Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-02-12 | CVE-2025-1209 | Cross-site Scripting vulnerability in Anisha Wazifa System 1.0 A vulnerability classified as problematic has been found in code-projects Wazifa System 1.0. | 5.4 |
| 2025-02-12 | CVE-2025-0556 | Cleartext Transmission of Sensitive Information vulnerability in Progress Telerik Report Server In Progress® Telerik® Report Server, versions prior to 2025 Q1 (11.0.25.211) when using the older .NET Framework implementation, communication of non-sensitive information between the service agent process and app host process occurs over an unencrypted tunnel, which can be subjected to local network traffic sniffing. | 6.5 |
| 2025-02-12 | CVE-2025-1208 | Cross-site Scripting vulnerability in Anisha Wazifa System 1.0 A vulnerability was found in code-projects Wazifa System 1.0. | 5.4 |
| 2025-02-12 | CVE-2025-1202 | SQL Injection vulnerability in Mayurik Best Church Management Software 1.1 A vulnerability classified as critical has been found in SourceCodester Best Church Management Software 1.1. | 6.5 |
| 2025-02-12 | CVE-2024-57952 | Unspecified vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: Revert "libfs: fix infinite directory reads for offset dir" The current directory offset allocator (based on mtree_alloc_cyclic) stores the next offset value to return in octx->next_offset. | 5.5 |
| 2025-02-12 | CVE-2025-1200 | A vulnerability was found in SourceCodester Best Church Management Software 1.1. | 6.3 |
| 2025-02-12 | CVE-2025-1201 | SQL Injection vulnerability in Mayurik Best Church Management Software 1.1 A vulnerability was found in SourceCodester Best Church Management Software 1.1. | 6.5 |
| 2025-02-12 | CVE-2025-21694 | Unspecified vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: fs/proc: fix softlockup in __read_vmcore (part 2) Since commit 5cbcb62dddf5 ("fs/proc: fix softlockup in __read_vmcore") the number of softlockups in __read_vmcore at kdump time have gone down, but they still happen sometimes. In a memory constrained environment like the kdump image, a softlockup is not just a harmless message, but it can interfere with things like RCU freeing memory, causing the crashdump to get stuck. The second loop in __read_vmcore has a lot more opportunities for natural sleep points, like scheduling out while waiting for a data write to happen, but apparently that is not always enough. Add a cond_resched() to the second loop in __read_vmcore to (hopefully) get rid of the softlockups. | 5.5 |
| 2025-02-12 | CVE-2025-21695 | NULL Pointer Dereference vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: platform/x86: dell-uart-backlight: fix serdev race The dell_uart_bl_serdev_probe() function calls devm_serdev_device_open() before setting the client ops via serdev_device_set_client_ops(). | 4.7 |
| 2025-02-12 | CVE-2025-21696 | Unspecified vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: mm: clear uffd-wp PTE/PMD state on mremap() When mremap()ing a memory region previously registered with userfaultfd as write-protected but without UFFD_FEATURE_EVENT_REMAP, an inconsistency in flag clearing leads to a mismatch between the vma flags (which have uffd-wp cleared) and the pte/pmd flags (which do not have uffd-wp cleared). | 5.5 |