WordPress Appsero Helper plugin <= 1.3.4 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Trương Hữu Phúc truonghuuphuc in WordPress Plugin Appsero Helper versions = 1.3.4...

PT-2025-17465 · Adept · Adept

Name of the Vulnerable Software and Affected Versions: Adept versions prior to commit a1a41b7 Description: The issue concerns the exposure of the GITHUB TOKEN in the Adept language workflow. Prior to commit a1a41b7, the remoteBuild.yml workflow file uses actions/upload-artifact@v4 to upload the...

PT-2025-18305 · NetGear · Netgear Wag302V2

Name of the Vulnerable Software and Affected Versions: Netgear WG302v2 versions up to 5.2.9 Description: A critical issue was found, affecting the function ui get input value. The manipulation of the host argument leads to command injection. This issue can be exploited remotely. The vendor was...

WordPress Wanderland Theme <= 1.7.1 is vulnerable to Local File Inclusion

Software Wanderland Type Theme Vulnerable versions = 1.7.1 Fixed in 1.7.2 OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2025-39467 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID cc767e365da0 Credits Bonds Required privilege Unauthenticated...

CVE-2025-3548 Open Asset Import Library Assimp File types.h Set heap-based overflow

A vulnerability, which was classified as critical, has been found in Open Asset Import Library Assimp up to 5.4.3. This issue affects the function aiString::Set in the library include/assimp/types.h of the component File Handler. The manipulation leads to heap-based buffer overflow. It is possibl...

PT-2025-15611 · Adobe · After Effects

Name of the Vulnerable Software and Affected Versions: After Effects versions 25.1, 24.6.4 and earlier Description: The issue is an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR...

WordPress Internal Link Optimiser plugin <= 5.1.2 - Settings Change vulnerability

Settings Change vulnerability discovered by Mika in WordPress Plugin Internal Link Optimiser versions = 5.1.2...

PT-2025-15300 · Unknown · 1000 Projects Human Resource Management System

Name of the Vulnerable Software and Affected Versions: 1000 Projects Human Resource Management System version 1.0 Description: A critical issue was found in the Human Resource Management System, affecting an unknown function of the file /controller/employee.php. The manipulation of the email...

PT-2025-15096 · Sourcecodester · Sourcecodester Apartment Visitor Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Apartment Visitor Management System version 1.0 Description: A critical issue has been discovered, affecting an unknown functionality of the file /forgotpw.php. The manipulation of the secode argument leads to SQL injection. Th...

PT-2025-15114 · Unknown · Codeprojects Online Restaurant Management System

Name of the Vulnerable Software and Affected Versions: codeprojects Online Restaurant Management System version 1.0 Description: A critical issue was found in the codeprojects Online Restaurant Management System. The problem affects an unknown function of the file /admin/assign save.php...

PT-2025-15103 · Unknown · Codeprojects Online Restaurant Management System

Name of the Vulnerable Software and Affected Versions: codeprojects Online Restaurant Management System version 1.0 Description: A critical issue has been found in the codeprojects Online Restaurant Management System, affecting the processing of the file /payment save.php. The manipulation of the...

PT-2025-15108 · Unknown · Codeprojects Online Restaurant Management System

Name of the Vulnerable Software and Affected Versions: codeprojects Online Restaurant Management System version 1.0 Description: A critical vulnerability has been found in the codeprojects Online Restaurant Management System. The issue affects an unknown function of the file /admin/user save.php...

PT-2025-14904 · Unknown · Elunez Eladmin

Name of the Vulnerable Software and Affected Versions: elunez eladmin version 2.7 Description: A problematic issue has been found in the Maintenance Management Module, affecting some unknown functionality of the file "/api/database/testConnect". This issue leads to deserialization and can be...

WordPress Vehica Core plugin <= 1.0.97 - Authenticated (Subscriber+) Privilege Escalation vulnerability

Authenticated Subscriber+ Privilege Escalation vulnerability discovered by Alyudin Nafiie in WordPress Plugin Vehica Core versions = 1.0.97...

CVE-2025-3160

CVE-2025-3160 affects Open Asset Import Library Assimp 5.4.3. The vulnerability is in Assimp::SceneCombiner::AddNodeHashes (code/Common/SceneCombiner.cpp), causing an out-of-bounds read. Local attack required; exploit disclosed publicly. The patch reference is a0993658f40d8e13ff5823990c30b43c82a5...

PT-2025-14585

Name of the Vulnerable Software and Affected Versions PHPGurukul Bus Pass Management System version 1.0 Description A critical issue was found in the PHPGurukul Bus Pass Management System, affecting an unknown part of the file /view-pass-detail.php. The manipulation of the viewid argument leads t...

PT-2025-14724 · Assimp +2 · Assimp +2

Name of the Vulnerable Software and Affected Versions: Open Asset Import Library Assimp version 5.4.3 Description: A critical issue has been found in the Open Asset Import Library Assimp, affecting the function Assimp::LWO::AnimResolver::UpdateAnimRangeSetup in the file...

CVE-2025-2591

A vulnerability classified as problematic was found in Open Asset Import Library Assimp 5.4.3. This vulnerability affects the function MDLImporter::InternReadFileQuake1 of the file code/AssetLib/MDL/MDLLoader.cpp. The manipulation of the argument skinwidth/skinheight leads to divide by zero. The...

PT-2025-12444 · Sourcecodester · Sourcecodester Kortex Lite Advocate Office Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Kortex Lite Advocate Office Management System version 1.0 Description: A critical issue was found in the system, affecting an unknown part of the file activate reg.php. The manipulation of the ID argument leads to SQL injection...

Security Bulletin: IBM Support for Hyperledger Fabric is vulnerable to CVE-2025-25283

Summary parse-duration-1.1.0.tgz is used by IBM Support for Hyperledger Fabric Console. Vulnerability Details CVEID:CVE-2025-25283 DESCRIPTION: parse-duraton is software that allows users to convert a human readable duration to milliseconds. Versions prior to 2.1.3 are vulnerable to an event loop...