CVE-2025-15232

A vulnerability was identified in Tenda M3 1.0.0.134903. This vulnerability affects the function formSetAdPushInfo of the file /goform/setAdPushInfo. The manipulation of the argument mac/terminal leads to stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit ...

EUVD-2025-19327

Malicious code in bioql PyPI...

EUVD-2024-33954

Malicious code in bioql PyPI...

EUVD-2024-47702

Malicious code in bioql PyPI...

EUVD-2025-7310

Malicious code in bioql PyPI...

CVE-2025-9052

Summary: CVE-2025-9052 affects projectworlds Travel Management System 1.0. A vulnerability exists in the /updatepackage.php file where manipulating the s1 parameter enables SQL injection. The issue is exploitable remotely, and public exploitation information is available. Multiple connected sourc...

PT-2025-31910 · Unknown · Atjiu Pybbs

Name of the Vulnerable Software and Affected Versions: atjiu pybbs versions up to 6.0.0 Description: A critical issue exists in atjiu pybbs up to version 6.0.0 related to weak password requirements in the update function of the file...

CVE-2025-7601

A vulnerability has been found in PHPGurukul Online Library Management System 3.0 and classified as problematic. This vulnerability affects unknown code of the file /admin/student-history.php. The manipulation of the argument stdid leads to cross site scripting. The attack can be initiated...

CVE-2025-0480

A vulnerability classified as problematic has been found in wuzhicms 4.1.0. This affects the function test of the file coreframe/app/search/admin/config.php. The manipulation of the argument sphinxhost/sphinxport leads to server-side request forgery. It is possible to initiate the attack remotely...

CVE-2025-4838 kanwangzjm Funiture Login LoginServlet.java doPost redirect

A vulnerability, which was classified as problematic, was found in kanwangzjm Funiture up to 71ca0fb0658b3d839d9e049ac36429207f05329b. Affected is the function doPost of the file /funiture-master/src/main/java/com/app/mvc/acl/servlet/LoginServlet.java of the component Login. The manipulation of t...

CVE-2025-4184

Multiple connected sources confirm CVE-2025-4184 affects PCMan FTP Server 2.0.7, arising from the QUOTE Command Handler. The issue is a buffer overflow, with remote attack potential and publicly disclosed exploit details. Public fix status is not documented in the provided references; at least on...

CVE-2025-3340

A vulnerability, which was classified as critical, has been found in codeprojects Online Restaurant Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/comboupdate.php. The manipulation of the argument ID leads to sql injection. The attack may be launche...

Eterm 0.8.10 rxvt 2.6.1 PuTTY 0.48 X11R6 3.3.34.0 - Denial of Service

Eterm 0.8.10 rxvt 2.6.1 PuTTY 0.48 X11R6 3.3.34.0 - Denial of Service // source: https://www.securityfocus.com/bid/1298/info xterm is a popular X11-based terminal emulator. If VT control-characters are displayed in the xterm, they can be interpreted and used to cause a denial of service attack...