110 matches found
CVE-2025-23248
creationtimestamp| type| source ---|---|--- 2025-09-24 18:52:48+00:00| seen| Telegram/VqUDLFvxCi1tZZNX6jAkSFBW6t89j1eZPUR1NSIY6RjLAOg...
CVE-2025-57971
creationtimestamp| type| source ---|---|--- 2025-09-24 15:52:47+00:00| seen| Telegram/Mf5ZzbFrwBc0zhQhV5HHZ9w0RKRuqK61Tvmq7zxG2kpvM...
PT-2025-39339
CVE-2025-00123 UNDER DEVELOPMENT - USE AT YOUR OWN RISK!!! Enhanced Incident Summary Report Executive Summary On September 18, 2025, a medium-severity incident Risk Score https://t.co/mYu56R5gA4...
CVE-2025-10663
CVE-2025-10663 affects PHPGurukul Online Course Registration 3.1, specifically the /my-profile.php cgpa parameter. The root cause is input manipulation that enables SQL injection, with a remote attack surface and a publicly disclosed exploit. Multiple sources confirm the vulnerability and its exp...
RHEL 8 : udisks2 (RHSA-2025:16121)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:16121 advisory. The Udisks project provides a daemon, tools, and libraries to access and manipulate disks, storage devices, and technologies. Security Fixes: udisks...
CVE-2025-54111
creationtimestamp| type| source ---|---|--- 2025-09-09 16:22:30+00:00| seen| https://advisories.ncsc.nl/advisory?id=NCSC-2025-0277 2025-09-09 17:06:15+00:00| seen| https://www.thezdi.com/blog/2025/9/9/the-september-2025-security-update-review...
CVE-2025-58454
creationtimestamp| type| source ---|---|--- 2025-09-09 01:28:43+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lyekwrqsb32h 2025-09-09 10:14:09+00:00| seen| https://gist.github.com/Darkcrai86/e3e15a376b16e1b5609b303224583ca3...
CVE-2025-39698
In the Linux kernel, the following vulnerability has been resolved: iouring/futex: ensure iofutexwait cleans up properly on failure The iofutexdata is allocated upfront and assigned to the iokiocb asyncdata field, but the request isn't marked with REQFASYNCDATA at that point. Those two should...
Foxit PDF Reader Buffer Overflow Vulnerability (CNVD-2025-27456)
Foxit PDF Reader is a Chinese Foxit Foxit company's a PDF reader. A security vulnerability exists in Foxit PDF Reader, which can be exploited by attackers to cause information leakage...
Linux Distros Unpatched Vulnerability : CVE-2025-37932
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - schhtb: make htbqlennotify idempotent htbqlennotify always deactivates the HTB class and in fact could trigger a warning if it is already deactivated. Therefore...
CVE-2025-9502 Campcodes Online Loan Management System ajax.php sql injection
A weakness has been identified in Campcodes Online Loan Management System 1.0. This impacts an unknown function of the file /ajax.php?action=savepayment. Executing manipulation of the argument loanid can lead to sql injection. The attack may be launched remotely. The exploit has been made availab...
CVE-2025-6737
Securden’s Unified PAM Remote Vendor Gateway access portal shares infrastructure and access tokens across multiple tenants. A malicious actor can obtain authentication material and access the gateway server with low-privilege permissions...
WordPress Accessibility Checker by Equalize Digital Plugin <= 1.30.0 - Insecure Direct Object References (IDOR) Vulnerability
Insecure Direct Object References IDOR Vulnerability discovered by n0arafatn0 in WordPress Plugin Accessibility Checker by Equalize Digital versions = 1.30.0...
WordPress Spacious Theme <= 1.9.11 is vulnerable to Broken Access Control
Software Spacious Type Theme Vulnerable versions = 1.9.11 Fixed in 1.9.12 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2025-9331 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID bca30fd3c674 Credits Dmitrii Ignatyev Required privilege...
CVE-2025-57754
creationtimestamp| type| source ---|---|--- 2025-08-21 18:18:47+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lwwkjgkgq227 2025-08-22 06:03:49+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3lwxrw3cuim24...
Photon OS 4.0: Linux PHSA-2025-4.0-0844
An update of the linux package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-4.0-0844. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
CVE-2025-38554
In the Linux kernel, the following vulnerability has been resolved: mm: fix a UAF when vma-mm is freed after vma-vmrefcnt got dropped By inducing delays in the right places, Jann Horn created a reproducer for a hard to hit UAF issue that became possible after VMAs were allowed to be recycled by...
WordPress Custom Comment plugin <= 2.1.6 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Nabil Irawan Patchstack Alliance in WordPress Plugin Custom Comment versions = 2.1.6...
CVE-2025-8972
A vulnerability was identified in itsourcecode Online Tour and Travel Management System 1.0. This issue affects some unknown processing of the file /admin/page-login.php. The manipulation of the argument email leads to sql injection. The attack may be initiated remotely. The exploit has been...
CVE-2025-9051
A vulnerability was determined in projectworlds Travel Management System 1.0. Affected by this issue is some unknown functionality of the file /updatecategory.php. The manipulation of the argument t1 leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to th...