KB5060531: Windows 10 version 1809 / Windows Server 2019 Security Update (June 2025)

The remote Windows host is missing security update 5060531. It is, therefore, affected by multiple vulnerabilities - Heap-based buffer overflow in Windows Routing and Remote Access Service RRAS allows an unauthorized attacker to execute code over a network. CVE-2025-33066 - Improper access contro...

CVE-2025-5899

A vulnerability classified as critical was found in GNU PSPP 82fb509fb2fedd33e7ac0c46ca99e108bb3bdffb. Affected by this vulnerability is the function parsevariablesoption of the file utilities/pspp-convert.c. The manipulation leads to free of memory not on the heap. An attack has to be approached...

DEBIAN-CVE-2025-5899

A vulnerability classified as critical was found in GNU PSPP 82fb509fb2fedd33e7ac0c46ca99e108bb3bdffb. Affected by this vulnerability is the function parsevariablesoption of the file utilities/pspp-convert.c. The manipulation leads to free of memory not on the heap. An attack has to be approached...

CVE-2025-5899 GNU PSPP pspp-convert.c parse_variables_option free of memory not on the heap

A vulnerability classified as critical was found in GNU PSPP 82fb509fb2fedd33e7ac0c46ca99e108bb3bdffb. Affected by this vulnerability is the function parsevariablesoption of the file utilities/pspp-convert.c. The manipulation leads to free of memory not on the heap. An attack has to be approached...

CVE-2025-5899

CVE-2025-5899 affects GNU PSPP; the vulnerability is in parse_variables_option in utilities/pspp-convert.c, where manipulated memory deallocation leads to memory being freed not on the heap. The issue enables local exploitation and has public exploit disclosure. Documents consistently describe th...

CVE-2025-5899

A vulnerability classified as critical was found in GNU PSPP 82fb509fb2fedd33e7ac0c46ca99e108bb3bdffb. Affected by this vulnerability is the function parsevariablesoption of the file utilities/pspp-convert.c. The manipulation leads to free of memory not on the heap. An attack has to be approached...

CVE-2025-5898

The CVE-2025-5898 entry affects GNU PSPP, specifically the function parse_variables_option in utilities/pspp-convert.c. The vulnerability is a buffer/out-of-bounds write caused by input handling in this function. It requires local access to exploit, and public disclosure of the exploit is noted. ...

PT-2025-24572 · Gnu +1 · Gnu Pspp +1

Name of the Vulnerable Software and Affected Versions: GNU PSPP version 82fb509fb2fedd33e7ac0c46ca99e108bb3bdffb Description: A critical issue was found in the parse variables option function of the file utilities/pspp-convert.c. This issue leads to the freeing of memory not on the heap. An attac...

PT-2025-24568 · Gnu +1 · Gnu Pspp +1

Name of the Vulnerable Software and Affected Versions: GNU PSPP version 82fb509fb2fedd33e7ac0c46ca99e108bb3bdffb Description: A critical issue has been discovered, affecting the parse variables option function in the utilities/pspp-convert.c file. This leads to an out-of-bounds write. The attack...

CVE-2025-5474

2BrightSparks SyncBackFree Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of 2BrightSparks SyncBackFree. An attacker must first obtain the ability to execute low-privileged code on the target syst...

CVE-2025-27131

in OpenHarmony v5.0.3 and prior versions allow a local attacker cause DOS through improper input...

CVE-2025-27242

in OpenHarmony v5.0.3 and prior versions allow a local attacker cause DOS through improper input...

CVE-2025-20063

in OpenHarmony v5.0.3 and prior versions allow a local attacker cause apps crash through type confusion...

CVE-2025-25217

CVE-2025-25217 affects OpenHarmony v5.0.3 and older. The root cause is a NULL pointer dereference in arkui_ace_engine (OpenHarmony components) that allows a local attacker to cause a denial-of-service condition. The available sources consistently describe a local attack vector with DOS impact and...

CVE-2025-5641

A flaw was found in radare2. The rconsisbreaked function in libr/cons/cons.c experiences memory corruption due to improper handling of the -T argument, leading to potential crashes. This flaw allows a local attacker to provide maliciously crafted input, possibly resulting in a denial of service...

CVE-2025-20989

Improper logging in fingerprint trustlet prior to SMR May-2025 Release 1 allows local privileged attackers to get a hmackey...

SUSE CVE-2025-5642

A vulnerability classified as problematic has been found in Radare2 5.9.9. Affected is the function rconspalinit in the library /libr/cons/pal.c of the component radiff2. The manipulation leads to memory corruption. The attack needs to be approached locally. The complexity of an attack is rather...

SUSE CVE-2025-5645

A vulnerability, which was classified as problematic, was found in Radare2 5.9.9. This affects the function rconspalinit in the library /libr/cons/pal.c of the component radiff2. The manipulation of the argument -T leads to memory corruption. Attacking locally is a requirement. The complexity of ...

SUSE CVE-2025-5647

A vulnerability was found in Radare2 5.9.9 and classified as problematic. This issue affects the function rconscontextbreakpop in the library /libr/cons/cons.c of the component radiff2. The manipulation of the argument -T leads to memory corruption. The attack needs to be approached locally. The...

CVE-2025-5648

A vulnerability was found in Radare2 5.9.9. It has been classified as problematic. Affected is the function rconspalinit in the library /libr/cons/pal.c of the component radiff2. The manipulation of the argument -T leads to memory corruption. An attack has to be approached locally. The complexity...