CVE-2025-14221

A vulnerability was detected in SourceCodester Online Banking System 1.0. This impacts an unknown function of the file /?page=user. The manipulation of the argument First Name/Last Name results in cross site scripting. The attack can be launched remotely. The exploit is now public and may be used...

CVE-2025-14221 SourceCodester Online Banking System page cross site scripting

A vulnerability was detected in SourceCodester Online Banking System 1.0. This impacts an unknown function of the file /?page=user. The manipulation of the argument First Name/Last Name results in cross site scripting. The attack can be launched remotely. The exploit is now public and may be used...

CVE-2025-40314 usb: cdns3: gadget: Use-after-free during failed initialization and exit of cdnsp gadget

In the Linux kernel, the following vulnerability has been resolved: usb: cdns3: gadget: Use-after-free during failed initialization and exit of cdnsp gadget In the cdnspgadgetinit and cdnspgadgetexit functions, the gadget structure pdev-gadget was freed before its endpoints. The endpoints are...

PT-2025-49511

Name of the Vulnerable Software and Affected Versions SourceCodester Online Banking System version 1.0 Description A security issue exists in SourceCodester Online Banking System version 1.0. The manipulation of the First Name/Last Name argument in the /page=user file can lead to cross site...

SourceCodester Online Banking System 代码注入漏洞

SourceCodester Online Banking System is a SourceCodester open source online banking system. A code injection vulnerability exists in version 1.0 of the SourceCodester Online Banking System, which originates from the incorrect manipulation of the parameter First Name/Last Name in the file...

CVE-2024-58278

perl2exe = V30.10C contains an arbitrary code execution vulnerability that allows local authenticated attackers to execute malicious scripts. Attackers can control the 0th argument of packed executables to execute another executable, allowing them to bypass restrictions and gain unauthorized acce...

PT-2025-52881

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to the ALSA subsystem and the cs35l41 codec. Specifically, the cs35l41 hda read acpi function may experience a NULL pointer dereference if acpi...

EUVD-2025-201268

perl2exe = V30.10C contains an arbitrary code execution vulnerability that allows local authenticated attackers to execute malicious scripts. Attackers can control the 0th argument of packed executables to execute another executable, allowing them to bypass restrictions and gain unauthorized acce...

CVE-2024-58278

perl2exe = V30.10C contains an arbitrary code execution vulnerability that allows local authenticated attackers to execute malicious scripts. Attackers can control the 0th argument of packed executables to execute another executable, allowing them to bypass restrictions and gain unauthorized acce...

CVE-2024-58278 IndigoSTAR Software - perl2exe <= V30.10C - Arbitrary Code Execution

perl2exe = V30.10C contains an arbitrary code execution vulnerability that allows local authenticated attackers to execute malicious scripts. Attackers can control the 0th argument of packed executables to execute another executable, allowing them to bypass restrictions and gain unauthorized acce...

CVE-2025-40216

CVE-2025-40216 concerns Linux kernel code for io_uring/rsrc: the fix removes a flawed bit-mask/offset calculation that assumed user pointer alignment when coalescing the first page into a folio. The vulnerability description across multiple sources states there is no guaranteed user pointer align...

CVE-2025-13795

A weakness has been identified in codingWithElias School Management System up to f1ac334bfd89ae9067cc14dea12ec6ff3f078c01. Affected is an unknown function of the file /student-view.php of the component Edit Student Info Page. This manipulation of the argument First Name causes cross site scriptin...

PT-2025-49134

perl2exe = V30.10C contains an arbitrary code execution vulnerability that allows local authenticated attackers to execute malicious scripts. Attackers can control the 0th argument of packed executables to execute another executable, allowing them to bypass restrictions and gain unauthorized acce...

Better Auth affected by external request basePath modification DoS

Summary Affected versions of Better Auth allow an external request to configure baseURL when it isn’t defined through any other means. This can be abused to poison the router’s base path, causing all routes to return 404 for all users. This issue is only exploitable when baseURL is not explicitly...

CVE-2025-59789

creationtimestamp| type| source ---|---|--- 2025-12-01 02:03:04+00:00| seen| https://seclists.org/oss-sec/2025/q4/218 2025-12-01 10:14:48+00:00| seen| https://gist.github.com/Darkcrai86/8b47c8b694c39f33003dd078926ed739 2025-12-01 11:16:51+00:00| seen|...

EUVD-2025-199939

A weakness has been identified in codingWithElias School Management System up to f1ac334bfd89ae9067cc14dea12ec6ff3f078c01. Affected is an unknown function of the file /student-view.php of the component Edit Student Info Page. This manipulation of the argument First Name causes cross site scriptin...

libtiff security update

4.0.3-35.0.1 - fix CVE-2025-8176: prevent skipping first line in tiffdither and tiffmedian tools Orabug: 38658716 - fix CVE-2025-8177: buffer overflow thumbnail setrow Orabug: 38658716 - fix CVE-2025-9900: buffer underflow crash in TIFFReadRGBAImageOriented Orabug: 38658716...

CVE-2025-13795

A weakness has been identified in codingWithElias School Management System up to f1ac334bfd89ae9067cc14dea12ec6ff3f078c01. Affected is an unknown function of the file /student-view.php of the component Edit Student Info Page. This manipulation of the argument First Name causes cross site scriptin...

CVE-2025-13795 codingWithElias School Management System Edit Student Info student-view.php cross site scripting

A weakness has been identified in codingWithElias School Management System up to f1ac334bfd89ae9067cc14dea12ec6ff3f078c01. Affected is an unknown function of the file /student-view.php of the component Edit Student Info Page. This manipulation of the argument First Name causes cross site scriptin...

PT-2025-48398

Name of the Vulnerable Software and Affected Versions codingWithElias School Management System affected versions not specified Description A weakness exists in codingWithElias School Management System. The issue involves cross site scripting triggered by manipulating the First Name argument withi...