Lucene search
K

54814 matches found

OSV
OSV
added 2025/12/29 10:35 a.m.4 views

CLSA-2025-1767004508 httpd: Fix of CVE-2025-58098

CVE-2025-58098: prevent command injection in modcgid via shell-escaped SSI query strings...

8.3CVSS7.2AI score0.015EPSS
Exploits0References1
OSV
OSV
added 2025/12/29 9:39 a.m.6 views

CLSA-2025-1767001153 pam: Fix of CVE-2025-8941

CVE-2025-8941: fix additiinally potential privilege escalationvia multiple symlink attacks and race conditions...

7.8CVSS5.8AI score0.00254EPSS
Exploits0References1
CVE
CVE
added 2025/12/29 12:0 a.m.15 views

CVE-2025-65442

CVE-2025-65442 describes a DOM-based XSS in the 201206030 novel system version 3.5.0. The root cause is insufficient validation/encoding of user-controllable data in the book_comment module: unfiltered input is stored in the database (book_comment.commentContent) and later rendered into the page ...

6.1CVSS5.5AI score0.00291EPSS
Exploits1References3Affected Software1
RedhatCVE
RedhatCVE
added 2025/12/27 12:5 a.m.6 views

CVE-2025-66947

SQL injection vulnerability in krishanmuraiji SMS v.1.0, within the /studentms/admin/edit-class-detail.php via the editid GET parameter. An attacker can trigger controlled delays using SQL SLEEP to infer database contents. Successful exploitation may lead to full database compromise, especially...

6.5CVSS8AI score0.00259EPSS
Exploits2References1
Tenable Nessus
Tenable Nessus
added 2025/12/27 12:0 a.m.2 views

openSUSE 15: libpython3_9-1_0 / libpython3_9-1_0-32bit / python39 / etc (SUSE-SU-2025:4522-1)

The remote openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:4522-1 advisory. - CVE-2025-12084: quadratic complexity when building nested elements using xml.dom.minidom methods that depend on clearidcache can lead to availabili...

7.5CVSS7AI score0.01525EPSS
Exploits0References10
OSV
OSV
added 2025/12/26 3:15 p.m.5 views

CVE-2025-66947

SQL injection vulnerability in krishanmuraiji SMS v.1.0, within the /studentms/admin/edit-class-detail.php via the editid GET parameter. An attacker can trigger controlled delays using SQL SLEEP to infer database contents. Successful exploitation may lead to full database compromise, especially...

6.5CVSS5.9AI score0.00259EPSS
Exploits2References1
NVD
NVD
added 2025/12/26 3:15 p.m.4 views

CVE-2025-66947

SQL injection vulnerability in krishanmuraiji SMS v.1.0, within the /studentms/admin/edit-class-detail.php via the editid GET parameter. An attacker can trigger controlled delays using SQL SLEEP to infer database contents. Successful exploitation may lead to full database compromise, especially...

6.5CVSS0.00259EPSS
Exploits2References1
SUSE Linux
SUSE Linux
added 2025/12/26 10:35 a.m.4 views

Security update for python39

This update for python39 fixes the following issues: CVE-2025-12084: quadratic complexity when building nested elements using xml.dom.minidom methods that depend on clearidcache can lead to availability issues when building excessively nested documents bsc1254997. CVE-2025-13836: use of...

6.3CVSS6.9AI score0.01525EPSS
Exploits0References12
Packet Storm News
Packet Storm News
added 2025/12/26 12:0 a.m.1 views

American Fuzzy Lop plus plus 4.35c

Google's American Fuzzy Lop is a brute-force fuzzer coupled with an exceedingly simple but rock-solid instrumentation-guided genetic algorithm. afl++ is a superior fork to Google's afl. It has more speed, more and better mutations, more and better instrumentation, custom module support, etc...

6.9AI score
Exploits0
Positive Technologies
Positive Technologies
added 2025/12/26 12:0 a.m.5 views

PT-2025-53593

Name of the Vulnerable Software and Affected Versions krishanmuraiji SMS version 1.0 Description A SQL injection issue exists in krishanmuraiji SMS version 1.0. The issue is located within the '/studentms/admin/edit-class-detail.php' file and is triggered through the editid GET parameter. An...

