Lucene search
K

74 matches found

CVE
CVE
added 2025/06/20 9:0 a.m.20 views

CVE-2025-6323

The CVE-2025-6323 entry describes a SQL injection flaw in PHPGurukul Pre-School Enrollment System 1.0, in the file /enrollment.php, triggered by the fathername parameter. Root cause: lack of input validation/unsafe concatenation enables remote attacker to modify SQL statements. Impact: potential ...

9.8CVSS7.5AI score0.00394EPSS
Exploits1References5Affected Software1
NVD
NVD
added 2025/06/03 6:15 p.m.10 views

CVE-2025-5520

A vulnerability was found in Open5GS up to 2.7.3. It has been classified as problematic. Affected is the function gmmstateauthentication/emmstateauthentication of the component AMF/MME. The manipulation leads to reachable assertion. It is possible to launch the attack remotely. The exploit has be...

6.9CVSS0.00745EPSS
Exploits1References7
OSV
OSV
added 2025/05/26 1:0 p.m.2 views

CVE-2025-5186 thinkgem JeeSite URI Scheme form ResourceLoader.getResource server-side request forgery

A vulnerability was found in thinkgem JeeSite up to 5.11.1. It has been rated as critical. Affected by this issue is the function ResourceLoader.getResource of the file /cms/fileTemplate/form of the component URI Scheme Handler. The manipulation of the argument Name leads to server-side request...

5.3CVSS6.2AI score0.00387EPSS
Exploits1References6
RedhatCVE
RedhatCVE
added 2025/05/23 11:56 a.m.14 views

CVE-2025-0870

A vulnerability was found in Axiomatic Bento4 up to 1.6.0-641. It has been rated as critical. Affected by this issue is the function AP4DataBuffer::GetData in the library Ap4DataBuffer.h. The manipulation leads to heap-based buffer overflow. The attack may be launched remotely. The complexity of ...

6.3CVSS7AI score0.00536EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:41 a.m.9 views

CVE-2023-0659

A vulnerability was found in BDCOM 1704-WGL 2.0.6314. It has been classified as critical. This affects an unknown part of the file /param.file.tgz of the component Backup File Handler. The manipulation leads to information disclosure. It is possible to initiate the attack remotely. The identifier...

7.5CVSS5.7AI score0.00723EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:13 a.m.5 views

CVE-2023-2220

A vulnerability was found in Dream Technology mica up to 3.0.5. It has been classified as problematic. Affected is an unknown function of the component Form Object Handler. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. VDB-226986 is the identifier...

6.1CVSS5.9AI score0.00613EPSS
Exploits1References1
OSV
OSV
added 2025/04/30 3:16 p.m.6 views

CVE-2025-4122

A vulnerability was found in Netgear JWNR2000v2 1.0.0.11. It has been rated as critical. Affected by this issue is the function sub435E04. The manipulation of the argument host leads to command injection. The attack may be launched remotely. The vendor was contacted early about this disclosure bu...

8.8CVSS5.6AI score0.03145EPSS
Exploits0References5
CVE
CVE
added 2025/04/27 4:0 p.m.62 views

CVE-2025-3976

The CVE-2025-3976 entry affects PHPGurukul COVID19 Testing Management System v1.0, specifically the /new-user-testing.php endpoint. The vulnerability is an SQL injection caused by manipulation of the mobilenumber parameter, exploitable remotely. Multiple connected sources corroborate the affected...

9.8CVSS7.5AI score0.00414EPSS
Exploits0References5Affected Software1
NVD
NVD
added 2025/04/08 5:15 a.m.7 views

CVE-2025-3409

A vulnerability classified as critical has been found in Nothings stb up to f056911. This affects the function stbincludestring. The manipulation of the argument pathtoincludes leads to stack-based buffer overflow. It is possible to initiate the attack remotely. This product does not use...

8.8CVSS0.00492EPSS
Exploits0References3
OSV
OSV
added 2025/04/03 6:15 p.m.4 views

CVE-2025-3170

A vulnerability classified as critical has been found in Project Worlds Online Lawyer Management System 1.0. This affects an unknown part of the file /adminuser.php. The manipulation of the argument blockid/unblockid leads to sql injection. It is possible to initiate the attack remotely. The...

