6.9
CVE-2025-14212 - projectworlds Advanced Library Management System member_search.php sql injection
A flaw has been found in projectworlds Advanced Library Management System 1.0. Affected by this issue is some unknown functionality of the file /member_search.php. Executing a manipulation of the argument roll_number can lead to sql injection. The attack may be launched remotely. The exploit has beβ¦
6.9
CVE-2025-14211 - projectworlds Advanced Library Management System delete_book.php sql injection
A vulnerability was detected in projectworlds Advanced Library Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /delete_book.php. Performing a manipulation of the argument book_id results in sql injection. The attack may be initiated remotely. The exploiβ¦
6.9
CVE-2025-14210 - projectworlds Advanced Library Management System delete_member.php sql injection
A security vulnerability has been detected in projectworlds Advanced Library Management System 1.0. Affected is an unknown function of the file /delete_member.php. Such manipulation of the argument user_id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed pβ¦
6.9
CVE-2025-14209 - Campcodes School File Management System update_query.php sql injection
A weakness has been identified in Campcodes School File Management System 1.0. This impacts an unknown function of the file /update_query.php. This manipulation of the argument stud_id causes sql injection. The attack can be initiated remotely. The exploit has been made available to the public and β¦
5.3
CVE-2025-14208 - D-Link DIR-823X set_wan_settings sub_415028 command injection
A security flaw has been discovered in D-Link DIR-823X up to 20250416. This affects the function sub_415028 of the file /goform/set_wan_settings. The manipulation of the argument ppp_username results in command injection. It is possible to launch the attack remotely. The exploit has been released tβ¦
6.9
CVE-2025-14207 - tushar-2223 Hotel-Management-System invoiceprint.php sql injection
A vulnerability was identified in tushar-2223 Hotel-Management-System up to bb1f3b3666124b888f1e4bcf51b6fba9fbb01d15. The impacted element is an unknown function of the file /admin/invoiceprint.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack reβ¦
6.9
CVE-2025-14206 - SourceCodester Online Student Clearance System Fee Table delete-fee.php improper authorization
A vulnerability was determined in SourceCodester Online Student Clearance System 1.0. The affected element is an unknown function of the file /Admin/delete-fee.php of the component Fee Table Handler. Executing manipulation of the argument ID can lead to improper authorization. The attack may be perβ¦
5.5
CVE-2022-50619 - drm/amdkfd: Fix memory leak in kfd_mem_dmamap_userptr()
In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix memory leak in kfd_mem_dmamap_userptr() If the number of pages from the userptr BO differs from the SG BO then the allocated memory for the SG table doesn't get freed before returning -EINVAL, which may lead to a β¦
5.5
CVE-2022-50622 - ext4: fix potential memory leak in ext4_fc_record_modified_inode()
In the Linux kernel, the following vulnerability has been resolved: ext4: fix potential memory leak in ext4_fc_record_modified_inode() As krealloc may return NULL, in this case 'state->fc_modified_inodes' may not be freed by krealloc, but 'state->fc_modified_inodes' already set NULL. Then will leβ¦
7.0
CVE-2025-40312 - jfs: Verify inode mode when loading from disk
In the Linux kernel, the following vulnerability has been resolved: jfs: Verify inode mode when loading from disk The inode mode loaded from corrupted disk can be invalid. Do like what commit 0a9e74051313 ("isofs: Verify inode mode when loading from disk") does.