| 2025-03-06 | CVE-2024-58070 | Improper Locking vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: bpf: bpf_local_storage: Always use bpf_mem_alloc in PREEMPT_RT In PREEMPT_RT, kmalloc(GFP_ATOMIC) is still not safe in non preemptible context. | 5.5 |
| 2025-03-06 | CVE-2024-58071 | Improper Locking vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: team: prevent adding a device which is already a team device lower Prevent adding a device which is already a team device lower, e.g. | 5.5 |
| 2025-03-06 | CVE-2024-58073 | NULL Pointer Dereference vulnerability in Linux Kernel 6.13/6.13.1
In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: check dpu_plane_atomic_print_state() for valid sspp Similar to the r_pipe sspp protect, add a check to protect the pipe state prints to avoid NULL ptr dereference for cases when the state is dumped without a corresponding atomic_check() where the pipe->sspp is assigned. Patchwork: https://patchwork.freedesktop.org/patch/628404/ | 5.5 |
| 2025-03-06 | CVE-2024-12146 | Improper Validation of Syntactic Correctness of Input vulnerability in Finder Fire Safety Finder ERP/CRM (New System) allows SQL Injection.This issue affects Finder ERP/CRM (New System): before 18.12.2024. | 7.5 |
| 2025-03-06 | CVE-2025-2029 | A vulnerability was found in MicroDicom DICOM Viewer 2025.1 Build 3321. | 5.3 |
| 2025-03-06 | CVE-2025-2030 | A vulnerability was found in Seeyon Zhiyuan Interconnect FE Collaborative Office Platform up to 20250224. | 7.3 |
| 2025-03-06 | CVE-2024-12144 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Finder Fire Safety Finder ERP/CRM (Old System) allows SQL Injection.This issue affects Finder ERP/CRM (Old System): before 18.12.2024. network low complexity CWE-89 critical | 9.8 |
| 2025-03-06 | CVE-2025-0877 | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in AtaksAPP Reservation Management System allows Cross-Site Scripting (XSS).This issue affects Reservation Management System: before 4.2.3. | 4.7 |
| 2025-03-06 | CVE-2024-7872 | Insertion of Sensitive Information Into Sent Data vulnerability in ExtremePACS Extreme XDS allows Retrieve Embedded Sensitive Data.This issue affects Extreme XDS: before 3933. | 7.6 |
| 2025-03-06 | CVE-2025-1383 | Cross-Site Request Forgery (CSRF) vulnerability in Podlove Podcast Publisher
The Podlove Podcast Publisher plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.2.2. | 4.3 |