5.5

CVSS3.1

CVE-2025-70305 -

A stack overflow in the dmx_saf function of GPAC v2.4.0 allows attackers to cause a Denial of Service (DoS) via a crafted .saf file.

πŸ“… Published: Jan. 15, 2026, midnight πŸ”„ Last Modified: Jan. 23, 2026, 5:35 p.m.

5.5

CVSS3.1

CVE-2025-70309 -

A stack overflow in the pcmreframe_flush_packet function of GPAC v2.4.0 allows attackers to cause a Denial of Service (DoS) via a crafted WAV file.

πŸ“… Published: Jan. 15, 2026, midnight πŸ”„ Last Modified: Jan. 23, 2026, 5:34 p.m.

7.5

CVSS3.1

CVE-2025-70307 -

A stack overflow in the dump_ttxt_sample function of GPAC v2.4.0 allows attackers to cause a Denial of Service (DoS) via a crafted packet.

πŸ“… Published: Jan. 15, 2026, midnight πŸ”„ Last Modified: Jan. 30, 2026, 5:58 p.m.

7.3

CVSS3.1

CVE-2025-67246 -

A local information disclosure vulnerability exists in the Ludashi driver before 5.1025 due to a lack of access control in the IOCTL handler. This driver exposes a device interface accessible to a normal user and handles attacker-controlled structures containing the lower 4GB of physical addresses.…

πŸ“… Published: Jan. 15, 2026, midnight πŸ”„ Last Modified: Jan. 23, 2026, 6:03 p.m.

4.9

CVSS3.1

CVE-2025-67081 -

An SQL injection vulnerability in Itflow through 25.06 has been identified in the "role_id" parameter when editing a profile. An attacker with admin account can exploit this issue via blind SQL injection, allowing for the extraction of arbitrary data from the database. The vulnerability arises from…

πŸ“… Published: Jan. 15, 2026, midnight πŸ”„ Last Modified: Jan. 23, 2026, 6:35 p.m.

7.5

CVSS3.1

CVE-2025-70304 -

A buffer overflow in the vobsub_get_subpic_duration() function of GPAC v2.4.0 allows attackers to cause a Denial of Service (DoS) via a crafted packet.

πŸ“… Published: Jan. 15, 2026, midnight πŸ”„ Last Modified: Jan. 23, 2026, 5:36 p.m.

7.5

CVSS3.1

CVE-2024-48077 -

An issue in nanomq v0.22.7 allows attackers to cause a Denial of Service (DoS) via a crafted request. The number of data packets received in the recv-q queue of the Nanomq process continues to increase, causing the nanomq broker to fall into a deadlock and be unable to provide normal services.

πŸ“… Published: Jan. 15, 2026, midnight πŸ”„ Last Modified: Jan. 23, 2026, 7:06 p.m.

8.8

CVSS3.1

CVE-2025-70893 -

A time-based blind SQL Injection vulnerability exists in PHPGurukul Cyber Cafe Management System v1.0 within the adminprofile.php endpoint. The application fails to properly sanitize user-supplied input provided via the adminname parameter, allowing authenticated attackers to inject arbitrary SQL e…

πŸ“… Published: Jan. 15, 2026, midnight πŸ”„ Last Modified: Jan. 22, 2026, 4 p.m.

2.9

CVSS3.1

CVE-2026-0992 - Libxml2: libxml2: denial of service via crafted xml catalogs

A flaw was found in the libxml2 library. This uncontrolled resource consumption vulnerability occurs when processing XML catalogs that contain repeated <nextCatalog> elements pointing to the same downstream catalog. A remote attacker can exploit this by supplying crafted catalogs, causing the parse…

πŸ“… Published: Jan. 15, 2026, midnight πŸ”„ Last Modified: Jan. 16, 2026, 3:55 p.m.

6.1

CVSS3.1

CVE-2025-70891 -

A stored cross-site scripting (XSS) vulnerability exists in Phpgurukul Cyber Cafe Management System v1.0 within the user management module. The application does not properly sanitize or encode user-supplied input submitted via the uadd parameter in the add-users.php endpoint. An authenticated attac…

πŸ“… Published: Jan. 15, 2026, midnight πŸ”„ Last Modified: Jan. 22, 2026, 4:01 p.m.
Total resulsts: 330542
Page 270 of 33,055
Β« previous page Β» next page
Filters