Security Vulnerabilities - CVEs Published In March 2025
Memory corruption in display driver while detaching a device.
CVSS Score
7.8
EPSS Score
0.0
Published
2025-03-03
Memory corruption while invoking IOCTL calls from the use-space for HGSL memory node.
CVSS Score
7.8
EPSS Score
0.0
Published
2025-03-03
Memory corruption during voice activation, when sound model parameters are loaded from HLOS to ADSP.
CVSS Score
7.8
EPSS Score
0.0
Published
2025-03-03
Memory corruption during voice activation, when sound model parameters are loaded from HLOS, and the received sound model list is empty in HLOS drive.
CVSS Score
7.8
EPSS Score
0.0
Published
2025-03-03
Memory corruption caused by missing locks and checks on the DMA fence and improper synchronization.
CVSS Score
7.8
EPSS Score
0.0
Published
2025-03-03
Memory corruption while handling multuple IOCTL calls from userspace for remote invocation.
CVSS Score
7.8
EPSS Score
0.0
Published
2025-03-03
Memory corruption may occur during the synchronization of the camera`s frame processing pipeline.
CVSS Score
7.8
EPSS Score
0.0
Published
2025-03-03
Improper privilege management in a REST interface allowed registered users to access unauthorized resources if the resource ID was know.
This issue affects Apache StreamPipes: through 0.95.1.
Users are recommended to upgrade to version 0.97.0 which fixes the issue.
CVSS Score
6.5
EPSS Score
0.001
Published
2025-03-03
While processing the authentication message in UE, improper authentication may lead to information disclosure.
CVSS Score
5.4
EPSS Score
0.001
Published
2025-03-03
Information disclosure while deriving keys for a session for any Widevine use case.
CVSS Score
5.5
EPSS Score
0.0
Published
2025-03-03