UBUNTU-CVE-2025-14180

In PHP versions 8.1. before 8.1.34, 8.2. before 8.2.30, 8.3. before 8.3.29, 8.4. before 8.4.16, 8.5. before 8.5.1 when using the PDO PostgreSQL driver with PDO::ATTREMULATEPREPARES enabled, an invalid character sequence such as \x99 in a prepared statement parameter may cause the quoting function...

CVE-2025-14180

CVE-2025-14180 affects PHP’s PDO PostgreSQL driver when using PDO::ATTR_EMULATE_PREPARES and can cause a NULL return from PQescapeStringConn on certain invalid parameter sequences, leading to a NULL pointer dereference in pdo_parse_params() and potential server crashes. Connected advisories confi...

EUVD-2025-205486

In PHP versions 8.1. before 8.1.34, 8.2. before 8.2.30, 8.3. before 8.3.29, 8.4. before 8.4.16, 8.5. before 8.5.1 when using the PDO PostgreSQL driver with PDO::ATTREMULATEPREPARES enabled, an invalid character sequence such as \x99 in a prepared statement parameter may cause the quoting function...

Exploit for CVE-2025-68613

CVE-2025-68613 – n8n Critical RCE Exploitation Overview T...

CVE-2018-25143

Microhard Systems IPn4G 1.1.0 contains a service vulnerability that allows authenticated users to enable a restricted SSH shell with a default 'msshc' user. Attackers can exploit a custom 'ping' command in the NcFTP environment to escape the restricted shell and execute commands with root...

CVE-2025-13773

The Print Invoice & Delivery Notes for WooCommerce plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 5.8.0 via the 'WooCommerceDeliveryNotes::update' function. This is due to missing capability check in the 'WooCommerceDeliveryNotes::update' functio...

AlmaLinux 8 : container-tools:rhel8 (ALSA-2025:23543)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:23543 advisory. runc: container escape and denial of service due to arbitrary write gadgets and procfs write redirects CVE-2025-52881 Tenable has extracted the preceding...

httpd:2.4 security update

httpd 2.4.37-65.0.1.7 - Replace index.html with Oracle's index page oracleindex.html 2.4.37-65.7 - Resolves: RHEL-135054 - httpd: Apache HTTP Server: moduserdir+suexec bypass via AllowOverride FileInfo CVE-2025-66200 - Resolves: RHEL-135039 - httpd: Apache HTTP Server: CGI environment variable...

httpd: Apache HTTP Server: Server Side Includes adds query string to #exec cmd=...

A server side include handling flaw has been discovered in the Apache HTTP server. When Server Side Includes SSI areenabled and modcgid but not modcgi passes the shell-escaped query string to exec cmd="..." directives an attacker may be able to inject commands executed by the server...

CVE-2025-14372

Use after free in Password Manager in Google Chrome prior to 143.0.7499.110 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...

SUSE-SU-2025:4504-1 Security update for glib2

This update for glib2 fixes the following issues: - CVE-2025-14512: integer overflow in the GIO escapebytestring function when processing malicious files or remote filesystem attribute values can lead to denial-of-service bsc1254878. - CVE-2025-14087: buffer underflow in the GVariant parser...

firefox: thunderbird: Sandbox escape due to incorrect boundary conditions in the Graphics: CanvasWebGL component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Sandbox escape due to incorrect boundary conditions in the Graphics: CanvasWebGL component...

CLSA-2025-1766137317 podman: Fix of 2 CVEs

CVE-2025-52881: container escape and denial of service due to arbitrary write gadgets and procfs write redirects - CVE-2025-58183: fix unbounded allocation when parsing GNU sparse map...

CVE-2025-66905

The Takes web framework's TkFiles take thru 2.0-SNAPSHOT fails to canonicalize HTTP request paths before resolving them against the filesystem. A remote attacker can include ../ sequences in the request path to escape the configured base directory and read arbitrary files from the host system...

EUVD-2025-204545

The Takes web framework's TkFiles take thru 2.0-SNAPSHOT fails to canonicalize HTTP request paths before resolving them against the filesystem. A remote attacker can include ../ sequences in the request path to escape the configured base directory and read arbitrary files from the host system...

CVE-2025-46281

A logic issue was addressed with improved checks. This issue is fixed in macOS Tahoe 26.2. An app may be able to break out of its sandbox...

runc: opencontainers/selinux: container escape and denial of service due to arbitrary write gadgets and procfs write redirects

A flaw was found in runc. This attack is a more sophisticated variant of CVE-2019-16884, which was a flaw that allowed an attacker to trick runc into writing the LSM process labels for a container process into a dummy tmpfs file and thus not apply the correct LSM labels to the container process...

Important: Red Hat Security Advisory: podman security update

An update for podman is now available for Red Hat Enterprise Linux 10.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

RLSA-2025:23543 Important: container-tools:rhel8 security update

The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fixes: runc: container escape and denial of service due to arbitrary write gadgets and procfs write redirects CVE-2025-52881 For more details about the security issues,...

container-tools:rhel8 security update

An update is available for module.crun, fuse-overlayfs, module.slirp4netns, python-podman, module.runc, container-selinux, module.podman, module.udica, module.aardvark-dns, module.fuse-overlayfs, cockpit-podman, aardvark-dns, module.conmon, containers-common, libslirp, criu,...