Web-Based Internet Laboratory Management System /settings/controller.php File SQL Injection Vulnerability

Web-Based Internet Laboratory Management System is a web laboratory software. A SQL injection vulnerability exists in Web-Based Internet Laboratory Management System, which originates from a lack of validation of externally entered SQL statements in the file /settings/controller.php. An attacker...

CVE-2025-8727

There is a vulnerability in the Supermicro BMC web function at Supermicro MBD-X13SEDW-F. After logging into the BMC Web server, an attacker can use a specially crafted payload to trigger the Stack buffer overflow vulnerability...

CVE-2025-7623

Stack-based buffer overflow in the SMASH-CLP shell. An authenticated attacker with SSH access to the BMC can exploit a stack buffer overflow via a crafted SMASH command, overwrite the return address and registers, and achieve arbitrary code execution on the BMC firmware operating system...

Bluetooth: When HCI work queue is drained, only queue chained work

...

CVE-2025-63695

DzzOffice v2.3.7 and before is vulnerable to Arbitrary File Upload in /dzz/system/ueditor/php/controller.php...

CVE-2025-13300

A vulnerability has been found in itsourcecode Web-Based Internet Laboratory Management System 1.0. Affected is an unknown function of the file /settings/controller.php. The manipulation leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the...

CVE-2025-13301

A vulnerability was found in itsourcecode Web-Based Internet Laboratory Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /subject/controller.php. The manipulation results in sql injection. It is possible to launch the attack remotely. The exploit has...

CVE-2025-13299

A flaw has been found in itsourcecode Web-Based Internet Laboratory Management System 1.0. This impacts an unknown function of the file /user/controller.php. Executing a manipulation can lead to sql injection. The attack may be performed from remote. The exploit has been published and may be used...

CVE-2025-13298

A vulnerability was detected in itsourcecode Web-Based Internet Laboratory Management System 1.0. This affects an unknown function of the file /enrollment/controller.php. Performing a manipulation results in sql injection. The attack is possible to be carried out remotely. The exploit is now publ...

CVE-2025-63695

DzzOffice v2.3.7 and before is vulnerable to Arbitrary File Upload in /dzz/system/ueditor/php/controller.php...

CVE-2025-13297

A security vulnerability has been detected in itsourcecode Web-Based Internet Laboratory Management System 1.0. The impacted element is an unknown function of the file /course/controller.php. Such manipulation leads to sql injection. The attack can be executed remotely. The exploit has been...

CVE-2025-63811 vulnerabilities

Vulnerabilities for packages: dapr, argo-events, cluster-api-aws-controller, grafana-alloy, bento, splunk-otel-collector, jitsucom-bulker, telegraf, sqlexporter, opentelemetry-collector-contrib, amazon-cloudwatch-agent...

GHSA-9MJ6-HXHV-W67J vulnerabilities

Vulnerabilities for packages: dapr, argo-events, cluster-api-aws-controller, grafana-alloy, bento, splunk-otel-collector, jitsucom-bulker, telegraf, sqlexporter, opentelemetry-collector-contrib, amazon-cloudwatch-agent...

CVE-2025-63811 vulnerabilities

Vulnerabilities for packages: sqlexporter-fips, splunk-otel-collector-fips, sqlexporter, jitsucom-bulker, dapr-fips, argo-events-fips, bento, grafana-alloy, dapr, amazon-cloudwatch-agent, vault-fips, splunk-otel-collector, cluster-api-aws-controller, cluster-api-aws-controller-fips,...

EUVD-2025-197953

Stack buffer overflow vulnerability exists in the Supermicro BMC Shared library. An authenticated attacker with access to the BMC exploit stack buffer via a crafted header and achieve arbitrary code execution of the BMC’s firmware operating system...

Security Bulletin: Vulnerability in strongswan affects IBM SAN Volume Controller, IBM Spectrum Virtualize and IBM FlashSystem products

Summary A vulnerability in the strongswan IKEv1 implementation affects IBM Storage Virtualize products and could cause a confidentiality impact. CVE-2025-36118. Vulnerability Details CVEID:CVE-2025-36118 DESCRIPTION: IBM Storage Virtualize IKEv1 implementation allows remote attackers to obtain...

CVE-2025-8727

There is a vulnerability in the Supermicro BMC web function at Supermicro MBD-X13SEDW-F. After logging into the BMC Web server, an attacker can use a specially crafted payload to trigger the Stack buffer overflow vulnerability...

CVE-2025-8404

Stack buffer overflow vulnerability exists in the Supermicro BMC Shared library. An authenticated attacker with access to the BMC exploit stack buffer via a crafted header and achieve arbitrary code execution of the BMC’s firmware operating system...

CVE-2025-8404 Stack buffer overflow vulnerability exists in the Supermicro BMC Shared library

Stack buffer overflow vulnerability exists in the Supermicro BMC Shared library. An authenticated attacker with access to the BMC exploit stack buffer via a crafted header and achieve arbitrary code execution of the BMC’s firmware operating system...

CVE-2025-8404

CVE-2025-8404 describes a stack buffer overflow in the Supermicro BMC Shared library. An authenticated attacker with access to the BMC can trigger a crafted header to overflow a stack and achieve arbitrary code execution on the BMC firmware OS. The issue is assessed with CVSS 3.1: Network attack ...