Lucene search
K

11468 matches found

Positive Technologies
Positive Technologies
added 2025/10/14 12:0 a.m.5 views

PT-2025-41893

Name of the Vulnerable Software and Affected Versions Studio 5000 Logix Designer affected versions not specified Description A security issue exists that can lead to a denial-of-service condition. This is caused by providing invalid values to Component Object Model COM methods. The vulnerability...

8.7CVSS6.2AI score0.00345EPSS
Exploits0References5
Snyk
Snyk
added 2025/10/13 9:31 p.m.4 views

Authorization Bypass Through User-Controlled Key

Overview com.liferay.portal:com.liferay.portal.impl is a package part of Liferay. Affected versions of this package are vulnerable to Authorization Bypass Through User-Controlled Key via the comliferayusersadminwebportletUsersAdminPortletaddUserIds parameter. An attacker can assign an organizatio...

5.3CVSS6.9AI score0.00243EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/10/13 8:42 p.m.9 views

CVE-2025-62252

Insecure Direct Object Reference IDOR vulnerability in Liferay Portal 7.4.0 through 7.4.3.111, and older unsupported versions, and Liferay DXP 2023.Q4.0 through 2023.Q4.5, 2023.Q3.1 through 2023.Q3.10, 7.4 GA through update 92, and older unsupported versions allows remote authenticated users in o...

5.3CVSS0.00243EPSS
Exploits0References1
CVE
CVE
added 2025/10/13 8:42 p.m.14 views

CVE-2025-62252

The CVE-2025-62252 issue is an IDOR vulnerability in Liferay Portal 7.4.0–7.4.3.111 and Liferay DXP 2023.Q3.1–Q3.10, 2023.Q4.0–Q4.5, and 7.4 GA–update 92. Affected code path is the _com_liferay_users_admin_web_portlet_UsersAdminPortlet_addUserIds parameter, which can let remote authenticated user...

5.3CVSS6.4AI score0.00243EPSS
Exploits0References1Affected Software2
EUVD
EUVD
added 2025/10/13 9:30 a.m.4 views

EUVD-2025-34053

A vulnerability was found in code-projects Automated Voting System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/addcandidatemodal.php.. The manipulation of the argument firstname results in sql injection. The attack can be executed remotely. The exploit has...

6.5CVSS6.3AI score0.00395EPSS
Exploits1References6
Vulnrichment
Vulnrichment
added 2025/10/13 7:32 a.m.3 views

CVE-2025-11667 code-projects Automated Voting System add_candidate_modal.php. sql injection

A vulnerability was found in code-projects Automated Voting System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/addcandidatemodal.php.. The manipulation of the argument firstname results in sql injection. The attack can be executed remotely. The exploit has...

6.5CVSS6.8AI score0.00395EPSS
Exploits1References5
CVE
CVE
added 2025/10/13 7:32 a.m.14 views

CVE-2025-11667

The CVE-2025-11667 entry concerns code-projects Automated Voting System 1.0. Affected component: the server-side code in /admin/add_candidate_modal.php. The vulnerability is SQL injection triggered by manipulating the firstname parameter, allowing remote exploitation. Multiple connected sources c...

8.8CVSS6.5AI score0.00395EPSS
Exploits1References5Affected Software1
RedHat Linux
RedHat Linux
added 2025/10/13 12:28 a.m.5 views

kernel: net_sched: ets: Fix double list add in class with netem as child qdisc

A use-after-free vulnerability was found in the Linux kernel’s netem qdisc. This issue occurs when it incorrectly manages duplicated packets in classful parent qdiscs. This leads to a corrupted internal state and eventual dereferencing of freed memory, resulting in unpredictable behavior, system...

7.8CVSS7.2AI score0.00173EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/10/13 12:15 a.m.5 views

Important: Red Hat Security Advisory: kernel-rt security update

An update for kernel-rt is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

7.8CVSS6.8AI score0.00173EPSS
Exploits0References3
CNVD
CNVD
added 2025/10/13 12:0 a.m.2 views

Voting System voters_add.php File Upload Vulnerability

Voting System is an election system. Voting System has a file upload vulnerability that stems from the lack of valid validation of uploaded files by the parameter photo in file /admin/votersadd.php. An attacker can exploit this vulnerability to upload malicious files...

