CVE-2018-25072

A vulnerability classified as critical has been found in lojban jbovlaste. This affects an unknown part of the file dict/listing.html. The manipulation leads to sql injection. It is possible to initiate the attack remotely. The patch is named 6ff44c2e87b1113eb07d76ea62e1f64193b04d15. It is...

CVE-2017-20169

A vulnerability, which was classified as critical, has been found in GGGGGGGG ToN-MasterServer. Affected by this issue is some unknown functionality of the file publichtml/ircupdater/svrrequestpub.php. The manipulation leads to sql injection. The patch is identified as...

CVE-2015-10066

A vulnerability was found in tynx wuersch and classified as critical. Affected by this issue is the function packValue/getByCustomQuery of the file backend/base/Store.class.php. The manipulation leads to sql injection. The patch is identified as 66d4718750a741d1053d327a79e285fd50372519. It is...

CVE-2015-10042

UNSUPPORTED WHEN ASSIGNED A vulnerability classified as critical was found in Dovgalyuk AIBattle. Affected by this vulnerability is the function registerUser of the file site/procedures.php. The manipulation of the argument postLogin leads to sql injection. The identifier of the patch is...

CVE-2015-10036

A vulnerability was found in kylebebak dronfelipe. It has been declared as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to sql injection. The patch is named 87405b74fe651892d79d0dff62ed17a7eaef6a60. It is recommended to apply a patch to fix this...

CVE-2015-10054

A vulnerability, which was classified as critical, was found in githuis P2Manage. This affects the function Execute of the file PTwoManage/Database.cs. The manipulation of the argument sql leads to sql injection. The identifier of the patch is 717380aba80002414f82d93c770035198b7858cc. It is...

CVE-2014-125040

A vulnerability was found in stevejagodzinski DevNewsAggregator. It has been rated as critical. Affected by this issue is the function getByName of the file php/dataaccess/RemoteHtmlContentDataAccess.php. The manipulation of the argument name leads to sql injection. The name of the patch is...

CVE-2014-125038

A vulnerability has been found in ISProjecto2 and classified as critical. This vulnerability affects unknown code of the file Cnn-EJB/ejbModule/ejbs/NewsBean.java. The manipulation of the argument date leads to sql injection. The name of the patch is aa128b2c9c9fdcbbf5ecd82c1e92103573017fe0. It i...

CVE-2013-10011

A vulnerability was found in aeharding classroom-engagement-system and classified as critical. Affected by this issue is some unknown functionality. The manipulation leads to sql injection. The attack may be launched remotely. The name of the patch is 096de5815c7b414e7339f3439522a446098fb73a. It ...

PT-2025-14762 · Assimp +1 · Assimp +1

Name of the Vulnerable Software and Affected Versions: Open Asset Import Library Assimp version 5.4.3 Description: A vulnerability has been found in the Open Asset Import Library Assimp, affecting the function Assimp::SceneCombiner::AddNodeHashes of the file code/Common/SceneCombiner.cpp of the...

CVE-2025-3016

The CVE-2025-3016 issue affects Open Asset Import Library (Assimp) 5.4.3, specifically the MDL File Handler’s MDLMaterialLoader.cpp, in Assimp::MDLImporter::ParseTextureColorData. Manipulating the mWidth/mHeight arguments can cause resource consumption (potential DoS) and is exploitable remotely....

CVE-2025-2357

DCMTK 3.6.9 contains a memory-corruption vulnerability in the dcmjpls JPEG-LS Decoder. The issue can be exploited remotely, with exploitation information reported publicly. A patch named 3239a7915 is referenced as fixes for this issue; applying the patch is the advised remediation. The CVE descri...

PT-2025-14367

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to the fixed version Description A vulnerability in the Linux kernel's switchdev notification chain has been resolved. The issue involved a blocking notification chain that used a read-write semaphore to protect the...

bind9.16 security update

32:9.16.23-0.22.2 - Fix application of patch for CVE-2024-11187 - Resolves: RHEL-77103 32:9.16.23-0.22.1 - Limit additional section records CPU processing CVE-2024-11187 - Fix test backport changes...

CVE-2025-24892

OpenProject is open-source, web-based project management software. In versions prior to 15.2.1, the application fails to properly sanitize user input before displaying it in the Group Management section. Groups created with HTML script tags are not properly escaped before rendering them in a...

tbb security update

2018.2-10.1 - Remove jQuery from Doxygen files RHEL-77669 2018.2-10 - Apply patches from BZ 1907561 - Bump release...

PT-2025-3570 · Jfinaloa · Jfinaloa

Name of the Vulnerable Software and Affected Versions: JFinalOA versions prior to 2025.01.01 Description: A cross-site scripting XSS issue in the "/apply/getEditPage?view" interface allows attackers to execute arbitrary web scripts or HTML via a crafted payload. This enables the execution of...

CVE-2024-13153

The Unlimited Elements For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple widgets in all versions up to, and including, 1.5.135 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticate...

CVE-2024-12894

A vulnerability, which was classified as critical, was found in TreasureHuntGame TreasureHunt up to 963e0e0. Affected is an unknown function of the file TreasureHunt/acesso.php. The manipulation of the argument usuario leads to sql injection. It is possible to launch the attack remotely. This...

Simulation of Wasmd message can cause crashing

CWA-2024-009 Severity Low Marginal + Likely^1 Affected versions: - wasmd 0.53.1 Patched versions: - wasmd 0.53.2 please note that wasmd 0.53.1 is broken and must not be used Description of the bug Blank for now. We'll add more detail once chains had a chance to upgrade. Mitigations Apart from...