Skip to main content
CVE-2025-21636 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: sctp: sysctl: plpmtud_probe_interval: avoid using current->nsproxy As mentioned in a previous commit of this series, using the. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Null Pointer Dereference Linux Denial Of Service Linux Kernel Red Hat +1
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2025-21635 MEDIUM PATCH This Month

{rcv,snd}buf: avoid using current->nsproxy As mentioned in a previous commit of this series, using the 'net'. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Null Pointer Dereference Linux Denial Of Service Linux Kernel Red Hat +1
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2025-21634 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: cgroup/cpuset: remove kernfs active break A warning was found: WARNING: CPU: 10 PID: 3486953 at fs/kernfs/file.c:828 CPU: 10 PID:. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Linux Linux Kernel Red Hat Suse
NVD
CVSS 3.1
5.5
EPSS
0.0%

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. No vendor patch available.

Information Disclosure
NVD
CVE-2025-21632 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: x86/fpu: Ensure shadow stack is active before "getting" registers The x86 shadow stack support has its own set of registers. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Null Pointer Dereference Linux Denial Of Service Linux Kernel Red Hat +1
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2025-21631 HIGH PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: block, bfq: fix waker_bfqq UAF after bfq_split_bfqq() Our syzkaller report a following UAF for v6.6: BUG: KASAN:. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Information Disclosure Memory Corruption Use After Free Linux Linux Kernel +2
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-0567 LOW Monitor

A vulnerability classified as problematic was found in Epic Games Launcher up to 17.2.1. Rated low severity (CVSS 2.0). No vendor patch available.

Information Disclosure
NVD VulDB
CVSS 4.0
2.0
EPSS
0.1%
CVE-2025-0566 HIGH POC THREAT This Week

A vulnerability classified as critical has been found in Tenda AC15 15.13.07.13. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 10.2%.

Tenda Buffer Overflow Ac15 Firmware
NVD VulDB
CVSS 4.0
8.7
EPSS
10.2%
CVE-2025-0565 MEDIUM POC This Week

A vulnerability was found in ZZCMS 2023. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Zzcms
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.1%
CVE-2025-0564 MEDIUM POC This Week

A vulnerability was found in code-projects Fantasy-Cricket 1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Fantasy Cricket
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.1%
CVE-2024-45654 MEDIUM Monitor

IBM Security ReaQta 3.12 could allow an authenticated user to perform unauthorized actions due to reliance on untrusted inputs. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass IBM Security Qradar Edr
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2024-45653 MEDIUM Monitor

IBM Sterling Connect:Direct Web Services 6.0, 6.1, 6.2, and 6.3 could disclose sensitive IP address information to authenticated users in responses that could be used in further attacks against the. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM Information Disclosure Sterling Connect Direct Web Services
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2024-45652 MEDIUM This Month

IBM Maximo MXAPIASSET API 7.6.1.3 could allow a remote attacker to traverse directories on the system. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM Path Traversal Maximo Asset Management
NVD
CVSS 3.1
6.5
EPSS
0.1%
CVE-2025-0563 MEDIUM POC This Month

A vulnerability was found in code-projects Fantasy-Cricket 1.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Fantasy Cricket
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.1%
CVE-2025-0562 MEDIUM POC This Month

A vulnerability was found in Codezips Gym Management System 1.0 and classified as critical.php. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Gym Management System
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.1%
CVE-2025-0561 MEDIUM POC This Month

A vulnerability has been found in itsourcecode Farm Management System 1.0 and classified as critical. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Farm Management System
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.1%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy