7.5
CVE-2025-7370 - libsoup: libsoup null pointer dereference
Upon investigtion upstream maintainers discovered this was not a real issue. See the references for more details. See: https://gitlab.gnome.org/GNOME/libsoup/-/issues/430#note_2494090.
6.5
CVE-2025-29267 -
SQL Injection vulnerability in Abis, Inc Adjutant Core Accounting ERP build v.PreBeta250F allows a remote attacker to obtain a sensitive information via the cid parameter in the GET request.
7.8
CVE-2025-38236 - af_unix: Don't leave consecutive consumed OOB skbs.
In the Linux kernel, the following vulnerability has been resolved: af_unix: Don't leave consecutive consumed OOB skbs. Jann Horn reported a use-after-free in unix_stream_read_generic(). The following sequences reproduce the issue: $ python3 from socket import * s1, s2 = socketpair(AF_UNIβ¦
5.5
CVE-2025-38237 - media: platform: exynos4-is: Add hardware sync wait to fimc_is_hw_change_mode()
In the Linux kernel, the following vulnerability has been resolved: media: platform: exynos4-is: Add hardware sync wait to fimc_is_hw_change_mode() In fimc_is_hw_change_mode(), the function changes camera modes without waiting for hardware completion, risking corrupted data or system hangs if subβ¦
5.3
CVE-2025-7152 - Campcodes Advanced Online Voting System candidates_add.php unrestricted upload
A vulnerability classified as critical has been found in Campcodes Advanced Online Voting System 1.0. Affected is an unknown function of the file /admin/candidates_add.php. The manipulation of the argument photo leads to unrestricted upload. It is possible to launch the attack remotely. The exploitβ¦
5.3
CVE-2025-7151 - Campcodes Advanced Online Voting System voters_add.php unrestricted upload
A vulnerability was found in Campcodes Advanced Online Voting System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/voters_add.php. The manipulation of the argument photo leads to unrestricted upload. The attack may be initiated remotely. The exploβ¦
5.3
CVE-2025-7150 - Campcodes Advanced Online Voting System voters_delete.php sql injection
A vulnerability was found in Campcodes Advanced Online Voting System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/voters_delete.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit hasβ¦
5.3
CVE-2025-7149 - Campcodes Advanced Online Voting System candidates_delete.php sql injection
A vulnerability was found in Campcodes Advanced Online Voting System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/candidates_delete.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploiβ¦
5.1
CVE-2025-7148 - CodeAstro Simple Hospital Management System POST Parameter patient.html cross site scripting
A vulnerability was found in CodeAstro Simple Hospital Management System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /patient.html of the component POST Parameter Handler. The manipulation leads to cross site scripting. The attack may be launcβ¦
6.9
CVE-2025-7147 - CodeAstro Patient Record Management System login.php sql injection
A vulnerability has been found in CodeAstro Patient Record Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /login.php. The manipulation of the argument uname leads to sql injection. The attack can be launched remotely. The expβ¦