CVE-2025-9144

A weakness has been identified in Scada-LTS 2.7.8.1. This vulnerability affects unknown code of the file publisheredit.shtm. This manipulation of the argument Name causes cross site scripting. The attack can be initiated remotely. The exploit has been made available to the public and could be...

CVE-2025-9174

An os command injection flaw has been discovered in neurobin shc. The make function in the src/shc.c file does not properly handle user input, which may lead to command injection. This vulnerability requires local access in order to exploit. Mitigation Mitigation for this issue is either not...

CVE-2025-54118 NamelessMC allows sensitive information disclosure in member list component

NamelessMC is a free, easy to use & powerful website software for Minecraft servers. Sensitive information disclosure in NamelessMC before 2.2.4 allows unauthenticated remote attacker to gain sensitive information such as absolute path of the source code via list parameter. This vulnerability is...

CVE-2025-50594

An issue was discovered in /Code/Websites/DanpheEMR/Controllers/Settings/SecuritySettingsController.cs in Danphe Health Hospital Management System EMR 3.2 allowing attackers to reset any account password...

Linux Distros Unpatched Vulnerability : CVE-2017-9984

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The sndmsndinterrupt function in sound/isa/msnd/msndpinnacle.c in the Linux kernel through 4.11.7 allows local users to cause a denial of service over-boundary...

Linux Distros Unpatched Vulnerability : CVE-2019-19055

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A memory leak in the nl80211getftmresponderstats function in net/wireless/nl80211.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of...

CVE-2025-8752 wangzhixuan spring-shiro-training add command injection

A vulnerability was found in wangzhixuan spring-shiro-training up to 94812c1fd8f7fe796c931f4984ff1aa0671ab562. It has been declared as critical. This vulnerability affects unknown code of the file /role/add. The manipulation leads to command injection. The attack can be initiated remotely. The...

CVE-2025-38399 scsi: target: Fix NULL pointer dereference in core_scsi3_decode_spec_i_port()

In the Linux kernel, the following vulnerability has been resolved: scsi: target: Fix NULL pointer dereference in corescsi3decodespeciport The function corescsi3decodespeciport, in its error code path, unconditionally calls corescsi3lunaclundependitem passing the destsedeve pointer, which may be...

CVE-2024-7226

A vulnerability was found in SourceCodester Medicine Tracker System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file /classes/Users.php?f=saveuser of the component Password Change Handler. The manipulation leads to cross-site request forgery. The attac...

CVE-2023-3121

A vulnerability has been found in Dahua Smart Parking Management up to 20230528 and classified as problematic. This vulnerability affects unknown code of the file /ipms/imageConvert/image. The manipulation of the argument fileUrl leads to server-side request forgery. The exploit has been disclose...

PT-2025-20350 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability in the Linux kernel has been resolved, which was caused by a code path in dequeue entities that could set the slice of a sched entity to U64 MAX, resulting in a crash...

Missing Authentication for Critical Function

Overview langflow is an A Python package with a built-in web application Affected versions of this package are vulnerable to Missing Authentication for Critical Function at the /api/v1/validate/code endpoint, which allows an attacker to execute arbitrary code by sending malicious HTTP requests...

CVE-2024-53102

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

CVE-2024-11258

A vulnerability classified as critical was found in 1000 Projects Beauty Parlour Management System 1.0. This vulnerability affects unknown code of the file /admin/index.php. The manipulation of the argument username leads to sql injection. The attack can be initiated remotely. The exploit has bee...

Neuron 安全漏洞

Neuron is an Industrial Internet of Things IIoT connectivity server open-sourced by EMQ. Used for modern Big Data and AI/ML technologies to harness the power of Industry 4.0. A security vulnerability exists in Neuron version 2.10.0 and prior versions, which stems from a buffer overflow issue...

CVE-2024-10279

A vulnerability was found in ESAFENET CDG 5. It has been declared as critical. This vulnerability affects unknown code of the file /com/esafenet/servlet/policy/PrintPolicyService.java. The manipulation of the argument policyId leads to sql injection. The attack can be initiated remotely. The...

CVE-2024-8146

A vulnerability has been found in code-projects Pharmacy Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /index.php?action=editSalesman. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The...

SUSE CVE-2024-41098

In the Linux kernel, the following vulnerability has been resolved: ata: libata-core: Fix null pointer dereference on error If the ataportalloc call in atahostalloc fails, atahostrelease will get called. However, the code in atahostrelease tries to free ataport struct members unconditionally, whi...

CVE-2021-47528 usb: cdnsp: Fix a NULL pointer dereference in cdnsp_endpoint_init()

In the Linux kernel, the following vulnerability has been resolved: usb: cdnsp: Fix a NULL pointer dereference in cdnspendpointinit In cdnspendpointinit, cdnspringalloc is assigned to pep-ring and there is a dereference of it in cdnspendpointinit, which could lead to a NULL pointer dereference on...

CVE-2021-47275

A vulnerability was found in the Linux kernel's bcache driver, where the cacheddevcachemiss function can create an oversized read request when the calculation for the size of data read from the backing device produces an excessively large value, leading to potential kernel crash. Mitigation Red H...