Lucene search
K

946 matches found

Vulnrichment
Vulnrichment
added 2025/08/11 2:32 p.m.2 views

CVE-2025-8859 code-projects eBlog Site File Upload save-slider.php unrestricted upload

A vulnerability was identified in code-projects eBlog Site 1.0. Affected by this vulnerability is an unknown functionality of the file /native/admin/save-slider.php of the component File Upload Module. The manipulation leads to unrestricted upload. The attack can be launched remotely. The exploit...

6.5CVSS7.1AI score0.00325EPSS
Exploits1References5
OSV
OSV
added 2025/08/11 1:15 p.m.4 views

UBUNTU-CVE-2025-8845

A vulnerability was identified in NASM Netwide Assember 2.17rc0. This issue affects the function assemblefile of the file nasm.c. The manipulation leads to stack-based buffer overflow. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be...

7.8CVSS5.9AI score0.00268EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2025/08/11 12:0 a.m.6 views

PT-2025-32535 · Unknown · Zlt2000 Microservices-Platform

Name of the Vulnerable Software and Affected Versions: zlt2000 microservices-platform versions through 6.0.0 Description: A vulnerability exists in the Upload function located in zlt-business/file-center/src/main/java/com/central/file/controller/FileController.java. This manipulation allows for...

6.5CVSS6.8AI score0.00298EPSS
Exploits1References9
Positive Technologies
Positive Technologies
added 2025/08/11 12:0 a.m.9 views

PT-2025-32547 · Wukongopensource · Wukongcrm

Name of the Vulnerable Software and Affected Versions: WuKongOpenSource WukongCRM version 11.0 Description: A vulnerability exists in WuKongOpenSource WukongCRM 11.0, specifically within an unknown part of the /adminFile/upload file of the API Response Handler component. This allows for informati...

5.3CVSS6.9AI score0.0035EPSS
Exploits1References9
NVD
NVD
added 2025/08/03 2:15 p.m.7 views

CVE-2025-8512

A vulnerability, which was classified as problematic, has been found in TVB Big Big Shop App 2.9.0 on Android. This issue affects some unknown processing of the file AndroidManifest.xml of the component hk.com.tvb.bigbigshop. The manipulation leads to improper export of android application...

5.3CVSS0.00123EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/07/31 5:2 a.m.2 views

CVE-2025-8367 Portabilis i-Educar funcionario_vinculo_lst.php cross site scripting

A vulnerability classified as problematic has been found in Portabilis i-Educar 2.9. This affects an unknown part of the file /intranet/funcionariovinculolst.php. The manipulation of the argument nome leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has...

5.3CVSS4.2AI score0.00386EPSS
Exploits1References5
CVE
CVE
added 2025/07/18 3:2 p.m.24 views

CVE-2025-7788

CVE-2025-7788 affects Xuxueli xxl-job up to 3.1.1. The vulnerable component is the commandJobHandler function in SampleXxlJob.java, enabling OS command injection with remote access. Exploit-public disclosures exist. Remediation: upgrade to a version beyond 3.1.1 and, as a workaround, restrict acc...

8.8CVSS7.2AI score0.05421EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2025/07/14 11:15 a.m.3 views

CVE-2025-7595

A vulnerability was found in code-projects Job Diary 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /view-cad.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the...

9.8CVSS5.8AI score0.00396EPSS
Exploits1References5
OSV
OSV
added 2025/07/07 4:15 p.m.7 views

CVE-2025-7135

A vulnerability, which was classified as critical, has been found in Campcodes Online Recruitment Management System 1.0. This issue affects some unknown processing of the file /admin/ajax.php?action=savevacancy. The manipulation of the argument ID leads to sql injection. The attack may be initiat...

9.8CVSS5.8AI score0.00399EPSS
Exploits1References5
Cvelist
Cvelist
added 2025/07/06 8:32 p.m.9 views

CVE-2025-7093 Belkin F9K1122 webs formSetLanguage stack-based overflow

A vulnerability was found in Belkin F9K1122 1.00.33. It has been declared as critical. Affected by this vulnerability is the function formSetLanguage of the file /goform/formSetLanguage of the component webs. The manipulation of the argument webpage leads to stack-based buffer overflow. The attac...

