| CVE-2025-2312 |
A flaw was found in cifs-utils. When trying to obtain Kerberos credentials, the cifs.upcall program from the cifs-utils package makes an upcall to the wrong namespace in containerized environments. This issue may lead to disclosing sensitive data from the host's Kerberos credentials cache. |
Moderate |
5.9 |
2025-03-25 |
| CVE-2025-31162 |
A flaw was found in fig2dev. The package is affected by floating point exception (FPE) when executing function get_slope. This may result in local code execution. |
Moderate |
6.6 |
2025-03-28 |
| CVE-2025-31163 |
A flaw was found in fig2dev. The package is affected by segmentation fault (SEGV) when executing function put_patternarc. This may result in local code execution. |
Moderate |
6.6 |
2025-03-28 |
| CVE-2025-31164 |
A flaw was found in fig2dev. The package is affected by Heap-buffer Overflow when executing function create_line_with_spline. This may result in local code execution. |
Moderate |
6.6 |
2025-03-28 |
| CVE-2025-46397 |
A flaw was found in fig2dev. The package is affected by stack-based overflow when executing function bezier_spline. This may result in local code execution. |
Important |
7.1 |
2025-04-23 |
| CVE-2025-46398 |
A flaw was found in fig2dev. The package is affected by stack-based overflow when executing function read_objects. This may result in local code execution. |
Important |
7.1 |
2025-04-23 |
| CVE-2025-46399 |
A flaw was found in fig2dev. The package is affected by segmentation fault (SEGV) when executing function genge_itp_spline. This may result in local code execution. |
Important |
7.1 |
2025-04-23 |
| CVE-2025-46400 |
A flaw was found in fig2dev. The package is affected by segmentation fault (SEGV) when executing function read_arcobject. This may result in local code execution. |
Important |
7.1 |
2025-04-23 |
