Lucene search
K

896 matches found

Vulnrichment
Vulnrichment
added 2025/04/04 4:0 p.m.14 views

CVE-2025-3254 xujiangfei admintwo add server-side request forgery

A vulnerability was found in xujiangfei admintwo 1.0. It has been classified as critical. Affected is an unknown function of the file /resource/add. The manipulation of the argument description leads to server-side request forgery. It is possible to launch the attack remotely. The exploit has bee...

6.5CVSS7.2AI score0.00494EPSS
Exploits1References4
OSV
OSV
added 2025/03/31 9:31 p.m.5 views

CVE-2025-3017 TA-Lib ta_regtest test_minmax.c setInputBuffer out-of-bounds write

A vulnerability, which was classified as critical, has been found in TA-Lib up to 0.6.4. This issue affects the function setInputBuffer of the file src/tools/taregtest/tatestfunc/testminmax.c of the component taregtest. The manipulation leads to out-of-bounds write. It is possible to launch the...

4.8CVSS5.2AI score0.00176EPSS
Exploits0References9
Vulnrichment
Vulnrichment
added 2025/03/31 12:0 p.m.9 views

CVE-2025-2994 Tenda FH1202 Web Management Interface qossetting access control

A vulnerability, which was classified as critical, was found in Tenda FH1202 1.2.0.14408. This affects an unknown part of the file /goform/qossetting of the component Web Management Interface. The manipulation leads to improper access controls. It is possible to initiate the attack remotely. The...

6.9CVSS5.4AI score0.00597EPSS
Exploits1References5
Cvelist
Cvelist
added 2025/03/30 6:0 p.m.18 views

CVE-2025-2956 TRENDnet TI-G102i HTTP Request lighttpd plugins_call_handle_uri_raw null pointer dereference

A vulnerability was found in TRENDnet TI-G102i 1.0.7.S0 /1.0.8.S0 and classified as problematic. This issue affects the function pluginscallhandleuriraw of the file /usr/sbin/lighttpd of the component HTTP Request Handler. The manipulation leads to null pointer dereference. The attack can only be...

7.1CVSS0.00373EPSS
Exploits0References5
NVD
NVD
added 2025/03/28 8:15 p.m.13 views

CVE-2025-2926

A vulnerability was found in HDF5 up to 1.14.6 and classified as problematic. This issue affects the function H5Ocachechkserialize of the file src/H5Ocache.c. The manipulation leads to null pointer dereference. An attack has to be approached locally. The exploit has been disclosed to the public a...

5.5CVSS0.00233EPSS
Exploits1References4
Cvelist
Cvelist
added 2025/03/28 8:0 p.m.26 views

CVE-2025-2926 HDF5 H5Ocache.c H5O__cache_chk_serialize null pointer dereference

A vulnerability was found in HDF5 up to 1.14.6 and classified as problematic. This issue affects the function H5Ocachechkserialize of the file src/H5Ocache.c. The manipulation leads to null pointer dereference. An attack has to be approached locally. The exploit has been disclosed to the public a...

4.8CVSS0.00233EPSS
Exploits1References4
NVD
NVD
added 2025/03/28 5:15 p.m.17 views

CVE-2025-2913

A vulnerability was found in HDF5 up to 1.14.6. It has been rated as critical. Affected by this issue is the function H5FLblkgclist of the file src/H5FL.c. The manipulation of the argument H5FLblkheadt leads to use after free. An attack has to be approached locally. The exploit has been disclosed...

5.3CVSS0.00229EPSS
Exploits1References4
AlpineLinux
AlpineLinux
added 2025/03/28 4:31 p.m.4 views

CVE-2025-2913

A vulnerability was found in HDF5 up to 1.14.6. It has been rated as critical. Affected by this issue is the function H5FLblkgclist of the file src/H5FL.c. The manipulation of the argument H5FLblkheadt leads to use after free. An attack has to be approached locally. The exploit has been disclosed...

5.3CVSS4.4AI score0.00229EPSS
Exploits1References4
OSV
OSV
added 2025/03/14 9:15 p.m.5 views

DEBIAN-CVE-2025-2310

A vulnerability was found in HDF5 1.14.6 and classified as critical. This issue affects the function H5MMstrndup of the component Metadata Attribute Decoder. The manipulation leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the public and...

7.8CVSS5.3AI score0.00361EPSS
Exploits1References1
OSV
OSV
added 2025/03/14 9:15 p.m.2 views

DEBIAN-CVE-2025-2309

A vulnerability has been found in HDF5 1.14.6 and classified as critical. This vulnerability affects the function H5Tbitcopy of the component Type Conversion Logic. The manipulation leads to heap-based buffer overflow. Local access is required to approach this attack. The exploit has been disclos...

