CVSS: 7.5EPSS: 0%CPEs: -EXPL: 0CVE-2024-57083 – redoc: Prototype Pollution in redoc
https://notcve.org/view.php?id=CVE-2024-57083
28 Mar 2025 — A prototype pollution in the component Module.mergeObjects (redoc/bundles/redoc.lib.js:2) of redoc <= 2.2.0 allows attackers to cause a Denial of Service (DoS) via supplying a crafted payload. ... This vulnerability can allow an attacker to cause a Denial of Service (DoS) via supplying a crafted payload. • https://github.com/Redocly/redoc/issues/2499 • CWE-1321: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') •
CVSS: 7.8EPSS: 0%CPEs: -EXPL: 0CVE-2024-12905 – tar-fs: link following and path traversal via maliciously crafted tar file
https://notcve.org/view.php?id=CVE-2024-12905
27 Mar 2025 — Issues addressed include denial of service and traversal vulnerabilities. • https://github.com/mafintosh/tar-fs/commit/a1dd7e7c7f4b4a8bd2ab60f513baca573b44e2ed • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 6.1EPSS: 0%CPEs: 5EXPL: 0CVE-2025-21891 – ipvlan: ensure network headers are in skb linear part
https://notcve.org/view.php?id=CVE-2025-21891
27 Mar 2025 — In the Linux kernel, the following vulnerability has been resolved: ipvlan: ensure network headers are in skb linear part syzbot found that ipvlan_process_v6_outbound() was assuming the IPv6 network header isis present in skb->head [1] Add the needed pskb_network_may_pull() calls for both IPv4 and IPv6 handlers. • https://git.kernel.org/stable/c/2ad7bf3638411cb547f2823df08166c13ab04269 •
CVSS: 8.8EPSS: 0%CPEs: 9EXPL: 0CVE-2025-21887 – ovl: fix UAF in ovl_dentry_update_reval by moving dput() in ovl_link_up
https://notcve.org/view.php?id=CVE-2025-21887
27 Mar 2025 — </TASK> Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. • https://git.kernel.org/stable/c/62f29ca45f832e281fc14966ac25f6ff3bd121ca • CWE-416: Use After Free •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2025-21881 – uprobes: Reject the shared zeropage in uprobe_write_opcode()
https://notcve.org/view.php?id=CVE-2025-21881
27 Mar 2025 — . -> folio_remove_rmap_pte() -> VM_WARN_ON_FOLIO(is_zero_folio(folio), folio) Considering that uprobe hit on the zero folio is a very rare case, just reject zero old folio immediately after get_user_page_vma_remote(). [ mingo: Cleaned up the changelog ] Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. • https://git.kernel.org/stable/c/2b144498350860b6ee9dc57ff27a93ad488de5dc •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2025-21878 – i2c: npcm: disable interrupt enable bit before devm_request_irq
https://notcve.org/view.php?id=CVE-2025-21878
27 Mar 2025 — Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. • https://git.kernel.org/stable/c/56a1485b102ed1cd5a4af8e87ed794699fd1cad2 •
CVSS: 5.6EPSS: 0%CPEs: 8EXPL: 0CVE-2025-21877 – usbnet: gl620a: fix endpoint checking in genelink_bind()
https://notcve.org/view.php?id=CVE-2025-21877
27 Mar 2025 — Call Trace:
CVSS: 5.6EPSS: 0%CPEs: 7EXPL: 0CVE-2025-21875 – mptcp: always handle address removal under msk socket lock
https://notcve.org/view.php?id=CVE-2025-21875
27 Mar 2025 — The above statement is incorrect, as without locks another process could concur ---truncated--- Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. • https://git.kernel.org/stable/c/b6c08380860b926752d57c8fa9911fa388c4b876 •
CVSS: 6.3EPSS: 0%CPEs: 8EXPL: 0CVE-2024-58090 – sched/core: Prevent rescheduling when interrupts are disabled
https://notcve.org/view.php?id=CVE-2024-58090
27 Mar 2025 — Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. • https://git.kernel.org/stable/c/321794b75ac968f0bb6b9c913581949452a8d992 •
CVSS: 8.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-30358 – Mesop Class Pollution vulnerability leads to DoS and Jailbreak attacks
https://notcve.org/view.php?id=CVE-2025-30358
27 Mar 2025 — This vulnerability could directly lead to a denial of service (DoS) attack against the server. • https://github.com/mesop-dev/mesop/commit/748e20d4a363d89b841d62213f5b0c6b4bed788f • CWE-915: Improperly Controlled Modification of Dynamically-Determined Object Attributes •