Xlight FTP Server 安全漏洞

Xlight FTP Server is an FTP server software from Xlight open source. A security vulnerability exists in Xlight FTP Server version 3.9.3.6, which stems from a stack buffer overflow in the Execute Program configuration that could cause the application to crash...

PT-2025-51304

Name of the Vulnerable Software and Affected Versions Xlight FTP Server version 3.9.3.6 Description Xlight FTP Server 3.9.3.6 contains a stack buffer overflow issue in the 'Execute Program' configuration. An attacker can cause a denial of service by providing 294 characters to the program executi...

CVE-2025-14588

A security flaw has been discovered in itsourcecode Student Management System 1.0. This vulnerability affects unknown code of the file /updateprogram.php. Performing manipulation of the argument ID results in sql injection. The attack is possible to be carried out remotely. The exploit has been...

EUVD-2025-203259

A security flaw has been discovered in itsourcecode Student Management System 1.0. This vulnerability affects unknown code of the file /updateprogram.php. Performing manipulation of the argument ID results in sql injection. The attack is possible to be carried out remotely. The exploit has been...

CVE-2025-14588 itsourcecode Student Management System update_program.php sql injection

A security flaw has been discovered in itsourcecode Student Management System 1.0. This vulnerability affects unknown code of the file /updateprogram.php. Performing manipulation of the argument ID results in sql injection. The attack is possible to be carried out remotely. The exploit has been...

CVE-2025-14588

CVE-2025-14588 affects itsourcecode Student Management System 1.0. The vulnerable component is the file /update_program.php , where manipulation of the argument ID leads to a SQL injection . Exploitation is possible remotely, and public exploits have been released. The NVD/CNA metrics indicate hi...

PT-2025-51112

Name of the Vulnerable Software and Affected Versions itsourcecode Student Management System version 1.0 Description A security flaw exists in itsourcecode Student Management System 1.0. The issue affects unknown code within the /update program.php file and allows for SQL injection through...

PT-2025-51038

Name of the Vulnerable Software and Affected Versions Apple products affected versions not specified Description A permissions issue was identified and addressed through the implementation of additional restrictions. Recommendations At the moment, there is no information about a newer version tha...

OpenPLC_V3 (Update A)

RISK EVALUATION Successful exploitation of this vulnerability could result in the alteration of PLC settings or the upload of malicious programs. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability, such as: Minimize...

EUVD-2025-202117

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in trippleS Digiqole digiqole allows PHP Local File Inclusion.This issue affects Digiqole: from n/a through 2.2.7...

KB5074353: Security Update for Windows PowerShell (OS Build 20348.4467)

KB5074353: Security Update for Windows PowerShell OS Build 20348.4467 For information about Windows update terminology, see types of Windows updates and the monthly quality update types. To find an overview of Windows Server 2022, see the update history page for Windows Server 2022.Be sure to...

Schneider Electric EcoStruxure Foxboro DCS Advisor

GENERAL SECURITY RECOMMENDATIONS We strongly recommend the following industry cybersecurity best practices. Locate control and safety system networks and remote devices behind firewalls and isolate them from the business network. Install physical controls so no unauthorized personnel can access...

KB5074204: Security Update for Windows PowerShell (OS Builds 26100.7392 and 26200.7392)

KB5074204: Security Update for Windows PowerShell OS Builds 26100.7392 and 26200.7392 For information about Windows update terminology, see types of Windows updates and the monthly quality update types. To find an overview of Windows 11, see the update history pages for Windows 11, version 24H2 a...

CVE-2022-50654

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix panic due to wrong pageattr of im-image In the scenario where livepatch and kretfunc coexist, the pageattr of im-image is rox after archpreparebpftrampoline in bpftrampolineupdate, and then modifyfentry or registerfentry...

CVE-2025-14259

A vulnerability was found in Jihai Jshop MiniProgram Mall System 2.9.0. Affected by this issue is some unknown functionality of the file /index.php/api.html. The manipulation of the argument catid results in sql injection. The attack may be launched remotely. The exploit has been made public and...

CVE-2025-14259 Jihai Jshop MiniProgram Mall System api.html sql injection

A vulnerability was found in Jihai Jshop MiniProgram Mall System 2.9.0. Affected by this issue is some unknown functionality of the file /index.php/api.html. The manipulation of the argument catid results in sql injection. The attack may be launched remotely. The exploit has been made public and...

CVE-2025-65082 Apache HTTP Server: CGI environment variable override

Improper Neutralization of Escape, Meta, or Control Sequences vulnerability in Apache HTTP Server through environment variables set via the Apache configuration unexpectedly superseding variables calculated by the server for CGI programs. This issue affects Apache HTTP Server from 2.4.0 through...

Linux Distros Unpatched Vulnerability : CVE-2025-65407

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A use-after-free in the MPEG1or2Demux::newElementaryStream function of Live555 Streaming Media v2018.09.02 allows attackers to cause a Denial of Service DoS via...

PBFuzz: Agentic Directed Fuzzing for PoV Generation

Proof-of-Vulnerability PoV input generation is a critical task in software security and supports downstream applications such as path generation and validation. Generating a PoV input requires solving two sets of constraints: 1 reachability constraints for reaching vulnerable code locations, and ...

Moderate: Red Hat Security Advisory: systemd security update

An update for systemd is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...