9.8CVSS7AI score0.00401EPSS
Exploits1References1
CNVD
CNVD
added 2025/10/13 12:0 a.m.3 views

E-Commerce Website product_add.php File SQL Injection Vulnerability

E-Commerce Website is an e-commerce website. E-Commerce Website suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter prodname in the file /pages/productadd.php. An attacker can exploit this vulnerability to...

9.8CVSS8.3AI score0.00359EPSS
Exploits1References1
CNVD
CNVD
added 2025/10/13 12:0 a.m.3 views

E-Commerce Website supplier_add.php File SQL Injection Vulnerability

E-Commerce Website is an e-commerce website. E-Commerce Website suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter suppemail in the file /pages/supplieradd.php. An attacker can exploit this vulnerability to...

9.8CVSS8.3AI score0.00359EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2025/10/13 12:0 a.m.7 views

PT-2025-41811

Name of the Vulnerable Software and Affected Versions Liferay Portal versions 7.4.0 through 7.4.3.111 Liferay DXP versions 2023.Q3.1 through 2023.Q3.10 Liferay DXP versions 2023.Q4.0 through 2023.Q4.5 Liferay Portal 7.4 GA through update 92 Description An Insecure Direct Object Reference IDOR iss...

5.3CVSS6.4AI score0.00243EPSS
Exploits0References6
CNNVD
CNNVD
added 2025/10/13 12:0 a.m.4 views

code-projects Automated Voting System SQL注入漏洞

Automated Voting System is an automated voting system. Automated Voting System suffers from a SQL injection vulnerability that stems from the lack of validation of the parameter firstname in file /admin/addcandidatemodal.php for externally entered SQL statements. An attacker can exploit this...

8.8CVSS8.2AI score0.00395EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2025/10/12 10:22 p.m.11 views

CVE-2025-11615

A security flaw has been discovered in SourceCodester Best Salon Management System 1.0. This affects an unknown part of the file /panel/addinvoice.php. Performing manipulation of the argument ServiceId results in sql injection. Remote exploitation of the attack is possible. The exploit has been...

9.8CVSS7AI score0.00425EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/10/12 11:5 a.m.8 views

CVE-2025-11597

A vulnerability was identified in code-projects E-Commerce Website 1.0. The impacted element is an unknown function of the file /pages/productaddqty.php. The manipulation of the argument prodid leads to sql injection. The attack is possible to be carried out remotely. The exploit is publicly...

9.8CVSS6.5AI score0.00359EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/12 12:30 a.m.5 views

EUVD-2025-33877

A security flaw has been discovered in SourceCodester Best Salon Management System 1.0. This affects an unknown part of the file /panel/addinvoice.php. Performing manipulation of the argument ServiceId results in sql injection. Remote exploitation of the attack is possible. The exploit has been...

7.5CVSS6.3AI score0.00425EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2025/10/12 12:0 a.m.7 views

RHEL 9 : kernel (RHSA-2025:17734)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:17734 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: netsched: hfsc: Fix a potenti...

7.8CVSS7AI score0.00173EPSS
Exploits0References12
EUVD
EUVD
added 2025/10/11 9:30 p.m.4 views

EUVD-2025-33875

A vulnerability has been found in code-projects Simple Food Ordering System 1.0. This impacts an unknown function of the file /addproduct.php. The manipulation of the argument Category leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and m...

6.5CVSS6.6AI score0.00302EPSS
Exploits1References6
NVD
NVD
added 2025/10/11 11:15 a.m.4 views

CVE-2025-11597

A vulnerability was identified in code-projects E-Commerce Website 1.0. The impacted element is an unknown function of the file /pages/productaddqty.php. The manipulation of the argument prodid leads to sql injection. The attack is possible to be carried out remotely. The exploit is publicly...

9.8CVSS0.00359EPSS
Exploits1References5
Rows per page
Query Builder