6.5CVSS7.5AI score0.00259EPSS
Exploits2References6
EUVD
EUVD
added 2025/12/26 12:0 a.m.10 views

EUVD-2025-205435

SQL injection vulnerability in krishanmuraiji SMS v.1.0, within the /studentms/admin/edit-class-detail.php via the editid GET parameter. An attacker can trigger controlled delays using SQL SLEEP to infer database contents. Successful exploitation may lead to full database compromise, especially...

6.5CVSS7.5AI score0.00259EPSS
Exploits2References2
Cvelist
Cvelist
added 2025/12/26 12:0 a.m.22 views

CVE-2025-66947

SQL injection vulnerability in krishanmuraiji SMS v.1.0, within the /studentms/admin/edit-class-detail.php via the editid GET parameter. An attacker can trigger controlled delays using SQL SLEEP to infer database contents. Successful exploitation may lead to full database compromise, especially...

0.00259EPSS
Exploits2References1
Packet Storm
Packet Storm
added 2025/12/26 12:0 a.m.171 views

📄 Backdoor.Win32.Poison.jh Remote File Hijack

This code represents an educational Metasploit module concept that demonstrates how insecure file permissions created Backdoor.Win32.Poison.jh could be abused to achieve code execution. The scenario assumes that the malware drops an executable file inside a protected Windows directory SysWOW64 wi...

7.5AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/12/26 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2022-50779

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - orangefs: Fix kmemleak in orangefspreparedebugfshelpstring When insert and remove the orangefs module, then debughelpstring will be leaked: unreferenced object...

6.2AI score0.00244EPSS
Exploits0References2
CVE
CVE
added 2025/12/26 12:0 a.m.10 views

CVE-2025-66947

CVE-2025-66947 affects krishanmuraiji SMS v1.0. The flaw is a time-based SQL injection in /studentms/admin/edit-class-detail.php via the editid GET parameter, where unvalidated input can trigger SQL SLEEP() delays to infer database contents. Exploitation could lead to full database disclosure or ...

6.5CVSS7.6AI score0.00259EPSS
Exploits2References1Affected Software1
RedhatCVE
RedhatCVE
added 2025/12/25 2:25 p.m.9 views

CVE-2022-50711

In the Linux kernel, the following vulnerability has been resolved: net: ethernet: mtkethsoc: fix possible memory leak in mtkprobe If mtkwedaddhw has been called, mtkwedexit needs be called in error path or removing module to free the memory allocated in mtkwedaddhw...

5.9AI score0.00156EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2025/12/25 12:56 a.m.6 views

SUSE CVE-2023-54047

In the Linux kernel, the following vulnerability has been resolved: drm/rockchip: dwhdmi: cleanup drm encoder during unbind This fixes a use-after-free crash during rmmod. The DRM encoder is embedded inside the larger rockchiphdmi, which is allocated with the component. The component memory gets...

5.5CVSS6.5AI score0.00203EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2025/12/25 12:56 a.m.3 views

SUSE CVE-2023-54070

In the Linux kernel, the following vulnerability has been resolved: igb: clean up in all error paths when enabling SR-IOV After commit 50f303496d92 "igb: Enable SR-IOV after reinit", removing the igb module could hang or crash depending on the machine when the module has been loaded with the maxv...

5.5CVSS6.3AI score0.00155EPSS
Exploits0References20
SUSE CVE
SUSE CVE
added 2025/12/25 12:56 a.m.2 views

SUSE CVE-2023-54081

In the Linux kernel, the following vulnerability has been resolved: xen: speed up grant-table reclaim When a grant entry is still in use by the remote domain, Linux must put it on a deferred list. Normally, this list is very short, because the PV network and block protocols expect the backend to...

5.5CVSS6.5AI score0.00173EPSS
Exploits0References17
SUSE CVE
SUSE CVE
added 2025/12/25 12:23 a.m.1 views

SUSE CVE-2025-68740

In the Linux kernel, the following vulnerability has been resolved: ima: Handle error code returned by imafilterrulematch In imamatchrules, if imafilterrulematch returns -ENOENT due to the rule being NULL, the function incorrectly skips the 'if !rc' check and sets 'result = true'. The LSM rule is...

5.5CVSS6.7AI score0.00189EPSS
Exploits0References22
Rows per page
Query Builder