2286 matches found
CVE-2025-48523
In onCreate of SelectAccountActivity.java, there is a possible way to add contacts without permission due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2025-48523
In onCreate of SelectAccountActivity.java, there is a possible way to add contacts without permission due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2025-48523
In onCreate of SelectAccountActivity.java, there is a possible way to add contacts without permission due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2025-48523
In onCreate of SelectAccountActivity.java, there is a possible way to add contacts without permission due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2025-48523
In onCreate of SelectAccountActivity.java, there is a possible way to add contacts without permission due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2025-48523
In onCreate of SelectAccountActivity.java, there is a possible way to add contacts without permission due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2025-48523
CVE-2025-48523 targets Android: the issue occurs in onCreate of SelectAccountActivity.java and allows adding contacts without the required permission due to a logic error. This enables local escalation of privilege with no additional execution privileges and without user interaction. Impact is de...
Miscompilation of `i8x16.swizzle` and `select` with v128 inputs in Wasmtime
...
Linux Distros Unpatched Vulnerability : CVE-2016-6233
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The 1 order and 2 group methods in ZendDbSelect in the Zend Framework before 1.12.19 might allow remote attackers to conduct SQL injection attacks via vectors...
CVE-2025-9689
A vulnerability was detected in SourceCodester Advanced School Management System 1.0. The impacted element is an unknown function of the file /index.php/stock/itemselect. The manipulation of the argument q results in sql injection. It is possible to launch the attack remotely. The exploit is now...
ASB-A-388032224
In onCreate of SelectAccountActivity.java, there is a possible way to add contacts without permission due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2025-9412
A vulnerability was detected in lostvip-com ruoyi-go up to 2.1. This affects the function SelectListByPage of the file modules/system/dao/DictDataDao.go. The manipulation of the argument orderByColumn/isAsc results in sql injection. The attack can be launched remotely. The exploit is now public a...
CVE-2025-9411
A security vulnerability has been detected in lostvip-com ruoyi-go up to 2.1. The impacted element is the function SelectPageList of the file modules/system/service/LoginInforService.go. The manipulation of the argument isAsc leads to sql injection. The attack can be initiated remotely. The explo...
CVE-2025-9689 SourceCodester Advanced School Management System item_select sql injection
A vulnerability was detected in SourceCodester Advanced School Management System 1.0. The impacted element is an unknown function of the file /index.php/stock/itemselect. The manipulation of the argument q results in sql injection. It is possible to launch the attack remotely. The exploit is now...
CVE-2025-9689 SourceCodester Advanced School Management System item_select sql injection
A vulnerability was detected in SourceCodester Advanced School Management System 1.0. The impacted element is an unknown function of the file /index.php/stock/itemselect. The manipulation of the argument q results in sql injection. It is possible to launch the attack remotely. The exploit is now...
CVE-2025-9689
The CVE-2025-9689 entry concerns SourceCodester Advanced School Management System 1.0. The vulnerability is located in an unknown function of the file /index.php/stock/item_select, where manipulation of the q parameter results in SQL injection. It is exploitable remotely and exploits are publicly...
SourceCodester Advanced School Management System 安全漏洞
SourceCodester Advanced School Management System is an advanced school management system from SourceCodester open source. A security vulnerability exists in SourceCodester Advanced School Management System version 1.0, which originates from a SQL injection due to a misbehavior of parameter q in...
PT-2025-35359
Name of the Vulnerable Software and Affected Versions: SourceCodester Advanced School Management System version 1.0 Description: A SQL injection issue exists in SourceCodester Advanced School Management System 1.0. The vulnerability is located in an unknown function within the /index.php/stock/it...
Linux Distros Unpatched Vulnerability : CVE-2022-32209
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Possible XSS Vulnerability in Rails::Html::SanitizerThere is a possible XSS vulnerability with certain configurations of Rails::Html::Sanitizer.This vulnerabili...
CVE-2025-9413
A flaw has been found in lostvip-com ruoyi-go up to 2.1. This impacts the function SelectListByPage of the file modules/system/systemrouter.go. This manipulation of the argument orderByColumn/isAsc causes sql injection. The attack may be initiated remotely. The exploit has been published and may ...