8.1
CVE-2025-27813 -
MSI Center before 2.0.52.0 has Missing PE Signature Validation.
9
CVE-2025-32743 -
In ConnMan through 1.44, the lookup string in ns_resolv in dnsproxy.c can be NULL or an empty string when the TC (Truncated) bit is set in a DNS response. This allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code, because those lookup values lead to iโฆ
8.1
CVE-2025-27812 -
MSI Center before 2.0.52.0 allows TOCTOU Local Privilege Escalation.
6.5
CVE-2025-32386 - Helm Allows A Specially Crafted Chart Archive To Cause Out Of Memory Termination
Helm is a tool for managing Charts. A chart archive file can be crafted in a manner where it expands to be significantly larger uncompressed than compressed (e.g., >800x difference). When Helm loads this specially crafted chart, memory can be exhausted causing the application to terminate. This issโฆ
6.5
CVE-2025-32387 - Helm Allows A Specially Crafted JSON Schema To Cause A Stack Overflow
Helm is a package manager for Charts for Kubernetes. A JSON Schema file within a chart can be crafted with a deeply nested chain of references, leading to parser recursion that can exceed the stack size limit and trigger a stack overflow. This issue has been resolved in Helm v3.17.3.
5
CVE-2025-24375 - MySQL K8s charm could leak credentials for root-level user `serverconfig`
Charmed MySQL K8s operator is a Charmed Operator for running MySQL on Kubernetes. Before revision 221, the method for calling a SQL DDL or python based mysql-shell scripts can leak database users credentials. The method mysql-operator calls mysql-shell application rely on writing to a temporary scrโฆ
8.7
CVE-2025-30660 - Junos OS: MX Series: Decapsulation of specific GRE packets leads to PFE reset
An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (pfe) of Juniper Networks Junos OS on MX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS).When processing a high rate of specific GRE traffic destined to โฆ
8.7
CVE-2025-30659 - Junos OS: SRX Series: A device configured for vector routing crashes when receiving malformed traffโฆ
An Improper Handling of Length Parameter Inconsistency vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS). When a device configured for Secure Vector Routing (SVR) receiโฆ
8.7
CVE-2025-30658 - Junos OS: SRX Series: On devices with Anti-Virus enabled, malicious server responses will cause memโฆ
A Missing Release of Memory after Effective Lifetime vulnerability in the Anti-Virus processing of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attackerย to cause a Denial-of-Service (DoS). On all SRX platforms with Anti-Virus enabled, if a server sends specifiโฆ
6.9
CVE-2025-30657 - Junos OS: Processing of a specific BGP update causes the SRRD process to crash
An Improper Encoding or Escaping of Output vulnerability in the Sampling Route Record Daemon (SRRD) of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to cause a Denial-of-Service (DoS). When a device configured for flow-monitoring receives a specific BGP update messageโฆ