Vulnerabilities > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-03-16 | CVE-2025-2352 | A vulnerability, which was classified as problematic, has been found in StarSea99 starsea-mall 1.0. | 2.4 |
| 2025-03-16 | CVE-2025-2349 | A vulnerability was found in IROAD Dash Cam FX2 up to 20250308. high complexity CWE-916 | 3.1 |
| 2025-03-16 | CVE-2025-2341 | A vulnerability was found in IROAD Dash Cam X5 up to 20250203. high complexity | 3.1 |
| 2025-03-16 | CVE-2025-2340 | A vulnerability was found in otale Tale Blog 2.0.5. | 2.4 |
| 2025-03-16 | CVE-2025-2335 | A vulnerability classified as problematic was found in Drivin Soluções up to 20250226. | 3.5 |
| 2025-03-15 | CVE-2025-2157 | A flaw was found in Foreman/Red Hat Satellite. | 3.3 |
| 2025-03-12 | CVE-2025-21851 | Improper Locking vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: bpf: Fix softlockup in arena_map_free on 64k page kernel On an aarch64 kernel with CONFIG_PAGE_SIZE_64KB=y, arena_htab tests cause a segmentation fault and soft lockup. The same failure is not observed with 4k pages on aarch64. It turns out arena_map_free() is calling apply_to_existing_page_range() with the address returned by bpf_arena_get_kern_vm_start(). | 3.3 |
| 2025-03-12 | CVE-2025-21860 | Unspecified vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: mm/zswap: fix inconsistency when zswap_store_page() fails Commit b7c0ccdfbafd ("mm: zswap: support large folios in zswap_store()") skips charging any zswap entries when it failed to zswap the entire folio. However, when some base pages are zswapped but it failed to zswap the entire folio, the zswap operation is rolled back. | 3.3 |
| 2025-03-12 | CVE-2024-13838 | Server-Side Request Forgery (SSRF) vulnerability in Uncannyowl Uncanny Automator The Uncanny Automator – Easy Automation, Integration, Webhooks & Workflow Builder Plugin plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 6.2 via the 'call_webhook' method of the Automator_Send_Webhook class This makes it possible for authenticated attackers, with Administrator-level access and above, to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services. | 3.8 |
| 2025-03-11 | CVE-2025-2212 | A vulnerability was found in Castlenet CBW383G2N up to 20250301. | 2.4 |