OpenEMR 信息泄露漏洞

OpenEMR is a set of open-source medical management systems developed by the OpenEMR community. This system can be used for medical practice management, electronic medical records, prescription writing, and medical billing applications. Versions of OpenEMR prior to 8.0.0 contained a vulnerability...

CVE-2023-53879

CVE-2023-53879 affects NVClient 5.0. A stack buffer overflow in the user configuration contact field allows an attacker to overwrite 846 bytes, causing a denial of service by crashing the application. Connected sources confirm the issue and describe the vulnerability consistently; no remediation ...

Online Ordering System user_contact.php File SQL Injection Vulnerability

Online Ordering System is an online ordering system. The Online Ordering System suffers from a SQL injection vulnerability that originates from the lack of validation of an externally entered SQL statement in the parameter Name in the file /usercontact.php. The vulnerability can be exploited by a...

EUVD-2025-201729

A weakness has been identified in code-projects Online Ordering System 1.0. The impacted element is an unknown function of the file /usercontact.php. This manipulation of the argument Name causes sql injection. It is possible to initiate the attack remotely. The exploit has been made available to...

CVE-2025-14250

A weakness has been identified in code-projects Online Ordering System 1.0. The impacted element is an unknown function of the file /usercontact.php. This manipulation of the argument Name causes sql injection. It is possible to initiate the attack remotely. The exploit has been made available to...

CVE-2025-14250

The CVE-2025-14250 entry corresponds to code-projects Online Ordering System 1.0 where the vulnerability originates in the /user_contact.php file, in the Name parameter. Multiple connected sources (CNVD-2026-00521, RH/CVE-2025-14250, CNNVD-202512-957, EUVD-2025-201729, NVD, CVELIST) describe a SQ...

CVE-2025-14250 code-projects Online Ordering System user_contact.php sql injection

A weakness has been identified in code-projects Online Ordering System 1.0. The impacted element is an unknown function of the file /usercontact.php. This manipulation of the argument Name causes sql injection. It is possible to initiate the attack remotely. The exploit has been made available to...

CVE-2025-14250 code-projects Online Ordering System user_contact.php sql injection

A weakness has been identified in code-projects Online Ordering System 1.0. The impacted element is an unknown function of the file /usercontact.php. This manipulation of the argument Name causes sql injection. It is possible to initiate the attack remotely. The exploit has been made available to...

Code-Projects Online Ordering System 安全漏洞

Online Ordering System is an online ordering system. The Online Ordering System suffers from a SQL injection vulnerability that originates from the lack of validation of an externally entered SQL statement in the parameter Name in the file /usercontact.php. The vulnerability can be exploited by a...

EUVD-2018-12666

Malware in sbrugna...

EUVD-2025-3652

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2021-27927

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Zabbix from 4.0.x before 4.0.28rc1, 5.0.0alpha1 before 5.0.10rc1, 5.2.x before 5.2.6rc1, and 5.4.0alpha1 before 5.4.0beta2, the CControllerAuthenticationUpda...

CVE-2025-24146

This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Sequoia 15.3, macOS Sonoma 14.7.3, macOS Ventura 13.7.3. Deleting a conversation in Messages may expose user contact information in system logging...

CVE-2020-0023

In setPhonebookAccessPermission of AdapterService.java, there is a possible disclosure of user contacts over bluetooth due to a missing permission check. This could lead to local information disclosure if a malicious app enables contacts over a bluetooth connection, with User execution privileges...

CVE-2018-20091

An SQL injection vulnerability was found in Cloudera Data Science Workbench CDSW 1.4.0 through 1.4.2. This would allow any authenticated user to run arbitrary queries against CDSW's internal database. The database contains user contact information, encrypted CDSW passwords in the case of local...

CVE-2025-30424

A logging issue was addressed with improved data redaction. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. Deleting a conversation in Messages may expose user contact information in system logging...

CVE-2025-30424

Summary: CVE-2025-30424 affects macOS logging related to Messages. The issue involves improper data redaction in system logs when deleting a conversation, potentially exposing user contact information. The root cause is a logging data handling problem that has been addressed with improved redacti...

Apple macOS 安全漏洞

Apple macOS is a specialized operating system developed for Mac computers by Apple USA. A security vulnerability exists in Apple macOS that stems from privacy concerns and could lead to accessing user contact information...

PT-2025-13960 · Apple · Apple Macos

Name of the Vulnerable Software and Affected Versions: macOS versions prior to 13.7.5 macOS Sequoia versions prior to 15.4 macOS Sonoma versions prior to 14.7.5 Description: A logging issue was addressed with improved data redaction. Deleting a conversation in Messages may expose user contact...

Apple macOS 安全漏洞

Apple macOS is a suite of specialized operating systems developed for Mac computers by Apple Inc. in the United States. A security vulnerability exists in Apple macOS Sequoia, which stems from insufficient logging and could lead to the exposure of user contact information when deleting Messages...