CVE-2025-3565 huanfenz/code-projects StudentManager Announcement Management Section uploadArticle.do unrestricted upload

A vulnerability classified as critical was found in huanfenz/code-projects StudentManager 1.0. This vulnerability affects unknown code of the file /upload/uploadArticle.do of the component Announcement Management Section. The manipulation of the argument File leads to unrestricted upload. The...

PT-2025-16216 · Huanfenz/Code Projects · Studentmanager

Name of the Vulnerable Software and Affected Versions: huanfenz/code-projects StudentManager version 1.0 Description: A critical issue was found in the Announcement Management Section of the software, specifically affecting the /upload/uploadArticle.do file. The manipulation of the File argument...

Vulnerability of the iwl_uefi_reduce_powerSection() function in the drivers/net/wireless/intel/iwlwifi/fw/uefi.c module – A driver for supporting Intel wireless connection adapters in Linux operating systems, which allows a hacker to cause a service failure

Vulnerability of the iwluefireducepowerSection function in the drivers/net/wireless/intel/iwlwifi/fw/uefi.c module – The driver for Intel wireless connection adapters in Linux operating systems is vulnerable to errors in its code. Exploiting this vulnerability could allow an attacker to cause a...

Security Bulletin: Multiple vulnerabilities disclosed in Netty affect IBM SPSS Analytic Server

Summary Multiple vulnerabilities disclosed in Netty affect IBM SPSS Analytic Server CVE-2025-24970, CVE-2025-25193. These have been addressed in the remediation section. Vulnerability Details CVEID:CVE-2025-24970 DESCRIPTION: Netty, an asynchronous, event-driven network application framework, has...

CVE-2025-21952

In the Linux kernel, the following vulnerability has been resolved: HID: corsair-void: Update power supply values with a unified work handler corsairvoidprocessreceiver can be called from an interrupt context, locking batterymutex in it was causing a kernel panic. Fix it by moving the critical...

CVE-2025-31465

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in cornershop Better Section Navigation Widget better-section-navigation allows Stored XSS.This issue affects Better Section Navigation Widget: from n/a through = 1.6.1...

DEBIAN-CVE-2025-2914

A vulnerability classified as problematic has been found in HDF5 up to 1.14.6. This affects the function H5FSsinfoSrializeSctcb of the file src/H5FScache.c. The manipulation of the argument sect leads to heap-based buffer overflow. Local access is required to approach this attack. The exploit has...

WordPress Better Section Navigation Widget plugin <= 1.6.1 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by muhammad yudha in WordPress Plugin Better Section Navigation Widget versions = 1.6.1...

CVE-2025-31465

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in cornershop Better Section Navigation Widget better-section-navigation allows Stored XSS.This issue affects Better Section Navigation Widget: from n/a through = 1.6.1...

CVE-2025-31465 WordPress Better Section Navigation Widget <= 1.6.1 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in cornershop Better Section Navigation Widget allows Stored XSS. This issue affects Better Section Navigation Widget: from n/a through 1.6.1...

CVE-2025-31465 WordPress Better Section Navigation Widget plugin <= 1.6.1 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in cornershop Better Section Navigation Widget better-section-navigation allows Stored XSS.This issue affects Better Section Navigation Widget: from n/a through = 1.6.1...

CVE-2025-31465

CVE-2025-31465 affects the WordPress plugin Better Section Navigation (versions

PT-2025-13475 · Undefined · Undefined

Name of the Vulnerable Software and Affected Versions: Volmarg Personal Management System version 1.4.65 Description: A stored cross-site scripting XSS issue in the Image Upload section allows authenticated attackers to execute arbitrary web scripts or HTML by injecting a crafted payload into the...

WordPress plugin Better Section Navigation Widget 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exist...

SUSE CVE-2025-2754

A vulnerability was found in Open Asset Import Library Assimp 5.4.3. It has been declared as critical. Affected by this vulnerability is the function Assimp::AC3DImporter::ConvertObjectSection of the file code/AssetLib/AC/ACLoader.cpp of the component AC3D File Handler. The manipulation of the...

Discourse: Application Level DoS - Large Markdown Payload in Reply Section Leading to Resource Exhaustion

A Denial of Service DoS vulnerability was identified in the reply section of the web application. Submitting an excessively large markup payload approximately 800,000 characters resulted in the server taking 30 seconds to respond before returning an HTTP/2 502 Bad Gateway error, indicating...

DEBIAN-CVE-2025-2756

A vulnerability classified as critical has been found in Open Asset Import Library Assimp 5.4.3. This affects the function Assimp::AC3DImporter::ConvertObjectSection of the file code/AssetLib/AC/ACLoader.cpp of the component AC3D File Handler. The manipulation of the argument tmp leads to...

PYSEC-2025-166

A vulnerability was found in Open Asset Import Library Assimp 5.4.3. It has been rated as critical. Affected by this issue is the function Assimp::AC3DImporter::ConvertObjectSection of the file code/AssetLib/AC/ACLoader.cpp of the component AC3D File Handler. The manipulation of the argument...

DEBIAN-CVE-2025-2754

A vulnerability was found in Open Asset Import Library Assimp 5.4.3. It has been declared as critical. Affected by this vulnerability is the function Assimp::AC3DImporter::ConvertObjectSection of the file code/AssetLib/AC/ACLoader.cpp of the component AC3D File Handler. The manipulation of the...

UBUNTU-CVE-2025-2755

A vulnerability was found in Open Asset Import Library Assimp 5.4.3. It has been rated as critical. Affected by this issue is the function Assimp::AC3DImporter::ConvertObjectSection of the file code/AssetLib/AC/ACLoader.cpp of the component AC3D File Handler. The manipulation of the argument...