332 matches found
CVE-2025-11426
A security flaw has been discovered in projectworlds Advanced Library Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /editbook.php. The manipulation of the argument image results in unrestricted upload. It is possible to launch the attack remotely. T...
CVE-2025-61198
A stored cross-site scripting XSS vulnerability in Optimod 5950 - Optimod 5950HD - Optimod 5750 - Optimod 5750HD - Optimod Trio - Optimod version 1.0.0.33 - System version 2.5.26, allows remote attackers to execute arbitrary JavaScript in the web browser of a user, by including a malicious payloa...
EUVD-2022-46271
Malicious code in bioql PyPI...
EUVD-2022-52889
Malicious code in bioql PyPI...
EUVD-2025-27192
Malicious code in bioql PyPI...
EUVD-2023-44265
Malicious code in bioql PyPI...
EUVD-2022-46174
Malicious code in bioql PyPI...
EUVD-2022-32515
Malicious code in bioql PyPI...
EUVD-2022-46392
Malicious code in bioql PyPI...
EUVD-2025-24675
Malicious code in bioql PyPI...
EUVD-2025-29613
Malicious code in bioql PyPI...
EUVD-2022-45158
Malicious code in bioql PyPI...
EUVD-2025-30810
Malicious code in bioql PyPI...
EUVD-2022-53249
Malicious code in bioql PyPI...
EUVD-2022-40896
Malicious code in bioql PyPI...
EUVD-2025-32370
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the...
PT-2025-38719
Name of the Vulnerable Software and Affected Versions PHPGurukul Park Ticketing Management System version 2.0 Description A SQL Injection issue exists in the foreigner-bwdates-reports-details.php file. This allows remote attackers to execute arbitrary SQL code through the fromdate parameter in a...
PT-2025-37447
Name of the Vulnerable Software and Affected Versions: 1000projects Online Student Project Report Submission and Evaluation System version 1.0 Description: A vulnerability was determined in 1000projects Online Student Project Report Submission and Evaluation System 1.0. The affected element is an...
CVE-2025-40695
Stored Cross Site Scripting in Online Fire Reporting System v1.2 by PHPGurukul, that consists in a stored authenticated XSS due to the lack of propper validation of user inputs 'remark', 'status' and 'takeaction' parameters via POST at the endpoint '/ofrs/admin/request-details.php'. This...
kernel: scsi: lpfc: Use memcpy() for BIOS version
In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Use memcpy for BIOS version The strlcat with FORTIFY support is triggering a panic because it thinks the target buffer will overflow although the correct target buffer size is passed in. Anyway, instead of memset with...