CVE-2025-14214 itsourcecode Student Information System section_edit1.php sql injection

A vulnerability has been found in itsourcecode Student Information System 1.0. This affects an unknown part of the file /sectionedit1.php. The manipulation of the argument ID leads to sql injection. Remote exploitation of the attack is possible. The exploit has been disclosed to the public and ma...

EUVD-2025-201665

A vulnerability has been found in itsourcecode Student Information System 1.0. This affects an unknown part of the file /sectionedit1.php. The manipulation of the argument ID leads to sql injection. Remote exploitation of the attack is possible. The exploit has been disclosed to the public and ma...

CVE-2025-14214

CVE-2025-14214 affects itsourcecode Student Information System 1.0. The vulnerability is a SQL injection in the file /section_edit1.php caused by manipulation of the ID parameter. Remote exploitation is possible and exploits have been publicly disclosed. Multiple connected sources confirm the iss...

PT-2025-49504

Name of the Vulnerable Software and Affected Versions itsourcecode Student Information System version 1.0 Description A SQL injection issue exists in itsourcecode Student Information System 1.0. The issue is located in an unknown part of the file '/section edit1.php'. Manipulation of the ID...

WordPress Make Section & Column Clickable For Elementor plugin <= 2.4 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Mdr in WordPress Plugin Make Section & Column Clickable For Elementor versions = 2.4...

EUVD-2025-201407

NULL pointer dereference in TagSection.keys in python-apt on APT-based Linux systems allows a local attacker to cause a denial of service process crash via a crafted deb822 file with a malformed non-UTF-8 key...

CVE-2025-6966

NULL pointer dereference in TagSection.keys in python-apt on APT-based Linux systems allows a local attacker to cause a denial of service process crash via a crafted deb822 file with a malformed non-UTF-8 key...

CVE-2025-6966

NULL pointer dereference in TagSection.keys in python-apt on APT-based Linux systems allows a local attacker to cause a denial of service process crash via a crafted deb822 file with a malformed non-UTF-8 key...

CVE-2025-6966

NULL pointer dereference in TagSection.keys in python-apt on APT-based Linux systems allows a local attacker to cause a denial of service process crash via a crafted deb822 file with a malformed non-UTF-8 key...

Updated unbound packages fix security vulnerabilities

Possible domain hijacking via promiscuous records in the authority section. CVE-2025-11411. Previous fixes for CVE-2025-11411 released with Unbound 1.24.1 were not complete...

CVE-2025-54065 GZDoom engine allows arbitrary code execution via ZScript actor states

GZDoom is a feature centric port for all Doom engine games. GZDoom is an open source Doom engine. In versions 4.14.2 and earlier, ZScript actor state handling allows scripts to read arbitrary addresses, write constants into the JIT-compiled code section, and redirect control flow through crafted...

CLSA-2025-1764771100 Fix CVE(s): CVE-2019-1010180

SECURITY UPDATE: Buffer overflow when ELF section size is invalid - debian/patches/CVE-2019-1010180.patch: Skip processing invalid ELF sections - CVE-2019-1010180...

Sulu XSS Vulnerability (GHSA-255w-87rh-rg44)

Sulu is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:sulu:sulu"; if...

FreeBSD Security Advisory - FreeBSD-SA-25:10.unbound

FreeBSD Security Advisory - Promiscuous NS RRSets that complement DNS replies in the authority section can be used to trick resolvers to update their delegation information for the zone. Usually these RRSets are used to update the resolver's knowledge of the zone's name servers. If a malicious...

JLSEC-2025-285 LibTIFF 4.4.0 has an out-of-bounds read in writeSingleSection in tools/tiffcrop.c:7345, allowing att...

LibTIFF 4.4.0 has an out-of-bounds read in writeSingleSection in tools/tiffcrop.c:7345, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit e8131125...

JLSEC-2025-301 A flaw was found in tiffcrop, a program distributed by the libtiff package

A flaw was found in tiffcrop, a program distributed by the libtiff package. A specially crafted tiff file can lead to an out-of-bounds read in the extractImageSection function in tools/tiffcrop.c, resulting in a denial of service and limited information disclosure. This issue affects libtiff...

JLSEC-2025-314 A heap-buffer-overflow vulnerability was found in LibTIFF, in extractImageSection() at tools/tiffcro...

A heap-buffer-overflow vulnerability was found in LibTIFF, in extractImageSection at tools/tiffcrop.c:7916 and tools/tiffcrop.c:7801. This flaw allows attackers to cause a denial of service via a crafted tiff file...

kernel: net/sched: sch_qfq: Fix race condition on qfq_aggregate

In the Linux kernel, the following vulnerability has been resolved: net/sched: schqfq: Fix race condition on qfqaggregate A race condition can occur when 'agg' is modified in qfqchangeagg called during qfqenqueue while other threads access it concurrently. For example, qfqdumpclass may trigger a...

SUSE CVE-2025-40150

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid migrating empty section It reports a bug from device w/ zufs: F2FS-fs dm-64: Inconsistent segment 173822 type 1, 0 in SSA and SIT F2FS-fs dm-64: Stopped filesystem due to reason: 4 Thread A Thread B -...

CVE-2025-40150

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid migrating empty section It reports a bug from device w/ zufs: F2FS-fs dm-64: Inconsistent segment 173822 type 1, 0 in SSA and SIT F2FS-fs dm-64: Stopped filesystem due to reason: 4 Thread A Thread B -...