3636 matches found
PT-2025-46425
Name of the Vulnerable Software and Affected Versions IntelR Processor Identification Utility versions prior to 8.0.43 Description An uncontrolled search path exists in the IntelR Processor Identification Utility before version 8.0.43. This issue, occurring within Ring 3 User Applications, may...
PT-2025-46417
Name of the Vulnerable Software and Affected Versions IntelR PresentMon versions prior to 2.3.1 Description The software has default permissions that, in some cases, may allow for an escalation of privilege. An unprivileged software adversary with an authenticated user and a high complexity attac...
PT-2025-46397
Name of the Vulnerable Software and Affected Versions IntelR CIP software versions prior to WIN DCA 2.4.0.11001 Description The software contains a flaw due to unrestricted file upload of a dangerous type within Ring 3 User Applications. This could allow an unprivileged software adversary, combin...
PT-2025-46436
Name of the Vulnerable Software and Affected Versions IntelR PROSet/Wireless WiFi Software for Windows versions prior to 23.160 Description An out-of-bounds read issue exists in some IntelR PROSet/Wireless WiFi Software for Windows. This flaw, located within Ring 2: Device Drivers, could allow fo...
CVE-2025-12919
A vulnerability was detected in EverShop up to 2.0.1. Affected is an unknown function of the file /src/modules/oms/graphql/types/Order/Order.resolvers.js of the component Order Handler. The manipulation of the argument uuid results in improper control of resource identifiers. The attack may be...
CVE-2025-12918
A security flaw has been discovered in yungifez Skuul School Management System up to 2.6.5. The impacted element is an unknown function of the file /dashboard/fees/fee-invoices/ of the component View Fee Invoice. Performing manipulation of the argument invoiceid results in improper control of...
CVE-2025-12915
A vulnerability was found in 70mai X200 up to 20251019. This issue affects some unknown processing of the component Init Script Handler. The manipulation results in file inclusion. The attack requires a local approach. A high complexity level is associated with this attack. The exploitability is...
Important: containerd
Issue Overview: net/url: insufficient validation of bracketed IPv6 hostnames The Parse function permitted values other than IPv6 addresses to be included in square brackets within the host component of a URL. RFC 3986 permits IPv6 addresses to be included within the host component, enclosed withi...
Important: amazon-cloudwatch-agent
Issue Overview: net/url: insufficient validation of bracketed IPv6 hostnames The Parse function permitted values other than IPv6 addresses to be included in square brackets within the host component of a URL. RFC 3986 permits IPv6 addresses to be included within the host component, enclosed withi...
Important: golist
Issue Overview: net/url: insufficient validation of bracketed IPv6 hostnames The Parse function permitted values other than IPv6 addresses to be included in square brackets within the host component of a URL. RFC 3986 permits IPv6 addresses to be included within the host component, enclosed withi...
Important: docker
Issue Overview: net/url: insufficient validation of bracketed IPv6 hostnames The Parse function permitted values other than IPv6 addresses to be included in square brackets within the host component of a URL. RFC 3986 permits IPv6 addresses to be included within the host component, enclosed withi...
EUVD-2025-38720
A vulnerability was detected in EverShop up to 2.0.1. Affected is an unknown function of the file /src/modules/oms/graphql/types/Order/Order.resolvers.js of the component Order Handler. The manipulation of the argument uuid results in improper control of resource identifiers. The attack may be...
Skuul School Management System has an Insecure Direct Object Reference (IDOR) Vulnerability in View Fee Invoice
A security flaw has been discovered in yungifez Skuul School Management System up to 2.6.5. The impacted element is an unknown function of the file /dashboard/fees/fee-invoices/ of the component View Fee Invoice. Performing manipulation of the argument invoiceid results in improper control of...
CVE-2025-12918
A security flaw has been discovered in yungifez Skuul School Management System up to 2.6.5. The impacted element is an unknown function of the file /dashboard/fees/fee-invoices/ of the component View Fee Invoice. Performing manipulation of the argument invoiceid results in improper control of...
CVE-2025-12918
A security flaw has been discovered in yungifez Skuul School Management System up to 2.6.5. The impacted element is an unknown function of the file /dashboard/fees/fee-invoices/ of the component View Fee Invoice. Performing manipulation of the argument invoiceid results in improper control of...
EUVD-2025-38439
A vulnerability was found in 70mai X200 up to 20251019. This issue affects some unknown processing of the component Init Script Handler. The manipulation results in file inclusion. The attack requires a local approach. A high complexity level is associated with this attack. The exploitability is...
PT-2025-45577
Name of the Vulnerable Software and Affected Versions yungifez Skuul School Management System versions up to 2.6.5 Description A security flaw exists in yungifez Skuul School Management System. Manipulation of the invoice id argument within an unknown function of the /dashboard/fees/fee-invoices/...
CVE-2025-12915
A vulnerability was found in 70mai X200 up to 20251019. This issue affects some unknown processing of the component Init Script Handler. The manipulation results in file inclusion. The attack requires a local approach. A high complexity level is associated with this attack. The exploitability is...
CVE-2025-12915
A vulnerability was found in 70mai X200 up to 20251019. This issue affects some unknown processing of the component Init Script Handler. The manipulation results in file inclusion. The attack requires a local approach. A high complexity level is associated with this attack. The exploitability is...
CVE-2025-12915 70mai X200 Init Script file inclusion
A vulnerability was found in 70mai X200 up to 20251019. This issue affects some unknown processing of the component Init Script Handler. The manipulation results in file inclusion. The attack requires a local approach. A high complexity level is associated with this attack. The exploitability is...