9CVSS0.04092EPSS
Exploits1References5
NVD
NVD
added 2025/07/06 2:15 p.m.12 views

CVE-2025-7080

A vulnerability, which was classified as problematic, was found in Done-0 Jank up to 322caebbad10568460364b9667aa62c3080bfc17. Affected is an unknown function of the file internal/utils/jwtutils.go of the component JWT Token Handler. The manipulation of the argument accessSecret/refreshSecret wit...

6.3CVSS0.00353EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/06/22 12:0 a.m.7 views

PT-2025-26549 · Unknown · Code-Projects Online Bidding System

Name of the Vulnerable Software and Affected Versions: code-projects Online Bidding System version 1.0 Description: A critical vulnerability was found in the code-projects Online Bidding System. The vulnerability affects an unknown functionality of the file /administrator. The manipulation of the...

9.8CVSS7.5AI score0.00394EPSS
Exploits1References11
Debian CVE
Debian CVE
added 2025/06/19 4:31 p.m.5 views

CVE-2025-6270

A vulnerability, which was classified as critical, has been found in HDF5 up to 1.14.6. Affected by this issue is the function H5FSsectfindnode of the file H5FSsection.c. The manipulation leads to heap-based buffer overflow. It is possible to launch the attack on the local host. The exploit has...

5.3CVSS5.1AI score0.00209EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/23 10:27 a.m.6 views

CVE-2024-7904

A vulnerability was found in DedeBIZ 6.3.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file admin/filemanagecontrol.php of the component File Extension Handler. The manipulation of the argument upfile1 leads to unrestricted upload. The attack may be...

8.8CVSS6.8AI score0.00665EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/23 2:33 a.m.14 views

CVE-2023-3599

A vulnerability was found in SourceCodester Best Fee Management System 1.0. It has been rated as critical. Affected by this issue is the function saveuser of the file adminclass.php of the component Add User Handler. The manipulation leads to improper access controls. The attack may be launched...

9.8CVSS6.9AI score0.0072EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/08 5:5 a.m.22 views

CVE-2025-4323

A vulnerability, which was classified as problematic, has been found in MRCMS 3.1.2. Affected by this issue is some unknown functionality of the component Edit Article Page. The manipulation of the argument Title leads to cross site scripting. The attack may be launched remotely. The exploit has...

5.4CVSS6.2AI score0.0026EPSS
Exploits1References1
OSV
OSV
added 2025/04/14 3:15 a.m.8 views

PYSEC-2025-171

A vulnerability, which was classified as critical, was found in Open Asset Import Library Assimp 5.4.3. Affected is the function Assimp::MD3Importer::ValidateSurfaceHeaderOffsets of the file code/AssetLib/MD3/MD3Loader.cpp of the component File Handler. The manipulation leads to heap-based buffer...

3.3CVSS5.9AI score0.00244EPSS
Exploits1References5
NVD
NVD
added 2025/03/31 5:15 p.m.14 views

CVE-2025-3003

A vulnerability, which was classified as critical, was found in ESAFENET CDG 3. Affected is an unknown function of the file /CDGServer3/UserAjax. The manipulation of the argument Username leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the...

6.5CVSS0.00301EPSS
Exploits0References4
CVE
CVE
added 2025/03/31 2:31 p.m.80 views

CVE-2025-2999

CVE-2025-2999 affects PyTorch 2.6.0, specifically the function torch.nn.utils.rnn.unpack_sequence, where manipulation leads to memory corruption. Exploitation requires local access; the exploit has been disclosed publicly. Multiple external sources in connected documents corroborate the local att...

5.3CVSS5.3AI score0.00185EPSS
Exploits0References5Affected Software1
PyPA
PyPA
added 2025/03/10 1:15 p.m.14 views

PYSEC-2025-190

A vulnerability was found in PyTorch 2.6.0+cu124. It has been rated as problematic. Affected by this issue is the function nnqSigmoid of the component Quantized Sigmoid Module. The manipulation of the argument scale/zeropoint leads to improper initialization. The attack needs to be approached...

2.5CVSS4.1AI score0.00235EPSS
Exploits1References6Affected Software1
Rows per page
Query Builder