description: Mobile Security Framework (MobSF) is a security research platform for mobile applications in Android, iOS and Windows Mobile. A Stored Cross-Site Scripting (XSS) vulnerability has been identified in MobSF versions up to and including 4.3.2. The vulnerability arises from improper sanitization of user-supplied SVG files during the Android APK analysis workflow. Version 4.3.3 fixes the issue.

redos: CVE-2025-46335 was patched at 2025-08-07

62. Denial of Service - ImageMagick (CVE-2025-55160) - High [498]

Description: ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-27 and 7.1.2-1, there is undefined behavior (function-type-mismatch) in splay tree cloning callback. This results in a deterministic abort under UBSan (DoS in sanitizer builds), with no crash in a non-sanitized build. This issue has been patched in versions 6.9.13-27 and 7.1.2-1.

debian: CVE-2025-55160 was patched at 2025-08-20

redos: CVE-2025-55160 was patched at 2025-08-29

63. Memory Corruption - Binutils (CVE-2025-8224) - High [496]

Description: A vulnerability has been found in GNU Binutils 2.44 and classified as problematic. This vulnerability affects the function bfd_elf_get_str_section of the file bfd/elf.c of the component BFD Library. The manipulation leads to null pointer dereference. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The name of the patch is db856d41004301b3a56438efd957ef5cabb91530. It is recommended to apply a patch to fix this issue.

debian: CVE-2025-8224 was patched at 2025-08-20

64. Denial of Service - Gstreamer (CVE-2025-47806) - High [494]

Description: In GStreamer through 1.26.1, the subparse plugin's parse_subrip_time function may write data past the bounds of a stack buffer, leading to a crash.

altlinux: CVE-2025-47806 was patched at 2025-07-27

debian: CVE-2025-47806 was patched at 2025-08-20

ubuntu: CVE-2025-47806 was patched at 2025-08-26

65. Memory Corruption - FFmpeg (CVE-2024-55069) - High [491]

Description: ffmpeg 7.1 is vulnerable to Null Pointer Dereference in function iamf_read_header in /libavformat/iamfdec.c.

debian: CVE-2024-55069 was patched at 2025-08-20

66. Denial of Service - Advanced Intrusion Detection Environment (CVE-2025-54409) - High [482]

Description: AIDE is an advanced intrusion detection environment. From versions 0.13 to 0.19.1, there is a null pointer dereference vulnerability in AIDE. An attacker can crash the program during report printing or database listing after setting extended file attributes with an empty attribute value or with a key containing a comma. A local user might exploit this to cause a local denial of service. This issue has been patched in version 0.19.2. A workaround involves removing xattrs group from rules matching files on affected file systems.

debian: CVE-2025-54409 was patched at 2025-08-14, 2025-08-20

ubuntu: CVE-2025-54409 was patched at 2025-08-14

67. Denial of Service - Gstreamer (CVE-2025-47807) - High [482]

Description: In GStreamer through 1.26.1, the subparse plugin's subrip_unescape_formatting function may dereference a NULL pointer while parsing a subtitle file, leading to a crash.

altlinux: CVE-2025-47807 was patched at 2025-07-27

debian: CVE-2025-47807 was patched at 2025-08-20

ubuntu: CVE-2025-47807 was patched at 2025-08-26

68. Denial of Service - openexr (CVE-2025-48074) - High [482]

Description: OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In version 3.3.2, applications trust unvalidated dataWindow size values from file headers, which can lead to excessive memory allocation and performance degradation when processing malicious files. This is fixed in version 3.3.3.

debian: CVE-2025-48074 was patched at 2025-08-20

69. Incorrect Calculation - quickjs (CVE-2025-46688) - High [482]

Description: quickjs-ng through 0.9.0 has an incorrect size calculation in JS_ReadBigInt for a BigInt, leading to a heap-based buffer overflow. QuickJS before 2025-04-26 is also affected.

debian: CVE-2025-46688 was patched at 2025-08-20

70. Memory Corruption - jbig2enc (CVE-2023-46363) - High [482]

Description: jbig2enc v0.28 was discovered to contain a SEGV via jbig2_add_page in src/jbig2enc.cc:512.

debian: CVE-2023-46363 was patched at 2025-08-20

71. Remote Code Execution - Arrow (CVE-2024-52338) - High [476]

Description: Deserialization of untrusted data in IPC and Parquet readers in the Apache Arrow R package versions 4.0.0 through 16.1.0 allows arbitrary code execution. An application is vulnerable if it reads Arrow IPC, Feather or Parquet data from untrusted sources (for example, user-supplied input files). This vulnerability only affects the arrow R package, not other Apache Arrow implementations or bindings unless those bindings are specifically used via the R package (for example, an R application that embeds a Python interpreter and uses PyArrow to read files from untrusted sources is still vulnerable if the arrow R package is an affected version). It is recommended that users of the arrow R package upgrade to 17.0.0 or later. Similarly, it is recommended that downstream libraries upgrade their dependency requirements to arrow 17.0.0 or later. If using an affected version of the package, untrusted data can read into a Table and its internal to_data_frame() method can be used as a workaround (e.g., read_parquet(..., as_data_frame = FALSE)$to_data_frame()). This issue affects the Apache Arrow R package: from 4.0.0 through 16.1.0. Users are recommended to upgrade to version 17.0.0, which fixes the issue.

