4069 matches found
CVE-2025-4218
CVE-2025-4218 affects handrew browserpilot up to 0.2.51. The vulnerability lies in the GPTSeleniumAgent function (file browserpilot/browserpilot/agents/gpt_selenium_agent.py) where improper handling/manipulation of the instructions argument enables code injection. Exploitation is described as loc...
CVE-2025-4059
A vulnerability classified as critical was found in code-projects Prison Management System 1.0. This vulnerability affects the function addrecord of the component PrisonMgmtSys. The manipulation of the argument filename leads to stack-based buffer overflow. An attack has to be approached locally...
CVE-2025-4069
A vulnerability, which was classified as critical, has been found in code-projects Product Management System 1.0. Affected by this issue is the function additem. The manipulation of the argument st.productname leads to stack-based buffer overflow. An attack has to be approached locally. The explo...
CVE-2025-4068
A vulnerability classified as critical was found in code-projects Simple Movie Ticket Booking System 1.0. Affected by this vulnerability is the function changeprize. The manipulation of the argument prize leads to stack-based buffer overflow. The attack needs to be approached locally. The exploit...
CVE-2025-4069
The CVE-2025-4069 entry affects code-projects Product Management System 1.0, specifically the function add_item . The root cause is manipulation of the argument st.productname , which leads to a stack-based buffer overflow. Exploitation requires local access, and disclosures have been made public...
CVE-2025-4068
The CVE-2025-4068 entry concerns code-projects Simple Movie Ticket Booking System 1.0, with a vulnerable function changeprize. The root cause is a stack-based buffer overflow triggered by manipulating the prize argument; exploitation is LOCAL. Several connected sources corroborate this vulnerabil...
SUSE CVE-2025-46327
gosnowflake is the Snowflake Golang driver. Versions starting from 1.7.0 to before 1.13.3, are vulnerable to a Time-of-Check to Time-of-Use TOCTOU race condition. When using the Easy Logging feature on Linux and macOS, the Driver reads logging configuration from a user-provided file. On Linux and...
CVE-2025-4063
A vulnerability was found in code-projects Student Information Management System 1.0 and classified as critical. Affected by this issue is the function cancel. The manipulation of the argument firstname/lastname leads to stack-based buffer overflow. The attack needs to be approached locally. The...
CVE-2025-4063 code-projects Student Information Management System cancel stack-based overflow
A vulnerability was found in code-projects Student Information Management System 1.0 and classified as critical. Affected by this issue is the function cancel. The manipulation of the argument firstname/lastname leads to stack-based buffer overflow. The attack needs to be approached locally. The...
CVE-2025-4061 code-projects Clothing Store Management System add_item stack-based overflow
A vulnerability, which was classified as critical, was found in code-projects Clothing Store Management System up to 1.0. Affected is the function additem. The manipulation of the argument st.productname leads to stack-based buffer overflow. Attacking locally is a requirement. The exploit has bee...
CVE-2025-4059 code-projects Prison Management System Prison_Mgmt_Sys addrecord stack-based overflow
A vulnerability classified as critical was found in code-projects Prison Management System 1.0. This vulnerability affects the function addrecord of the component PrisonMgmtSys. The manipulation of the argument filename leads to stack-based buffer overflow. An attack has to be approached locally...
CVE-2025-4059
CVE-2025-4059 (code-projects Prison Management System 1.0, Prison_Mgmt_Sys addrecord) shows a stack-based buffer overflow caused by improper handling of the filename parameter. Multiple connected sources (CNVD, CNNVD, CVE records) confirm the vulnerability resides in addrecord and can be triggere...
CVE-2025-4059 code-projects Prison Management System Prison_Mgmt_Sys addrecord stack-based overflow
A vulnerability classified as critical was found in code-projects Prison Management System 1.0. This vulnerability affects the function addrecord of the component PrisonMgmtSys. The manipulation of the argument filename leads to stack-based buffer overflow. An attack has to be approached locally...
PT-2025-18118 · Unknown · Code-Projects Online Ticket Reservation System
Name of the Vulnerable Software and Affected Versions: code-projects Train Ticket Reservation System version 1.0 Description: A critical vulnerability was found in the function Reservation of the component Ticket Reservation. The manipulation of the argument Name leads to a stack-based buffer...
CVE-2025-3804
A vulnerability classified as critical has been found in thautwarm vscode-diana 0.0.1. Affected is an unknown function of the file Gen.py of the component Jinja2 Template Handler. The manipulation leads to injection. Attacking locally is a requirement. The exploit has been disclosed to the public...
SUSE CVE-2025-3908
The configuration initialization tool in OpenVPN 3 Linux v20 through v24 on Linux allows a local attacker to use symlinks pointing at an arbitrary directory which will change the ownership and permissions of that destination directory...
CVE-2025-3804
A vulnerability classified as critical has been found in thautwarm vscode-diana 0.0.1. Affected is an unknown function of the file Gen.py of the component Jinja2 Template Handler. The manipulation leads to injection. Attacking locally is a requirement. The exploit has been disclosed to the public...
CVE-2025-3804 thautwarm vscode-diana Jinja2 Template Gen.py injection
A vulnerability classified as critical has been found in thautwarm vscode-diana 0.0.1. Affected is an unknown function of the file Gen.py of the component Jinja2 Template Handler. The manipulation leads to injection. Attacking locally is a requirement. The exploit has been disclosed to the public...
CVE-2025-3804
CVE-2025-3804 affects thautwarm vscode-diana 0.0.1, specifically the Jinja2 Template Handler’s Gen.py component where an unknown function exposure enables injection. Local access is required; exploitation has been disclosed publicly. Multiple connected sources corroborate a critical issue with lo...
CVE-2025-3791
A vulnerability classified as critical was found in symisc UnQLite up to 957c377cb691a4f617db9aba5cc46d90425071e2. This vulnerability affects the function jx9MemObjStore of the file /data/src/benchmarks/unqlite/unqlite.c. The manipulation leads to heap-based buffer overflow. It is possible to...