3027 matches found
CVE-2025-13178
CVE-2025-13178 affects Bdtask/CodeCanyon SalesERP up to 20250728, targeting the /edit_profile file in the User Profile Handler. The issue arises from manipulation of the first_name/last_name parameters, enabling basic cross-site scripting. Remote exploitation is possible, and the exploit has been...
SUSE CVE-2025-40137
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to truncate first page in error path of f2fstruncate syzbot reports a bug as below: loop0: detected capacity change from 0 to 40427 F2FS-fs loop0: Wrong SSA boundary, start3584 end4096 blocks3072 F2FS-fs loop0: Can't fi...
PT-2025-47002
Name of the Vulnerable Software and Affected Versions Bdtask/CodeCanyon Wholesale Inventory Control and Inventory Management System versions up to 20250320 Description A cross-site scripting issue exists in Bdtask/CodeCanyon Wholesale Inventory Control and Inventory Management System. The issue i...
EUVD-2024-55078
Multiple parameters in register.php in PHPGurukul Student Record System 3.20 are vulnerable to SQL injection. These include: c-full, fname, mname,lname, gname, ocp, nation, mobno, email, board1, roll1, pyear1, board2, roll2, pyear2, sub1,marks1, sub2, course-short, income, category, ph, country,...
PT-2025-46998
Name of the Vulnerable Software and Affected Versions Bdtask/CodeCanyon SalesERP versions up to 20250728 Description A security issue exists in Bdtask/CodeCanyon SalesERP. The issue is related to the User Profile Handler component and specifically affects code within the /edit profile file...
Bdtask SalesERP 安全漏洞
Bdtask SalesERP is a sales enterprise resource planning software from Bdtask Bangladesh. A security vulnerability exists in Bdtask SalesERP 20250728 and earlier versions, which stems from incorrect manipulation of the parameters firstname/lastname in the file /editprofile, and could lead to a bas...
CVE-2025-40137
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to truncate first page in error path of f2fstruncate syzbot reports a bug as below: loop0: detected capacity change from 0 to 40427 F2FS-fs loop0: Wrong SSA boundary, start3584 end4096 blocks3072 F2FS-fs loop0: Can't fi...
CVE-2025-64292
creationtimestamp| type| source ---|---|--- 2025-11-13 10:19:38+00:00| seen| https://gist.github.com/Darkcrai86/3f2e71dd0871da43af5244fe91af3988 2025-11-13 11:30:30+00:00| seen| https://bsky.app/profile/jos1264.social.skynetcloud.site.ap.brid.gy/post/3m5j2tx6a3p22 2025-11-13 13:37:06+00:00| seen|...
CVE-2025-41106
HTML injection vulnerability found in Fairsketch's RISE CRM Framework v3.8.1, which consist of an HTML code injection due to lack of proper validation of user inputs by sending a POST request in parameter 'firstname' in '/clients/savecontact/'...
CVE-2025-40137
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to truncate first page in error path of f2fstruncate syzbot reports a bug as below: loop0: detected capacity change from 0 to 40427 F2FS-fs loop0: Wrong SSA boundary, start3584 end4096 blocks3072 F2FS-fs loop0: Can't fi...
CVE-2025-40137
CVE-2025-40137 describes a Linux kernel issue in F2FS where the error path of f2fs_truncate() did not truncate the first page in cache, leading to inode eviction logic detecting a non-zero i_data.nrpages and triggering a kernel BUG during eviction. The provided details trace the path from evict →...
CVE-2025-40137 f2fs: fix to truncate first page in error path of f2fs_truncate()
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to truncate first page in error path of f2fstruncate syzbot reports a bug as below: loop0: detected capacity change from 0 to 40427 F2FS-fs loop0: Wrong SSA boundary, start3584 end4096 blocks3072 F2FS-fs loop0: Can't fi...
CVE-2025-40137 f2fs: fix to truncate first page in error path of f2fs_truncate()
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to truncate first page in error path of f2fstruncate syzbot reports a bug as below: loop0: detected capacity change from 0 to 40427 F2FS-fs loop0: Wrong SSA boundary, start3584 end4096 blocks3072 F2FS-fs loop0: Can't fi...
CVE-2025-40137
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to truncate first page in error path of f2fstruncate syzbot reports a bug as below: loop0: detected capacity change from 0 to 40427 F2FS-fs loop0: Wrong SSA boundary, start3584 end4096 blocks3072 F2FS-fs loop0: Can't fi...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from not truncating the first page in the wrong path, which could lead to a kernel bug...
rack: Rack's unbounded multipart preamble buffering enables DoS (memory exhaustion)
A flaw was found in Rack where the Rack::Multipart::Parser buffers the multipart preamble memory without size limits. A remote attacker can send a crafted multipart/form-data request with a very large preamble before its first boundary, causing excessive memory consumption and denial of service...
EUVD-2025-84352
HTML injection vulnerability found in Fairsketch's RISE CRM Framework v3.8.1, which consist of an HTML code injection due to lack of proper validation of user inputs by sending a POST request in parameter 'firstname' in '/clients/savecontact/'...
CVE-2025-41106
HTML injection vulnerability found in Fairsketch's RISE CRM Framework v3.8.1, which consist of an HTML code injection due to lack of proper validation of user inputs by sending a POST request in parameter 'firstname' in '/clients/savecontact/'...
CVE-2025-41106
HTML injection vulnerability found in Fairsketch's RISE CRM Framework v3.8.1, which consist of an HTML code injection due to lack of proper validation of user inputs by sending a POST request in parameter 'firstname' in '/clients/savecontact/'...
CVE-2025-41106
An HTML injection flaw is present in Fairsketch’s RISE CRM Framework v3.8.1 (CVE-2025-41106). The root cause is insufficient validation of user input, enabling HTML code injection via a POST to /clients/save_contact/ with the first_name parameter. Affected product: Fairsketch RISE CRM Framework; ...