6654 matches found
CVE-2025-1582
A vulnerability was found in PHPGurukul Online Nurse Hiring System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/all-request.php. The manipulation of the argument viewid leads to sql injection. The attack may be launched remotely. The...
CVE-2025-1581
A vulnerability was found in PHPGurukul Online Nurse Hiring System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /book-nurse.php?bookid=1. The manipulation of the argument contactname leads to sql injection. The attack can be launche...
Implementing Cryptography in AI Systems
Interesting research: "How to Securely Implement Cryptography in Deep Neural Networks." Abstract: The wide adoption of deep neural networks DNNs raises the question of how can we equip them with a desired cryptographic functionality e.g, to decrypt an encrypted input, to verify that this input is...
Path Traversal
labelstudiosdk is vulnerable to Path Traversal. The vulnerability is due to improper file path validation in the VOC, COCO, and YOLO export functionalities, where the download function in the label-studio-sdk package fails to properly validate file paths during task exports, allowing attackers to...
Huawei HarmonyOS and EMUI display module memory misreference vulnerability
Huawei HarmonyOS is an operating system from Huawei, a Chinese company. It provides a full-scenario distributed operating system based on a microkernel.Huawei EMUI is a user interface developed by Huawei based on the Android operating system. A memory misreference vulnerability exists in Huawei...
PT-2025-6821 · Churchcrm · Churchcrm
Name of the Vulnerable Software and Affected Versions: ChurchCRM versions 5.13.0 and prior Description: A time-based blind SQL Injection vulnerability exists in the EditEventTypes functionality, allowing an attacker to execute arbitrary SQL queries. The newCountName parameter is directly...
Linux kernel bnxt driver code issue vulnerability
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. The Linux kernel suffers from a code issue vulnerability that stems from the bnxt driver not properly recalculating network device characteristics after XDP is disabled, which...
CVE-2024-13513
CVE-2024-13513 affects the Oliver POS – a WooCommerce WordPress plugin, with Sensitive Information Exposure via the plugin’s logging functionality in versions up to 2.4.2.3. Unauthenticated attackers could extract sensitive data (e.g., clientToken) from logs, enabling changes to user account info...
Malicious code in network-utils-simple (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 1fd943d3243197ac153b2623548e62b4225a59f611cf13fe962bc3ced369a32d During installation, there is an attempt to download and execute code. The package has no real functionality. --- Category: MALICIOUS - The campaign has clearl...
MAL-2025-191803 Malicious code in network-utils-simple (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 1fd943d3243197ac153b2623548e62b4225a59f611cf13fe962bc3ced369a32d During installation, there is an attempt to download and execute code. The package has no real functionality. --- Category: MALICIOUS - The campaign has clearl...
CVE-2024-31144
For a brief summary of Xapi terminology, see: https://xapi-project.github.io/xen-api/overview.htmlobject-model-overview Xapi contains functionality to backup and restore metadata about Virtual Machines and Storage Repositories SRs. The metadata itself is stored in a Virtual Disk Image VDI inside ...
CVE-2024-31144
For a brief summary of Xapi terminology, see: https://xapi-project.github.io/xen-api/overview.htmlobject-model-overview Xapi contains functionality to backup and restore metadata about Virtual Machines and Storage Repositories SRs. The metadata itself is stored in a Virtual Disk Image VDI inside ...
CVE-2025-25198
mailcow: dockerized is an open source groupware/email suite based on docker. Prior to version 2025-01a, a vulnerability in mailcow's password reset functionality allows an attacker to manipulate the Host HTTP header to generate a password reset link pointing to an attacker-controlled domain. This...
CVE-2025-25295 Label Studio has a Path Traversal Vulnerability via image Field
Label Studio is an open source data labeling tool. A path traversal vulnerability in Label Studio SDK versions prior to 1.0.10 allows unauthorized file access outside the intended directory structure. The flaw exists in the VOC, COCO and YOLO export functionalities. These functions invoke a...
CVE-2023-37482
The login functionality of the web server in affected devices does not normalize the response times of login attempts. An unauthenticated remote attacker could exploit this side-channel information to distinguish between valid and invalid usernames...
CVE-2024-11771
Path traversal in Ivanti CSA before version 5.0.5 allows a remote unauthenticated attacker to access restricted functionality...
CVE-2023-37482
CVE-2023-37482 affects Siemens SIMATIC web servers (e.g., SIMATIC S7-1200/1500 family). The vulnerability stems from login response timing not being normalized, enabling an unauthenticated remote attacker to perform user enumeration by distinguishing valid vs. invalid usernames via a side channel...
CVE-2023-37482
The login functionality of the web server in affected devices does not normalize the response times of login attempts. An unauthenticated remote attacker could exploit this side-channel information to distinguish between valid and invalid usernames...
CVE-2023-37482
The login functionality of the web server in affected devices does not normalize the response times of login attempts. An unauthenticated remote attacker could exploit this side-channel information to distinguish between valid and invalid usernames...
February 11, 2025—Hotpatch KB5052106 (OS Build 20348.3148)
February 11, 2025—Hotpatch KB5052106 OS Build 20348.3148 Improvements and fixes This security update includes quality improvements. Below is a summary of the key issues that this update addresses when you install this KB. If there are new features, it lists them as well. The bold text within the...