7.8CVSS5.3AI score0.00324EPSS
Exploits1References1
OSV
OSV
added 2025/03/09 3:0 p.m.11 views

CVE-2025-2123 GeSHi CSS cssgen.php get_var cross site scripting

A vulnerability, which was classified as problematic, has been found in GeSHi up to 1.0.9.1. Affected by this issue is the function getvar of the file /contrib/cssgen.php of the component CSS Handler. The manipulation of the argument...

5.1CVSS3.8AI score0.00408EPSS
Exploits1References7
Cvelist
Cvelist
added 2025/03/07 3:0 a.m.13 views

CVE-2025-2061 code-projects Online Ticket Reservation System passenger.php cross site scripting

A vulnerability was found in code-projects Online Ticket Reservation System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file /passenger.php. The manipulation of the argument name leads to cross site scripting. The attack can be initiated remotely. The...

5.3CVSS0.00451EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2025/03/01 11:31 p.m.6 views

CVE-2025-1806 Eastnets PaymentSafe URL Default.aspx improper authorization

A vulnerability, which was classified as problematic, has been found in Eastnets PaymentSafe 2.5.26.0. Affected by this issue is some unknown functionality of the file /Default.aspx of the component URL Handler. The manipulation leads to improper authorization. The attack may be launched remotely...

5.3CVSS4.7AI score0.00296EPSS
Exploits0References4
OSV
OSV
added 2025/02/24 2:15 p.m.4 views

UBUNTU-CVE-2025-1632

A vulnerability was found in libarchive up to 3.7.7. It has been classified as problematic. This affects the function list of the file bsdunzip.c. The manipulation leads to null pointer dereference. It is possible to launch the attack on the local host. The exploit has been disclosed to the publi...

5.5CVSS5.9AI score0.00321EPSS
Exploits1References7
OSV
OSV
added 2025/02/24 1:31 p.m.13 views

CVE-2025-1632 libarchive bsdunzip.c list null pointer dereference

A vulnerability was found in libarchive up to 3.7.7. It has been classified as problematic. This affects the function list of the file bsdunzip.c. The manipulation leads to null pointer dereference. It is possible to launch the attack on the local host. The exploit has been disclosed to the publi...

4.8CVSS4.9AI score0.00321EPSS
Exploits1References6
CVE
CVE
added 2025/02/17 6:0 a.m.75 views

CVE-2025-1378

CVE-2025-1378 affects radare2 (library /libr/main/rasm2.c in the rasm2 component). The vulnerability is a local memory corruption in an unknown function, with exploitation requiring local access; the exploit has been disclosed publicly. A fix is available in radare2 6.0.0 (patch c6c772d2eab692ce7...

4.8CVSS7AI score0.00295EPSS
Exploits1References7Affected Software1
CVE
CVE
added 2025/02/12 8:0 a.m.110 views

CVE-2025-1186

Dayrui XunRuiCMS (versions up to 4.6.4) contains a deserialization vulnerability in the /Control/Api/Api.php file triggered by manipulating the thumb parameter. This remote, publicly disclosed issue has been rated critical in multiple sources. The exact root cause is not detailed beyond the thumb...

9.8CVSS6.5AI score0.00621EPSS
Exploits0References4Affected Software1
Vulnrichment
Vulnrichment
added 2025/01/18 2:0 p.m.8 views

CVE-2025-0559 Campcodes School Management Software Create Id Card Page create-id-card cross site scripting

A vulnerability, which was classified as problematic, has been found in Campcodes School Management Software 1.0. This issue affects some unknown processing of the file /create-id-card of the component Create Id Card Page. The manipulation of the argument ID Card Title leads to cross site...

5.1CVSS6.2AI score0.00345EPSS
Exploits1References5
OSV
OSV
added 2025/01/12 2:15 p.m.2 views

CVE-2025-0398

A vulnerability has been found in longpi1 warehouse 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /resources/..;/inport/updateInport of the component Backend. The manipulation of the argument remark leads to cross site scripting. The...

5.1CVSS3.6AI score0.00308EPSS
Exploits0References5
Cvelist
Cvelist
added 2025/01/05 3:0 p.m.40 views

CVE-2025-0221 IOBit Protected Folder IOCTL pffilter.sys 0x22200c null pointer dereference

A vulnerability has been found in IOBit Protected Folder up to 1.3.0 and classified as problematic. This vulnerability affects the function 0x22200c in the library pffilter.sys of the component IOCTL Handler. The manipulation leads to null pointer dereference. The attack needs to be approached...

6.8CVSS0.00349EPSS
Exploits1References4
Rows per page
Query Builder