CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4078 matches found

Vulnrichment•added 2025/04/29 12:0 p.m.•7 views

CVE-2025-4059 code-projects Prison Management System Prison_Mgmt_Sys addrecord stack-based overflow

A vulnerability classified as critical was found in code-projects Prison Management System 1.0. This vulnerability affects the function addrecord of the component PrisonMgmtSys. The manipulation of the argument filename leads to stack-based buffer overflow. An attack has to be approached locally...

5.3CVSS5.5AI score0.00277EPSS

Exploits1References5

CVE•added 2025/04/29 12:0 p.m.•51 views

CVE-2025-4059

CVE-2025-4059 (code-projects Prison Management System 1.0, Prison_Mgmt_Sys addrecord) shows a stack-based buffer overflow caused by improper handling of the filename parameter. Multiple connected sources (CNVD, CNNVD, CVE records) confirm the vulnerability resides in addrecord and can be triggere...

7.8CVSS5.5AI score0.00277EPSS

Exploits1References5Affected Software1

Positive Technologies•added 2025/04/28 12:0 a.m.•4 views

PT-2025-18118 · Unknown · Code-Projects Online Ticket Reservation System

Name of the Vulnerable Software and Affected Versions: code-projects Train Ticket Reservation System version 1.0 Description: A critical vulnerability was found in the function Reservation of the component Ticket Reservation. The manipulation of the argument Name leads to a stack-based buffer...

5.5CVSS5.3AI score0.0026EPSS

Exploits1References12

RedhatCVE•added 2025/04/26 12:17 a.m.•5 views

CVE-2025-3804

A vulnerability classified as critical has been found in thautwarm vscode-diana 0.0.1. Affected is an unknown function of the file Gen.py of the component Jinja2 Template Handler. The manipulation leads to injection. Attacking locally is a requirement. The exploit has been disclosed to the public...

5.3CVSS7.4AI score0.0019EPSS

Exploits0References1

SUSE CVE•added 2025/04/25 2:15 a.m.•2 views

SUSE CVE-2025-3908

The configuration initialization tool in OpenVPN 3 Linux v20 through v24 on Linux allows a local attacker to use symlinks pointing at an arbitrary directory which will change the ownership and permissions of that destination directory...

6.2CVSS6.8AI score0.00182EPSS

Exploits0References3

NVD•added 2025/04/19 4:15 p.m.•15 views

CVE-2025-3804

5.3CVSS0.0019EPSS

Exploits0References5

Cvelist•added 2025/04/19 3:31 p.m.•18 views

CVE-2025-3804 thautwarm vscode-diana Jinja2 Template Gen.py injection

5.3CVSS0.0019EPSS

Exploits0References5

CVE•added 2025/04/19 3:31 p.m.•60 views

CVE-2025-3804

CVE-2025-3804 affects thautwarm vscode-diana 0.0.1, specifically the Jinja2 Template Handler’s Gen.py component where an unknown function exposure enables injection. Local access is required; exploitation has been disclosed publicly. Multiple connected sources corroborate a critical issue with lo...

5.3CVSS5.7AI score0.0019EPSS

Exploits0References5

OSV•added 2025/04/18 3:15 p.m.•6 views

CVE-2025-3791

A vulnerability classified as critical was found in symisc UnQLite up to 957c377cb691a4f617db9aba5cc46d90425071e2. This vulnerability affects the function jx9MemObjStore of the file /data/src/benchmarks/unqlite/unqlite.c. The manipulation leads to heap-based buffer overflow. It is possible to...

4.8CVSS5.6AI score0.00181EPSS

Exploits0References5

SUSE CVE•added 2025/04/18 1:29 a.m.•3 views

SUSE CVE-2025-3548

A vulnerability, which was classified as critical, has been found in Open Asset Import Library Assimp up to 5.4.3. This issue affects the function aiString::Set in the library include/assimp/types.h of the component File Handler. The manipulation leads to heap-based buffer overflow. It is possibl...

5.3CVSS5.1AI score0.00231EPSS

Exploits1References4

OSV•added 2025/04/16 9:15 p.m.•3 views

DEBIAN-CVE-2025-3730

A vulnerability, which was classified as problematic, was found in PyTorch 2.6.0. Affected is the function torch.nn.functional.ctcloss of the file aten/src/ATen/native/LossCTC.cpp. The manipulation leads to denial of service. An attack has to be approached locally. The exploit has been disclosed ...

5.5CVSS3.6AI score0.00271EPSS

Exploits1References1

OSV•added 2025/04/14 9:32 p.m.•3 views

GHSA-66RC-VG9F-48M7 jsonschema2pojo has Improper Restriction of Operations within the Bounds of a Memory Buffer

A vulnerability, which was classified as problematic, has been found in joelittlejohn jsonschema2pojo 1.2.2. This issue affects the function apply of the file org/jsonschema2pojo/rules/SchemaRule.java of the component JSON File Handler. The manipulation leads to stack-based buffer overflow...

5.3CVSS5.6AI score0.0017EPSS

Exploits0References6

OSV•added 2025/04/14 9:15 p.m.•6 views

CVE-2025-3588

4.8CVSS5.5AI score0.0017EPSS

Exploits0References5

AlpineLinux•added 2025/04/14 3:15 a.m.•3 views

CVE-2025-3549

A vulnerability, which was classified as critical, was found in Open Asset Import Library Assimp 5.4.3. Affected is the function Assimp::MD3Importer::ValidateSurfaceHeaderOffsets of the file code/AssetLib/MD3/MD3Loader.cpp of the component File Handler. The manipulation leads to heap-based buffer...

5.3CVSS7.4AI score0.0023EPSS

Exploits1References5