910 matches found
CVE-2025-2913
A vulnerability was found in HDF5 up to 1.14.6. It has been rated as critical. Affected by this issue is the function H5FLblkgclist of the file src/H5FL.c. The manipulation of the argument H5FLblkheadt leads to use after free. An attack has to be approached locally. The exploit has been disclosed...
CVE-2025-2913
A vulnerability was found in HDF5 up to 1.14.6. It has been rated as critical. Affected by this issue is the function H5FLblkgclist of the file src/H5FL.c. The manipulation of the argument H5FLblkheadt leads to use after free. An attack has to be approached locally. The exploit has been disclosed...
DEBIAN-CVE-2025-2309
A vulnerability has been found in HDF5 1.14.6 and classified as critical. This vulnerability affects the function H5Tbitcopy of the component Type Conversion Logic. The manipulation leads to heap-based buffer overflow. Local access is required to approach this attack. The exploit has been disclos...
DEBIAN-CVE-2025-2310
A vulnerability was found in HDF5 1.14.6 and classified as critical. This issue affects the function H5MMstrndup of the component Metadata Attribute Decoder. The manipulation leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the public and...
CVE-2025-2123 GeSHi CSS cssgen.php get_var cross site scripting
A vulnerability, which was classified as problematic, has been found in GeSHi up to 1.0.9.1. Affected by this issue is the function getvar of the file /contrib/cssgen.php of the component CSS Handler. The manipulation of the argument...
CVE-2025-2061 code-projects Online Ticket Reservation System passenger.php cross site scripting
A vulnerability was found in code-projects Online Ticket Reservation System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file /passenger.php. The manipulation of the argument name leads to cross site scripting. The attack can be initiated remotely. The...
CVE-2025-1806 Eastnets PaymentSafe URL Default.aspx improper authorization
A vulnerability, which was classified as problematic, has been found in Eastnets PaymentSafe 2.5.26.0. Affected by this issue is some unknown functionality of the file /Default.aspx of the component URL Handler. The manipulation leads to improper authorization. The attack may be launched remotely...
UBUNTU-CVE-2025-1632
A vulnerability was found in libarchive up to 3.7.7. It has been classified as problematic. This affects the function list of the file bsdunzip.c. The manipulation leads to null pointer dereference. It is possible to launch the attack on the local host. The exploit has been disclosed to the publi...
CVE-2025-1632 libarchive bsdunzip.c list null pointer dereference
A vulnerability was found in libarchive up to 3.7.7. It has been classified as problematic. This affects the function list of the file bsdunzip.c. The manipulation leads to null pointer dereference. It is possible to launch the attack on the local host. The exploit has been disclosed to the publi...
CVE-2025-1378
CVE-2025-1378 affects radare2 (library /libr/main/rasm2.c in the rasm2 component). The vulnerability is a local memory corruption in an unknown function, with exploitation requiring local access; the exploit has been disclosed publicly. A fix is available in radare2 6.0.0 (patch c6c772d2eab692ce7...
CVE-2025-1186
Dayrui XunRuiCMS (versions up to 4.6.4) contains a deserialization vulnerability in the /Control/Api/Api.php file triggered by manipulating the thumb parameter. This remote, publicly disclosed issue has been rated critical in multiple sources. The exact root cause is not detailed beyond the thumb...
CVE-2025-0559 Campcodes School Management Software Create Id Card Page create-id-card cross site scripting
A vulnerability, which was classified as problematic, has been found in Campcodes School Management Software 1.0. This issue affects some unknown processing of the file /create-id-card of the component Create Id Card Page. The manipulation of the argument ID Card Title leads to cross site...
CVE-2025-0398
A vulnerability has been found in longpi1 warehouse 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /resources/..;/inport/updateInport of the component Backend. The manipulation of the argument remark leads to cross site scripting. The...
CVE-2025-0221 IOBit Protected Folder IOCTL pffilter.sys 0x22200c null pointer dereference
A vulnerability has been found in IOBit Protected Folder up to 1.3.0 and classified as problematic. This vulnerability affects the function 0x22200c in the library pffilter.sys of the component IOCTL Handler. The manipulation leads to null pointer dereference. The attack needs to be approached...
CVE-2025-0212
A vulnerability was found in Campcodes Student Grading System 1.0. It has been classified as critical. This affects an unknown part of the file /viewstudents.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...
CVE-2025-0172
A vulnerability has been found in code-projects Chat System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/deleteroom.php. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The exploit ha...
PT-2024-17892 · Unknown · Code-Projects Chat System
Name of the Vulnerable Software and Affected Versions: code-projects Chat System version 1.0 Description: A critical issue has been found in the code-projects Chat System, affecting the /admin/update user.php file. The manipulation of the id argument leads to SQL injection. This issue can be...
PT-2024-17694 · Fabulatech · Fabulatech Usb Over Network
Name of the Vulnerable Software and Affected Versions: FabulaTech USB over Network version 6.0.6.1 Description: A problematic vulnerability was found in the function 0x220408 of the library ftusbbus2.sys of the component IOCT Handler. The manipulation leads to null pointer dereference, requiring ...
CVE-2024-8863 aimhubio aim Text Explorer textbox.tsx dangerouslySetInnerHTML cross site scripting
A vulnerability, which was classified as problematic, was found in aimhubio aim up to 3.24. Affected is the function dangerouslySetInnerHTML of the file textbox.tsx of the component Text Explorer. The manipulation of the argument query leads to cross site scripting. It is possible to launch the...
PT-2024-38115 · NetGear · Netgear Wn604
Name of the Vulnerable Software and Affected Versions: Netgear WN604 up to 20240719 Description: A problematic vulnerability has been found, affecting an unknown function of the file siteSurvey.php. The manipulation leads to direct request and can be launched remotely. The exploit has been...