CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2025-30211 – KEX init error results with excessive memory usage
https://notcve.org/view.php?id=CVE-2025-30211
28 Mar 2025 — An attacker could possibly use this issue to consume large amount of memory leading to a denial of service. • https://github.com/erlang/otp/security/advisories/GHSA-vvr3-fjhh-cfwc • CWE-789: Memory Allocation with Excessive Size Value •
CVSS: 8.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-27932
https://notcve.org/view.php?id=CVE-2025-27932
28 Mar 2025 — If this vulnerability is exploited, an attacker may delete a file on the device or cause a denial of service (DoS) condition. • https://jvn.jp/en/jp/JVN04278547 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-38988
https://notcve.org/view.php?id=CVE-2024-38988
28 Mar 2025 — This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via injecting arbitrary properties. • https://gist.github.com/mestrtee/4c5dfb66bea377889c44dd6c8af28713 • CWE-1321: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') •
CVSS: 9.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-38985
https://notcve.org/view.php?id=CVE-2024-38985
28 Mar 2025 — This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via injecting arbitrary properties. • https://gist.github.com/mestrtee/32c0a48023036e51918f6a098f21953d • CWE-1321: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') •
CVSS: 7.5EPSS: 0%CPEs: -EXPL: 0CVE-2024-57083 – redoc: Prototype Pollution in redoc
https://notcve.org/view.php?id=CVE-2024-57083
28 Mar 2025 — A prototype pollution in the component Module.mergeObjects (redoc/bundles/redoc.lib.js:2) of redoc <= 2.2.0 allows attackers to cause a Denial of Service (DoS) via supplying a crafted payload. ... This vulnerability can allow an attacker to cause a Denial of Service (DoS) via supplying a crafted payload. • https://github.com/Redocly/redoc/issues/2499 • CWE-1321: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') •
CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-12905 – tar-fs: link following and path traversal via maliciously crafted tar file
https://notcve.org/view.php?id=CVE-2024-12905
27 Mar 2025 — Issues addressed include denial of service and traversal vulnerabilities. • https://github.com/mafintosh/tar-fs/commit/a1dd7e7c7f4b4a8bd2ab60f513baca573b44e2ed • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 6.1EPSS: 0%CPEs: 5EXPL: 0CVE-2025-21891 – ipvlan: ensure network headers are in skb linear part
https://notcve.org/view.php?id=CVE-2025-21891
27 Mar 2025 — In the Linux kernel, the following vulnerability has been resolved: ipvlan: ensure network headers are in skb linear part syzbot found that ipvlan_process_v6_outbound() was assuming the IPv6 network header isis present in skb->head [1] Add the needed pskb_network_may_pull() calls for both IPv4 and IPv6 handlers. • https://git.kernel.org/stable/c/2ad7bf3638411cb547f2823df08166c13ab04269 •
CVSS: 8.8EPSS: 0%CPEs: 9EXPL: 0CVE-2025-21887 – ovl: fix UAF in ovl_dentry_update_reval by moving dput() in ovl_link_up
https://notcve.org/view.php?id=CVE-2025-21887
27 Mar 2025 — </TASK> Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. • https://git.kernel.org/stable/c/62f29ca45f832e281fc14966ac25f6ff3bd121ca • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2025-21881 – uprobes: Reject the shared zeropage in uprobe_write_opcode()
https://notcve.org/view.php?id=CVE-2025-21881
27 Mar 2025 — . -> folio_remove_rmap_pte() -> VM_WARN_ON_FOLIO(is_zero_folio(folio), folio) Considering that uprobe hit on the zero folio is a very rare case, just reject zero old folio immediately after get_user_page_vma_remote(). [ mingo: Cleaned up the changelog ] Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. • https://git.kernel.org/stable/c/2b144498350860b6ee9dc57ff27a93ad488de5dc •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2025-21878 – i2c: npcm: disable interrupt enable bit before devm_request_irq
https://notcve.org/view.php?id=CVE-2025-21878
27 Mar 2025 — Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. • https://git.kernel.org/stable/c/56a1485b102ed1cd5a4af8e87ed794699fd1cad2 •