CVE-2025-48634

In relayoutWindow of WindowManagerService.java, there is a possible tapjack attack due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

EUVD-2025-208213

In relayoutWindow of WindowManagerService.java, there is a possible tapjack attack due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2025-48634

The CVE-2025-48634 entry involves Android’s WindowManagerService relayoutWindow where a missing permission check enables a local elevation-of-privilege (EoP) attack. The vulnerability can be exploited with no user interaction and does not require additional execution privileges. Connected documen...

USN-8067-1: Mailman vulnerability

It was discovered that Mailman incorrectly handled CSRF tokens. A remote list member or moderator could possibly use their own token to craft an admin request CSRF attack and set a new admin password or make other changes...

CVE-2026-28403

Textream is a free macOS teleprompter app. Prior to version 1.5.1, the DirectorServer WebSocket server ws://127.0.0.1: accepts connections from any origin without validating the HTTP Origin header during the WebSocket handshake. A malicious web page visited in the same browser session can silentl...

CVE-2026-28403 Textream Cross-Site WebSocket Hijacking (CSWSH) vulnerability

Textream is a free macOS teleprompter app. Prior to version 1.5.1, the DirectorServer WebSocket server ws://127.0.0.1: accepts connections from any origin without validating the HTTP Origin header during the WebSocket handshake. A malicious web page visited in the same browser session can silentl...

CVE-2025-50189 Chamilo: Error-based SQL Injection

Chamilo is a learning management system. Prior to version 1.11.30, the application performs insufficient validation of data coming from the user from the POST resourcedocumentSQLINJECTIONHERE and POST login parameters found in /main/coursecopy/copycoursesessionselected.php, which allows an attack...

CVE-2025-50188 Error-based SQL Injection in Chamilo LMS

Chamilo is a learning management system. Prior to version 1.11.30, the application performs insufficient validation of data coming from the user from the GET value parameter with the following scripts: /plugin/vchamilo/views/syncparams.php and /plugin/vchamilo/ajax/service.php, which allows an...

CVE-2025-58405

The CGM CLININET application does not implement any mechanisms that prevent clickjacking attacks, neither HTTP security headers nor HTML-based frame‑busting protections were detected. As a result, an attacker can embed the application inside a maliciously crafted IFRAME and trick users into...

CVE-2026-2584 SQL Injection in Ciser System SL firmware

A critical SQL Injection SQLi vulnerability has been identified in the authentication module of the system. An unauthenticated, remote attacker AV:N/PR:N can exploit this flaw by sending specially crafted SQL queries through the login interface. Due to low attack complexity AC:L and the absence o...

CVE-2026-3378

A flaw has been found in Tenda F453 1.0.0.3. This affects the function fromqossetting of the file /goform/qossetting. Executing a manipulation of the argument qos can lead to buffer overflow. The attack can be launched remotely. The exploit has been published and may be used...

Arbitrary Code Injection

Overview dbgpt is a DB-GPT is an experimental open-source project that uses localized GPT large models to interact with your data and environment. With this solution, you can beassured that there is no risk of data leakage, and your data is 100% private and secure. Affected versions of this packa...

CVE-2025-15597

A vulnerability has been found in Dataease SQLBot up to 1.4.0. This affects an unknown function of the file backend/apps/system/api/assistant.py of the component API Endpoint. Such manipulation leads to improper access controls. It is possible to launch the attack remotely. The exploit has been...

CVE-2025-15597 Dataease SQLBot API Endpoint assistant.py access control

A vulnerability has been found in Dataease SQLBot up to 1.4.0. This affects an unknown function of the file backend/apps/system/api/assistant.py of the component API Endpoint. Such manipulation leads to improper access controls. It is possible to launch the attack remotely. The exploit has been...

EUVD-2025-208144

A vulnerability has been found in Dataease SQLBot up to 1.4.0. This affects an unknown function of the file backend/apps/system/api/assistant.py of the component API Endpoint. Such manipulation leads to improper access controls. It is possible to launch the attack remotely. The exploit has been...

CVE-2026-3410 itsourcecode Society Management System check_studid.php sql injection

A weakness has been identified in itsourcecode Society Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/checkstudid.php. Executing a manipulation of the argument studentid can lead to sql injection. The attack may be launched remotely. The explo...

CVE-2026-3410 itsourcecode Society Management System check_studid.php sql injection

A weakness has been identified in itsourcecode Society Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/checkstudid.php. Executing a manipulation of the argument studentid can lead to sql injection. The attack may be launched remotely. The explo...

CVE-2026-3409 eosphoros-ai db-gpt Flow Import Endpoint import importlib.machinery.SourceFileLoader.exec_module code injection

A security flaw has been discovered in eosphoros-ai db-gpt 0.7.5. Affected is the function importlib.machinery.SourceFileLoader.execmodule of the file /api/v1/serve/awel/flow/import of the component Flow Import Endpoint. Performing a manipulation as part of File results in code injection. The...

CVE-2026-3407

A vulnerability was determined in YosysHQ yosys up to 0.62. This affects the function Yosys::RTLIL::Const::set of the file kernel/rtlil.h of the component BLIF File Parser. This manipulation causes heap-based buffer overflow. It is possible to launch the attack on the local host. The exploit has...

CVE-2026-3407 YosysHQ yosys BLIF File rtlil.h set heap-based overflow

A vulnerability was determined in YosysHQ yosys up to 0.62. This affects the function Yosys::RTLIL::Const::set of the file kernel/rtlil.h of the component BLIF File Parser. This manipulation causes heap-based buffer overflow. It is possible to launch the attack on the local host. The exploit has...