proj: CUPS subj: [vs-plain] EMBARGOED CVE-2025-58060 Authentication bypass with AuthType Negotiate trep: Tue Sep 02 11:01:32 2025 cves: CVE-2025-58060 tcrd: September 11th 13:00 UTC toss: Thu Sep 11 15:30:07 2025 soss: [oss-security] CVE-2025-58060 cups: Authentication bypass with AuthType Negotiate loss: https://www.openwall.com/lists/oss-security/2025/09/11/1 proj: CUPS subj: [vs-plain] EMBARGOED CVE-2025-58364 cups: Remote DoS via null dereference trep: Thu Sep 04 06:14:22 2025 cves: CVE-2025-58364 tcrd: September 11th 13:00 UTC toss: Thu Sep 11 15:30:12 2025 soss: [oss-security] CVE-2025-58364 cups: Remote DoS via null dereference loss: https://www.openwall.com/lists/oss-security/2025/09/11/2 proj: curl subj: [vs-plain] : pre-notification curl CVE-2025-9086 trep: Fri Sep 05 11:10:12 2025 cves: CVE-2025-9086 tcrd: September 10 toss: Wed Sep 10 05:53:25 2025 soss: [oss-security] [SECURITY ADVISORY] curl: CVE-2025-9086: Out of bounds read for cookie path loss: https://www.openwall.com/lists/oss-security/2025/09/10/1 proj: Perl CPAN JSON::XS subj: [vs-plain] : CVE-2025-40928: JSON::XS version 4.03 and earlier for Perl trep: Sat Sep 06 18:25:13 2025 cves: CVE-2025-40928 tcrd: this weekend \\ 16:00 UTC today toss: Mon Sep 08 17:46:31 2025 soss: [oss-security] CVE-2025-40928: JSON::XS before version 4.04 for Perl has an integer buffer overflow causing a segfault when parsing crafted JSON, enabling denial-of-service attacks or other unspecified loss: https://www.openwall.com/lists/oss-security/2025/09/08/2 proj: Perl CPAN Cpanel::JSON::XS subj: [vs-plain] : CVE-2025-40929: Cpanel::JSON::XS version 4.39 and earlier for Perl trep: Sat Sep 06 18:26:02 2025 cves: CVE-2025-40929 tcrd: this weekend \\ 16:00 UTC today toss: Mon Sep 08 17:46:30 2025 soss: [oss-security] CVE-2025-40929: Cpanel::JSON::XS before version 4.40 for Perl has an integer buffer overflow causing a segfault when parsing crafted JSON, enabling denial-of-service attacks or other unspecified impact loss: https://www.openwall.com/lists/oss-security/2025/09/08/1 proj: Perl CPAN JSON::SIMD subj: [vs-plain] : CVE-2025-40930: JSON::SIMD version 1.06 and earlier for Perl trep: Sat Sep 06 18:26:23 2025 cves: CVE-2025-40930 tcrd: this weekend \\ 16:00 UTC today toss: Mon Sep 08 17:46:57 2025 soss: [oss-security] CVE-2025-40930: JSON::SIMD before version 1.07 and earlier for Perl has an integer buffer overflow causing a segfault when parsing crafted JSON, enabling denial-of-service attacks or other unspecified impact loss: https://www.openwall.com/lists/oss-security/2025/09/08/3 proj: curl subj: [vs-plain] : pre-notification curl CVE-2025-10148 trep: Tue Sep 09 05:49:00 2025 cves: CVE-2025-10148 tcrd: tomorrow \\ September 10 2025 around 06:00 UTC toss: Wed Sep 10 05:54:41 2025 soss: [oss-security] [SECURITY ADVISORY] curl: CVE-2025-10148: predictable WebSocket mask loss: https://www.openwall.com/lists/oss-security/2025/09/10/2 proj: Stork subj: [vs] One Stork vulnerability will be announced on 10 September 2025 trep: Tue Sep 09 17:00:28 2025 cves: CVE-2025-8696 tcrd: 10 September 2025 toss: Wed Sep 10 19:08:02 2025 soss: [oss-security] ISC has disclosed one vulnerability in Stork (CVE-2025-8696) loss: https://www.openwall.com/lists/oss-security/2025/09/10/5 proj: OpenSSL subj: [vs-plain] Embargoed OpenSSL security issue trep: Tue Sep 16 16:32:28 2025 cves: CVE-2025-9230, CVE-2025-9231, CVE-2025-9232 tcrd: 30th September 2025 toss: Tue Sep 30 13:49:20 2025 soss: [oss-security] OpenSSL Security Advisory loss: https://www.openwall.com/lists/oss-security/2025/09/30/5 proj: open-vm-tools subj: [vs] [EMBARGOED] CVE-2025-41244 - open-vm-tools trep: Tue Sep 23 07:27:43 2025 cves: CVE-2025-41244, VMSA-2025-0015 tcrd: Sep 29th, 2025 toss: Mon Sep 29 16:24:26 2025 soss: [oss-security] [Security Advisory] open-vm-tools: Local privilege escalation (CVE-2025-41244) loss: https://www.openwall.com/lists/oss-security/2025/09/29/10 proj: FreeIPA subj: [vs-plain] CVE-2025-7493 - Privilege escalation from host to domain admin in FreeIPA trep: Wed Sep 24 19:00:18 2025 cves: CVE-2025-7493 tcrd: September 30th toss: Tue Sep 30 15:50:21 2025 soss: [oss-security] FreeIPA - CVE-2025-7493 - Privilege Escalation from host to domain admin loss: https://www.openwall.com/lists/oss-security/2025/09/30/6