5.3
CVE-2025-11530 - code-projects Online Complaint Site state.php sql injection
A weakness has been identified in code-projects Online Complaint Site 1.0. Affected is an unknown function of the file /cms/admin/state.php. This manipulation of the argument state causes sql injection. The attack is possible to be carried out remotely. The exploit has been made available to the puโฆ
8.8
CVE-2025-6038 - Lisfinity Core - Lisfinity Core plugin used for pebasยฎ Lisfinity WordPress theme <= 1.4.0 - Authentโฆ
The Lisfinity Core - Lisfinity Core plugin used for pebasยฎ Lisfinity WordPress theme plugin for WordPress is vulnerable to privilege escalation via password update in all versions up to, and including, 1.4.0. This is due to the plugin not properly validating a user's identity prior to updating theiโฆ
7.8
CVE-2025-47355 - Out-of-bounds Write in DSP Service
Memory corruption while invoking remote procedure IOCTL calls.
7.8
CVE-2025-47354 - Use After Free in DSP Service
Memory corruption while allocating buffers in DSP service.
7.8
CVE-2025-47351 - Integer Overflow or Wraparound in DSP Service
Memory corruption while processing user buffers.
7.8
CVE-2025-47349 - Use of Out-of-range Pointer Offset in DSP Service
Memory corruption while processing an escape call.
7.8
CVE-2025-47347 - Stack-based Buffer Overflow in Automotive Software platform based on QNX
Memory corruption while processing control commands in the virtual memory management interface.
7.1
CVE-2025-47342 - Use After Free in BT Controller
Transient DOS may occur when multi-profile concurrency arises with QHS enabled.
7.8
CVE-2025-47341 - Buffer Copy Without Checking Size of Input in Camera
memory corruption while processing an image encoding completion event.
7.8
CVE-2025-47340 - Out-of-bounds Write in DSP Service
Memory corruption while processing IOCTL call to get the mapping.