CVE-2025-6099

A vulnerability was found in szluyu99 gin-vue-blog up to 61dd11ccd296e8642a318ada3ef7b3f7776d2410. It has been declared as critical. This vulnerability affects unknown code of the file gin-blog-server/internal/manager.go of the component PATCH Request Handler. The manipulation leads to improper...

PT-2025-25353 · Aveva · Aveva Pi Data Archive

Name of the Vulnerable Software and Affected Versions: AVEVA PI Data Archive products affected versions not specified Description: The issue concerns an uncaught exception that could be exploited by an authenticated user to shut down necessary subsystems of the AVEVA PI Data Archive, resulting in...

CVE-2025-46840

Adobe Experience Manager versions 6.5.22 and earlier are affected by an Improper Authorization vulnerability that could result in Privilege escalation. A low privileged attacker could leverage this vulnerability to bypass security measures and gain unauthorized access. Exploitation of this issue...

CVE-2025-38000

A flaw was found in the HFSC queueing discipline implementation in the Linux kernel. When a packet is enqueued and the child qdisc's peek function is called before properly updating the HFSC queue's length and backlog counters, a race condition can occur. In some cases, the peek operation may...

PT-2025-23902 · Radare2 · Radare2

Name of the Vulnerable Software and Affected Versions: Radare2 version 5.9.9 Description: A vulnerability has been found in the function r cons flush in the library /libr/cons/cons.c of the component radiff2. The manipulation of the argument -T leads to use after free. Local access is required to...

CVE-2024-48224

Funadmin v5.0.2 has an arbitrary file read vulnerability in /curd/index/editfile...

CVE-2023-23469

IBM ICP4A - Automation Decision Services 18.0.0, 18.0.1, 18.0.2, 19.0.1, 19.0.2, 19.0.3, 20.0.1, 20.0.2, 20.0.3, 21.0.1, 21.0.2, 21.0.3, 22.0.1, and 22.0.2 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 244504...

CVE-2023-34371

Cross-Site Request Forgery CSRF vulnerability in Didier Sampaolo SpamReferrerBlock plugin = 2.22 versions...

CVE-2022-20602

Product: AndroidVersions: Android kernelAndroid ID: A-211081867References: N/A...

CVE-2021-2125

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. The supported version that is affected is Prior to 6.1.18. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromis...

CVE-2020-1188

An elevation of privilege vulnerability exists when the Windows State Repository Service improperly handles objects in memory, aka 'Windows State Repository Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1124, CVE-2020-1131, CVE-2020-1134, CVE-2020-1144,...

CVE-2025-3937

Use of Password Hash With Insufficient Computational Effort vulnerability in Tridium Niagara Framework on Windows, Linux, QNX, Tridium Niagara Enterprise Security on Windows, Linux, QNX allows Cryptanalysis. This issue affects Niagara Framework: before 4.14.2, before 4.15.1, before 4.10.11; Niaga...

CVE-2018-11937

Lack of input validation before copying can lead to a buffer over read in WLAN function in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA6574AU, QCS605, SD 425, SD 427, SD 43...

CVE-2014-125040

A vulnerability was found in stevejagodzinski DevNewsAggregator. It has been rated as critical. Affected by this issue is the function getByName of the file php/dataaccess/RemoteHtmlContentDataAccess.php. The manipulation of the argument name leads to sql injection. The name of the patch is...

CVE-2006-6893

Tor allows remote attackers to discover the IP address of a hidden service by accessing this service at a high rate, thereby changing the server's CPU temperature and consequently changing the pattern of time values visible through 1 ICMP timestamps, 2 TCP sequence numbers, and 3 TCP timestamps, ...

CVE-2025-37912

No description is available for this CVE...

CVE-2025-37958

No description is available for this CVE...

CVE-2025-37908

No description is available for this CVE...

Security Bulletin: AIX/VIOS is affected by a denial of service (CVE-2024-8176) due to Python

Summary Vulnerability in Python could allow a remote attacker to cause a denial of service CVE-2024-8176. Python is used by AIX as part of Ansible node management automation. Vulnerability Details CVEID:CVE-2024-8176 DESCRIPTION: A stack overflow vulnerability exists in the libexpat library due t...

Vehicle Record Management System profile.php file cross-site scripting vulnerability

Vehicle Record Management System is a vehicle record management system. Vehicle Record Management System suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the name, email, and mobile parameters in...