783 matches found
CVE-2025-7464
A vulnerability classified as problematic has been found in osrg GoBGP up to 3.37.0. Affected is the function SplitRTR of the file pkg/packet/rtr/rtr.go. The manipulation leads to out-of-bounds read. It is possible to launch the attack remotely. The complexity of an attack is rather high. The...
CVE-2025-7464
A vulnerability classified as problematic has been found in osrg GoBGP up to 3.37.0. Affected is the function SplitRTR of the file pkg/packet/rtr/rtr.go. The manipulation leads to out-of-bounds read. It is possible to launch the attack remotely. The complexity of an attack is rather high. The...
CVE-2025-7462 Artifex GhostPDL New Output File Open Error gdevpdf.c pdf_ferror null pointer dereference
A vulnerability was found in Artifex GhostPDL up to 3989415a5b8e99b9d1b87cc9902bde9b7cdea145. It has been classified as problematic. This affects the function pdfferror of the file devices/vector/gdevpdf.c of the component New Output File Open Error Handler. The manipulation leads to null pointer...
CVE-2025-7462 Artifex GhostPDL New Output File Open Error gdevpdf.c pdf_ferror null pointer dereference
A vulnerability was found in Artifex GhostPDL up to 3989415a5b8e99b9d1b87cc9902bde9b7cdea145. It has been classified as problematic. This affects the function pdfferror of the file devices/vector/gdevpdf.c of the component New Output File Open Error Handler. The manipulation leads to null pointer...
PT-2025-29342 · Open5Gs · Open5Gs
Name of the Vulnerable Software and Affected Versions: Open5GS versions up to 2.7.3 Description: A problematic issue exists in Open5GS related to the SCTP Partial Message Handler component. The ngap recv handler/s1ap recv handler/recv handler function is susceptible to a reachable assertion due t...
CVE-2025-7435
A vulnerability was found in LiveHelperChat lhc-php-resque Extension up to ee1270b35625f552425e32a6a3061cd54b5085c4. It has been classified as problematic. This affects an unknown part of the file /siteadmin/lhcphpresque/list/ of the component List Handler. The manipulation of the argument queue...
CVE-2025-7208
A vulnerability was found in 9fans plan9port up to 9da5b44. It has been classified as critical. This affects the function edump in the library /src/plan9port/src/libsec/port/x509.c. The manipulation leads to heap-based buffer overflow. The exploit has been disclosed to the public and may be used...
CVE-2025-7208
CVE-2025-7208 affects 9fans plan9port up to commit 9da5b44, with a heap-based buffer overflow in the edump function inside /src/plan9port/src/libsec/port/x509.c. The advisory notes that the exploit has been disclosed publicly and that the project uses rolling releases, so specific affected and up...
CVE-2025-7208 9fans plan9port x509.c edump heap-based overflow
A vulnerability was found in 9fans plan9port up to 9da5b44. It has been classified as critical. This affects the function edump in the library /src/plan9port/src/libsec/port/x509.c. The manipulation leads to heap-based buffer overflow. The exploit has been disclosed to the public and may be used...
PT-2025-28807 · Mruby +1 · Mruby +1
Name of the Vulnerable Software and Affected Versions: mruby versions up to 3.4.0-rc2 Description: A heap-based buffer overflow issue was found in the function scope new of the file mrbgems/mruby-compiler/core/codegen.c of the component nregs Handler. This issue can be exploited locally...
PT-2025-28829 · WordPress · Ait Csv Import/Export
Name of the Vulnerable Software and Affected Versions: WordPress AIT CSV Import/Export plugin versions ≤ 3.0.3 Description: The issue allows for an unrestricted file upload, where an attacker can upload arbitrary files, including malicious PHP code, to the server via a multipart/form-data POST...
PT-2025-28378 · Samsung · Galaxy Tablet
Name of the Vulnerable Software and Affected Versions: Galaxy Tablet versions prior to SMR Jul-2025 Release 1 Description: The issue concerns improper authorization for accessing saved Wi-Fi passwords on Galaxy Tablet devices. This allows secondary users to access the owner's saved Wi-Fi password...
PT-2025-28457 · Code Projects · Staff Audit System
Name of the Vulnerable Software and Affected Versions: code-projects Staff Audit System version 1.0 Description: A critical issue has been found in the Staff Audit System, affecting the processing of the file /login.php. The manipulation of the User argument leads to SQL injection. The attack can...
PT-2025-28354 · Unknown · Code-Projects Responsive Blog
Name of the Vulnerable Software and Affected Versions: code-projects Responsive Blog Site version 1.0 Description: A critical issue has been identified, affecting unknown code in the /category.php file. The manipulation of the ID argument leads to SQL injection. This issue can be exploited...
PT-2025-28603
Name of the Vulnerable Software and Affected Versions Microsoft SharePoint Server affected versions not specified Microsoft SharePoint Server Subscription Edition affected versions not specified Microsoft SharePoint Foundation affected versions not specified Description Improper authentication in...
PT-2025-28321 · Bluetooth · Bluetooth
Name of the Vulnerable Software and Affected Versions: Bluetooth versions prior to the version with Patch ID: ALPS09752821 Description: The issue is related to a possible system crash due to an uncaught exception in Bluetooth firmware, which could lead to remote denial of service without requirin...
PT-2025-28772 · Adobe · Framemaker
Name of the Vulnerable Software and Affected Versions: Adobe Framemaker versions 2020.8 through 2022.6 Description: The issue is a Stack-based Buffer Overflow that could lead to disclosure of sensitive memory. Exploitation requires user interaction, where a victim must open a malicious file...
PT-2025-28370 · Unknown · Code-Projects Library System
Name of the Vulnerable Software and Affected Versions: code-projects Library System version 1.0 Description: A critical issue has been found in the code-projects Library System, affecting unknown code in the /add-student.php file. The manipulation of the Username argument leads to SQL injection...
PT-2025-28358 · Unknown · Code-Projects Crime Reporting System
Name of the Vulnerable Software and Affected Versions: code-projects Crime Reporting System version 1.0 Description: A critical issue affects the processing of the file /userlogin.php. The manipulation of the email argument leads to SQL injection. The attack can be initiated remotely...
PT-2025-28198 · Samsung · Exynos 2400 +1
Name of the Vulnerable Software and Affected Versions: Samsung Mobile Processor and Modem Exynos 2400 Samsung Mobile Processor and Modem Modem 5400 Description: An issue was discovered in L2, where the lack of a length check leads to a Denial of Service via a malformed PDCP packet. Recommendation...