9.8
CVE-2025-70149 -
CodeAstro Membership Management System 1.0 is vulnerable to SQL Injection in print_membership_card.php via the ID parameter.
8.8
CVE-2025-70151 -
code-projects Scholars Tracking System 1.0 allows an authenticated attacker to achieve remote code execution via unrestricted file upload. The endpoints update_profile_picture.php and upload_picture.php store uploaded files in a web-accessible uploads/ directory using the original, user-supplied fiβ¦
9.8
CVE-2025-70152 -
code-projects Community Project Scholars Tracking System 1.0 is vulnerable to SQL Injection in the admin user management endpoints /admin/save_user.php and /admin/update_user.php. These endpoints lack authentication checks and directly concatenate user-supplied POST parameters (firstname, lastname,β¦
7.8
CVE-2026-23222 - crypto: omap - Allocate OMAP_CRYPTO_FORCE_COPY scatterlists correctly
In the Linux kernel, the following vulnerability has been resolved: crypto: omap - Allocate OMAP_CRYPTO_FORCE_COPY scatterlists correctly The existing allocation of scatterlists in omap_crypto_copy_sg_lists() was allocating an array of scatterlist pointers, not scatterlist objects, resulting in aβ¦
6.5
CVE-2025-70063 -
The 'Medical History' module in PHPGurukul Hospital Management System v4.0 contains an Insecure Direct Object Reference (IDOR) vulnerability. The application fails to verify that the requested 'viewid' parameter belongs to the currently authenticated patient. This allows a user to access the confidβ¦
0.0
CVE-2025-71228 - kernel: LoongArch: Set correct protection_map[] for VM_NONE/VM_SHARED
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
5.5
CVE-2025-71226 - kernel: wifi: iwlwifi: Implement settime64 as stub for MVM/MLD PTP
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
7.8
CVE-2026-23223 - xfs: fix UAF in xchk_btree_check_block_owner
In the Linux kernel, the following vulnerability has been resolved: xfs: fix UAF in xchk_btree_check_block_owner We cannot dereference bs->cur when trying to determine if bs->cur aliases bs->sc->sa.{bno,rmap}_cur after the latter has been freed. Fix this by sampling before type before any freeingβ¦
6.5
CVE-2025-70062 -
PHPGurukul Hospital Management System v4.0 contains a Cross-Site Request Forgery (CSRF) vulnerability in the 'Add Doctor' module. The application fails to enforce CSRF token validation on the add-doctor.php endpoint. This allows remote attackers to create arbitrary Doctor accounts (privileged usersβ¦
5.5
CVE-2026-23219 - mm/slab: Add alloc_tagging_slab_free_hook for memcg_alloc_abort_single
In the Linux kernel, the following vulnerability has been resolved: mm/slab: Add alloc_tagging_slab_free_hook for memcg_alloc_abort_single When CONFIG_MEM_ALLOC_PROFILING_DEBUG is enabled, the following warning may be noticed: [ 3959.023862] ------------[ cut here ]------------ [ 3959.023891] alβ¦