CVE-2025-53623

The Job Iteration API is an an extension for ActiveJob that make jobs interruptible and resumable Versions prior to 1.11.0 have an arbitrary code execution vulnerability in the CsvEnumerator class. This vulnerability can be exploited by an attacker to execute arbitrary commands on the system wher...

CVE-2025-7533

A vulnerability was found in code-projects Job Diary 1.0 and classified as critical. This issue affects some unknown processing of the file /view-details.php. The manipulation of the argument jobid leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the...

CVE-2025-7508 code-projects Modern Bag product-update.php sql injection

A vulnerability, which was classified as critical, has been found in code-projects Modern Bag 1.0. Affected by this issue is some unknown functionality of the file /admin/product-update.php. The manipulation of the argument idProduct leads to sql injection. The attack may be launched remotely. Th...

CVE-2025-49530

Illustrator versions 28.7.6, 29.5.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2025-49532

Illustrator versions 28.7.6, 29.5.1 and earlier are affected by an Integer Underflow Wrap or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2025-30312

Dimension versions 4.1.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2025-21165

Substance3D - Designer versions 14.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2025-49724

Use after free in Windows Connected Devices Platform Service allows an unauthorized attacker to execute code over a network...

CVE-2025-49705

Heap-based buffer overflow in Microsoft Office PowerPoint allows an unauthorized attacker to execute code locally...

PT-2025-29170 · Unknown · Meshtastic

Name of the Vulnerable Software and Affected Versions: Meshtastic versions prior to 2.6.6 Description: Meshtastic is an open source mesh networking solution. The main matrix.yml GitHub Action is triggered by the pull request target event, which has extensive permissions and can be initiated by an...

PT-2025-29160 · Unknown · Code-Projects Library System

Name of the Vulnerable Software and Affected Versions: code-projects Library System version 1.0 Description: A critical vulnerability exists in code-projects Library System 1.0, allowing for unrestricted file upload. The issue is located in the /user/teacher/profile.php file, where manipulation o...

CVE-2025-47130

Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by an Integer Underflow Wrap or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious...

CVE-2025-49532

Illustrator versions 28.7.6, 29.5.1 and earlier are affected by an Integer Underflow Wrap or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2025-47121 Adobe Framemaker | Access of Uninitialized Pointer (CWE-824)

Adobe Framemaker versions 2020.8, 2022.6 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2025-49526

CVE-2025-49526 affects Adobe Illustrator versions 28.7.6, 29.5.1 and earlier. The issue is an out-of-bounds write (CWE-787) that can lead to arbitrary code execution in the context of the current user. Exploitation requires user interaction—victim must open a malicious file. Multiple connected so...

CVE-2025-21164

Substance3D - Designer versions 14.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2025-49735

CVE-2025-49735 describes a use-after-free vulnerability in Windows KDC Proxy Service (KPSSVC) that could allow remote code execution over the network. The entry is publicly tracked with a Network attack vector, high impact on confidentiality, integrity, and availability (CVSS v3.1 base score 8.1)...

CVE-2025-7184

CVE-2025-7184 affects code-projects Library System 1.0, specifically the file path /user/teacher/books.php. The vulnerability is a SQL injection triggered by manipulating the argument named Search ; exploitation is possible remotely and has been disclosed publicly. Multiple sources describe the r...

CVE-2025-40740

A vulnerability has been identified in Solid Edge SE2025 All versions V225.0 Update 5. The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the curre...

CVE-2025-7166

CVE-2025-7166 affects the code-projects Responsive Blog Site 1.0, with vulnerability in an unknown part of /single.php where manipulating the ID parameter leads to SQL injection. Multiple connected sources describe remote exploitation and public disclosure, implying exploitability in practice. Th...