9.8CVSS5.8AI score0.00551EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2025/02/25 12:0 a.m.8 views

PT-2025-7804 · Benner · Benner Modernanet

Name of the Vulnerable Software and Affected Versions: Benner ModernaNet versions 1.1.0 and earlier Description: A critical issue has been found in Benner ModernaNet, affecting an unknown part of the file...

9.8CVSS7.6AI score0.0059EPSS
Exploits1References8
SUSE CVE
SUSE CVE
added 2025/02/12 3:49 a.m.4 views

SUSE CVE-2025-1152

A vulnerability classified as problematic has been found in GNU Binutils 2.43. Affected is the function xstrdup of the file xstrdup.c of the component ld. The manipulation leads to memory leak. It is possible to launch the attack remotely. The complexity of an attack is rather high. The...

3.3AI score0.00599EPSS
Exploits1References6
OSV
OSV
added 2025/02/10 5:15 p.m.6 views

DEBIAN-CVE-2025-1151

A vulnerability was found in GNU Binutils 2.43. It has been rated as problematic. This issue affects the function xmemdup of the file xmemdup.c of the component ld. The manipulation leads to memory leak. The attack may be initiated remotely. The complexity of an attack is rather high. The...

2.3CVSS3.3AI score0.00595EPSS
Exploits1References1
OSV
OSV
added 2025/01/29 8:15 p.m.9 views

AZL-56103 CVE-2025-0840 affecting package binutils for versions less than 2.37-11

A vulnerability, which was classified as problematic, was found in GNU Binutils up to 2.43. This affects the function disassemblebytes of the file binutils/objdump.c. The manipulation of the argument buf leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The...

7.5CVSS5.5AI score0.00732EPSS
Exploits1References1
OSV
OSV
added 2025/01/09 1:15 a.m.3 views

CVE-2024-13198

A vulnerability classified as problematic has been found in langhsu Mblog Blog System 3.5.0. Affected is an unknown function of the file /login. The manipulation leads to observable response discrepancy. It is possible to launch the attack remotely. The complexity of an attack is rather high. The...

6.3CVSS4.4AI score0.00668EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2024/10/31 12:0 a.m.9 views

PT-2024-16393 · Safenet · Esafenet Cdg

Name of the Vulnerable Software and Affected Versions: ESAFENET CDG 5 Description: A critical issue was found in ESAFENET CDG, affecting the function delEntryptPolicySort of the file /com/esafenet/servlet/system/EncryptPolicyTypeService.java. The manipulation of the argument id leads to SQL...

8.8CVSS7.3AI score0.00543EPSS
Exploits1References11
Microsoft CVE
Microsoft CVE
added 2024/10/23 7:0 a.m.5 views

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.39 and prior 8.4.2 and prior and 9.0.1 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

...

4.9CVSS6.7AI score0.01021EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2024/08/17 2:0 a.m.4 views

SUSE CVE-2024-7272

A vulnerability, which was classified as critical, was found in FFmpeg up to 5.1.5. This affects the function fillaudiodata of the file /libswresample/swresample.c. The manipulation leads to heap-based buffer overflow. It is possible to initiate the attack remotely. This issue was fixed in versio...

8.8CVSS6.2AI score0.01132EPSS
Exploits1References3
OSV
OSV
added 2024/08/15 8:15 p.m.4 views

CVE-2024-7838

A vulnerability was found in itsourcecode Online Food Ordering System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /addcategory.php. The manipulation of the argument cname leads to sql injection. The attack may be launched remotely. The...

9.8CVSS6.9AI score0.00606EPSS
Exploits1References4
OSV
OSV
added 2024/07/31 11:15 a.m.5 views

CVE-2024-7320

A vulnerability classified as critical has been found in itsourcecode Online Blood Bank Management System 1.0. This affects an unknown part of the file /admin/index.php of the component Admin Login. The manipulation of the argument user leads to sql injection. It is possible to initiate the attac...

9.8CVSS5.7AI score0.00742EPSS
Exploits1References4
Rows per page
Query Builder