altlinux: CVE-2024-52338 was patched at 2025-08-04

72. Memory Corruption - jqlang jq (CVE-2023-49355) - High [472]

Description: decToString in decNumber/decNumber.c in jq 88f01a7 has a one-byte out-of-bounds write via the " []-1.2e-1111111111" input. NOTE: this is not the same as CVE-2023-50246. The CVE-2023-50246 71c2ab5 reference mentions -10E-1000010001, which is not in normalized scientific notation.

debian: CVE-2023-49355 was patched at 2025-08-20

73. Memory Corruption - jbig2enc (CVE-2023-46362) - High [470]

Description: jbig2enc v0.28 was discovered to contain a heap-use-after-free via jbig2enc_auto_threshold_using_hash in src/jbig2enc.cc.

debian: CVE-2023-46362 was patched at 2025-08-20

74. Information Disclosure - sudo (CVE-2025-46717) - High [469]

Description: sudo-rs is a memory safe implementation of sudo and su written in Rust. Prior to version 0.2.6, users with no (or very limited) sudo privileges can determine whether files exists in folders that they otherwise cannot access using `sudo --list <pathname>`. Users with local access to a machine can discover the existence/non-existence of certain files, revealing potentially sensitive information in the file names. This information can also be used in conjunction with other attacks. Version 0.2.6 fixes the vulnerability.

debian: CVE-2025-46717 was patched at 2025-08-20

75. Information Disclosure - sudo (CVE-2025-46718) - High [469]

Description: sudo-rs is a memory safe implementation of sudo and su written in Rust. Prior to version 0.2.6, users with limited sudo privileges (e.g. execution of a single command) can list sudo privileges of other users using the `-U` flag. This vulnerability allows users with limited sudo privileges to enumerate the sudoers file, revealing sensitive information about other users' permissions. Attackers can collect information that can be used to more targeted attacks. Systems where users either do not have sudo privileges or have the ability to run all commands as root through sudo (the default configuration on most systems) are not affected by this advisory. Version 0.2.6 fixes the vulnerability.

debian: CVE-2025-46718 was patched at 2025-08-20

76. Authentication Bypass - Oracle VM VirtualBox (CVE-2025-53025) - High [464]

Description: Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is 7.1.10. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 6.0 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N).

altlinux: CVE-2025-53025 was patched at 2025-08-11

77. Authentication Bypass - Oracle VM VirtualBox (CVE-2025-53026) - High [464]

Description: Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is 7.1.10. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 6.0 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N).

altlinux: CVE-2025-53026 was patched at 2025-08-11

78. Authentication Bypass - Mozilla Firefox (CVE-2025-8031) - High [463]

Description: The `username:password` part was not correctly stripped from URLs in CSP reports potentially leaking HTTP Basic Authentication credentials. This vulnerability affects Firefox < 141, Firefox ESR < 128.13, Firefox ESR < 140.1, Thunderbird < 141, Thunderbird < 128.13, and Thunderbird < 140.1.

almalinux: CVE-2025-8031 was patched at 2025-07-24, 2025-07-29, 2025-08-12

altlinux: CVE-2025-8031 was patched at 2025-08-26

debian: CVE-2025-8031 was patched at 2025-07-23, 2025-07-27, 2025-08-20

oraclelinux: CVE-2025-8031 was patched at 2025-07-24, 2025-07-29, 2025-07-30, 2025-08-07, 2025-08-12

redhat: CVE-2025-8031 was patched at 2025-07-24, 2025-07-29, 2025-07-30, 2025-07-31, 2025-08-11, 2025-08-12

79. Memory Corruption - ImageMagick (CVE-2025-55005) - High [463]

Description: ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to version 7.1.2-1, when preparing to transform from Log to sRGB colorspaces, the logmap construction fails to handle cases where the reference-black or reference-white value is larger than 1024. This leads to corrupting memory beyond the end of the allocated logmap buffer. This issue has been patched in version 7.1.2-1.

debian: CVE-2025-55005 was patched at 2025-08-20

redos: CVE-2025-55005 was patched at 2025-08-29

80. Memory Corruption - Binutils (CVE-2025-8225) - High [460]

Description: A vulnerability was found in GNU Binutils 2.44 and classified as problematic. This issue affects the function process_debug_info of the file binutils/dwarf.c of the component DWARF Section Handler. The manipulation leads to memory leak. Attacking locally is a requirement. The identifier of the patch is e51fdff7d2e538c0e5accdd65649ac68e6e0ddd4. It is recommended to apply a patch to fix this issue.

debian: CVE-2025-8225 was patched at 2025-08-20

81. Command Injection - Apache HTTP Server (CVE-2024-43394) - High [454]

Description: Server-Side Request Forgery (SSRF) in Apache HTTP Server on Windows allows to potentially leak NTLM hashes to a malicious server via mod_rewrite or apache expressions that pass unvalidated request input. This issue affects Apache HTTP Server: from 2.4.0 through 2.4.63. Note: The Apache HTTP Server Project will be setting a higher bar for accepting vulnerability reports regarding SSRF via UNC paths. The server offers limited protection against administrators directing the server to open UNC paths. Windows servers should limit the hosts they will connect over via SMB based on the nature of NTLM authentication.