299 matches found
CVE-2025-53021
A session fixation flaw was found in Moodle. This flaw allows an unauthenticated attacker to hijack a user session via the sesskey parameter. This sesskey can be obtained without authentication and reused within the OAuth2 login flow, resulting in the victim's session being linked to the...
CVE-2025-52542
CVE-2025-52542 entry is rejected/not used and does not represent an active vulnerability.
CVE-2022-50151
In the Linux kernel, the following vulnerability has been resolved: usb: cdns3: fix random warning message when driver load Warning log: 4.141392 Unexpected gfp: 0x4 GFPDMA32. Fixing up to gfp: 0xa20 GFPATOMIC. Fix your code! 4.150340 CPU: 1 PID: 175 Comm: 1-0050 Not tainted...
CVE-2022-50155
In the Linux kernel, the following vulnerability has been resolved: mtd: parsers: ofpart: Fix refcount leak in bcm4908partitionsfwoffset offindnodebypath returns a node pointer with refcount incremented, we should use ofnodeput on it when not need anymore. Add missing ofnodeput to avoid refcount...
CVE-2022-50188
In the Linux kernel, the following vulnerability has been resolved: drm/meson: Fix refcount leak in mesonencoderhdmiinit offinddevicebynode takes reference, we should use putdevice to release it when not need anymore. Add missing putdevice in error path to avoid refcount leak...
CVE-2022-50035
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix use-after-free on amdgpubolist mutex If amdgpucsvmhandling returns r != 0, then it will unlock the bolistmutex inside the function amdgpucsvmhandling and again on amdgpucsparserfini. This problem results in the...
CVE-2025-22239
creationtimestamp| type| source ---|---|--- 2025-06-13 07:28:23+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lrhvusbskwj2 2025-06-13 07:33:13+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/18274 2025-06-13 07:34:25+00:00| seen|...
CVE-2025-49199
The backup ZIPs are not signed by the application, leading to the possibility that an attacker can download a backup ZIP, modify and re-upload it. This allows the attacker to disrupt the application by configuring the services in a way that they are unable to run, making the application unusable...
CVE-2025-47117
creationtimestamp| type| source ---|---|--- 2025-06-11 02:09:08+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lrcda6dasr2m...
CVE-2025-47962
Improper access control in Windows SDK allows an authorized attacker to elevate privileges locally...
CVE-2025-4275
creationtimestamp| type| source ---|---|--- 2025-06-10 15:00:07+00:00| published-proof-of-concept| Telegram/8EUjxo2TKnaloL5sHaUwdkIT6hd-NYIBKLtGdVmZMYPI04s 2025-06-10 21:39:32+00:00| seen| https://bsky.app/profile/r-blueteamsec.bsky.social/post/3lrbu63qcab2t 2025-06-10 22:53:44+00:00| seen|...
CVE-2025-5694
A vulnerability was found in PHPGurukul Human Metapneumovirus Testing Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /search-report-result.php. The manipulation of the argument serachdata leads to sql injection. The attack ma...
CVE-2025-46258
creationtimestamp| type| source ---|---|--- 2025-06-05 18:54:08+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lquylr3voa2r...
CVE-2025-0325
A Guard Tour VAPIX API parameter allowed the use of arbitrary values and can be incorrectly called, allowing an attacker to block access to the guard tour configuration page in the web interface of the Axis device...
PT-2025-23362 · Undefined · Undefined
CVE-2025-48874 Rejected reason https://t.co/6JBZG1BlPO...
CVE-2025-48292
creationtimestamp| type| source ---|---|--- 2025-05-23 14:58:26+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lptvecznnh2m...
CVE-2024-22809
Incorrect access control in Tormach xsTECH CNC Router, PathPilot Controller v2.9.6 allows attackers to access the G code's shared folder and view sensitive information...
CVE-2024-27612
Numbas editor before 7.3 mishandles editing of themes and extensions...
CVE-2024-27861
The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15. An application may be able to read restricted memory...
CVE-2024-48703
PhpGurukul Medical Card Generation System v1.0 is vulnerable to Cross Site Scripting XSS in /admin/search-medicalcard.php via the searchdata parameter...