Vulnerabilities > Medium

DATE CVE VULNERABILITY TITLE RISK
2025-04-02 CVE-2024-25051 IBM Jazz Reporting Service 7.0.2 and 7.0.3 does not invalidate session after logout which could allow an authenticated privileged user to impersonate another user on the system.
network
high complexity
CWE-613
6.6
6.6
2025-04-02 CVE-2024-56341 IBM Content Navigator 3.0.11, 3.0.15, and 3.1.0 is vulnerable to cross-site scripting.
network
low complexity
CWE-79
5.4
5.4
2025-04-02 CVE-2024-50384 A denial of service vulnerability exists in the NetX Component HTTP server functionality of STMicroelectronics X-CUBE-AZRTOS-WL 2.0.0.
network
low complexity
CWE-459
6.5
6.5
2025-04-02 CVE-2024-50385 A denial of service vulnerability exists in the NetX Component HTTP server functionality of STMicroelectronics X-CUBE-AZRTOS-WL 2.0.0.
network
low complexity
CWE-459
6.5
6.5
2025-04-02 CVE-2024-50594 An integer underflow vulnerability exists in the HTTP server PUT request functionality of STMicroelectronics X-CUBE-AZRTOS-WL 2.0.0.
network
low complexity
CWE-191
4.3
4.3
2025-04-02 CVE-2024-50595 An integer underflow vulnerability exists in the HTTP server PUT request functionality of STMicroelectronics X-CUBE-AZRTOS-WL 2.0.0.
network
low complexity
CWE-191
4.3
4.3
2025-04-02 CVE-2024-50596 An integer underflow vulnerability exists in the HTTP server PUT request functionality of STMicroelectronics X-CUBE-AZRTOS-WL 2.0.0.
network
low complexity
CWE-191
4.3
4.3
2025-04-02 CVE-2024-50597 An integer underflow vulnerability exists in the HTTP server PUT request functionality of STMicroelectronics X-CUBE-AZRTOS-WL 2.0.0.
network
low complexity
CWE-191
4.3
4.3
2025-04-02 CVE-2025-21989 NULL Pointer Dereference vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fix missing .is_two_pixels_per_container Starting from 6.11, AMDGPU driver, while being loaded with amdgpu.dc=1, due to lack of .is_two_pixels_per_container function in dce60_tg_funcs, causes a NULL pointer dereference on PCs with old GPUs, such as R9 280X. So this fix adds missing .is_two_pixels_per_container to dce60_tg_funcs. (cherry picked from commit bd4b125eb949785c6f8a53b0494e32795421209d)
local
low complexity
linux CWE-476
5.5
5.5
2025-04-02 CVE-2025-21990 NULL Pointer Dereference vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: NULL-check BO's backing store when determining GFX12 PTE flags PRT BOs may not have any backing store, so bo->tbo.resource will be NULL.
local
low complexity
linux CWE-476
5.5
5.5