EUVD-2025-5855

Malicious code in bioql PyPI...

EUVD-2025-7546

Malicious code in bioql PyPI...

CVE-2025-8544

CVE-2025-8544 affects Portabilis i-Educar 2.10. The vulnerable component is an unknown functionality in the file /module/RegraAvaliacao/edit , where manipulation of the parameter nome leads to cross-site scripting (XSS) . The issue can be exploited remotely, and the exploit has been publicly disc...

CVE-2025-6694

A vulnerability has been found in LabRedesCefetRJ WeGIA 3.4.0 and classified as problematic. This vulnerability affects unknown code of the file /html/matPat/adicionarunidade.php of the component Adicionar Unidade. The manipulation of the argument Insira a nova unidade leads to cross site...

CVE-2025-6699

CVE-2025-6699 affects LabRedesCefetRJ WeGIA 3.4.0, specifically the component Cadastro de Funcionário and file /html/funcionario/cadastro_funcionario.php . The vulnerability arises from manipulation of the Nome/Sobrenome parameter, resulting in a reflected XSS that can be triggered remotely. The ...

CVE-2025-5544

CVE-2025-5544 affects aaluoxiang oa_system up to version 5b445a6227b51cee287bd0c7c33ed94b801a82a5. The vulnerability is in the image function of src/main/java/cn/gson/oasys/controller/user/UserpanelController.java, enabling path traversal. Exploitation is remote and has been publicly disclosed. N...

CVE-2025-5324 TechPowerUp GPU-Z 0x8000645C IOCTL GPU-Z.sys sub_140001880 memory leak

A vulnerability, which was classified as problematic, was found in TechPowerUp GPU-Z 2.23.0. Affected is the function sub140001880 in the library GPU-Z.sys of the component 0x8000645C IOCTL Handler. The manipulation leads to memory leak. It is possible to launch the attack on the local host. The...

CVE-2024-10501

A vulnerability, which was classified as critical, was found in ESAFENET CDG 5. This affects the function findById of the file /com/esafenet/servlet/document/ExamCDGDocService.java. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The...

CVE-2025-1807 Eastnets PaymentSafe Edit Manual Reply directRouter.rfc cross site scripting

A vulnerability, which was classified as problematic, was found in Eastnets PaymentSafe 2.5.26.0. This affects an unknown part of the file /directRouter.rfc of the component Edit Manual Reply Handler. The manipulation of the argument Title leads to basic cross site scripting. It is possible to...

PT-2024-17626 · Unknown · 1000 Projects Attendance Tracking Management System

Name of the Vulnerable Software and Affected Versions: 1000 Projects Attendance Tracking Management System version 1.0 Description: A critical vulnerability has been found in the system, affecting an unknown function of the file /admin/check admin login.php. The manipulation of the admin user nam...

CVE-2024-11489 115cms file.html cross site scripting

A vulnerability was found in 115cms up to 20240807. It has been classified as problematic. Affected is an unknown function of the file /index.php/admin/web/file.html. The manipulation of the argument ks leads to cross site scripting. It is possible to launch the attack remotely. The exploit has...

Linux Kernel ksmbd Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Linux Kernel. Authentication may or may not be required to exploit this vulnerability, depending upon configuration. Furthermore, only systems with ksmbd enabled are vulnerable. The specific...

CVE-2024-3129 SourceCodester Image Accordion Gallery App add-image.php unrestricted upload

A vulnerability was found in SourceCodester Image Accordion Gallery App 1.0. It has been classified as critical. This affects an unknown part of the file /endpoint/add-image.php. The manipulation of the argument imagename leads to unrestricted upload. It is possible to initiate the attack remotel...

Adobe Substance 3D Painter USD File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Substance 3D Painter. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...

Design/Logic Flaw

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader 11.2.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...

Design/Logic Flaw

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw...

Design/Logic Flaw

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw...

Design/Logic Flaw

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw...

CVE-2021-34887

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...

Design/Logic Flaw

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Reader 10.1.1.37576. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...