9.8

CVSS3.1

CVE-2025-45065 -

employee record management system in php and mysql v1 was discovered to contain a SQL injection vulnerability via the loginerms.php endpoint.

πŸ“… Published: July 7, 2025, midnight πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

7.5

CVSS3.1

CVE-2025-26780 -

An issue was discovered in L2 in Samsung Mobile Processor and Modem Exynos 2400 and Modem 5400. The lack of a length check leads to a Denial of Service via a malformed PDCP packet.

πŸ“… Published: July 7, 2025, midnight πŸ”„ Last Modified: Oct. 27, 2025, 4:59 p.m.

9.8

CVSS3.1

CVE-2025-45479 -

Insufficient security mechanisms for created containers in educoder challenges v1.0 allow attackers to execute arbitrary code via injecting crafted content into a container.

πŸ“… Published: July 7, 2025, midnight πŸ”„ Last Modified: Oct. 10, 2025, 7:24 p.m.

6.1

CVSS3.1

CVE-2024-37658 -

An open redirect vulnerability in gnuboard5 v.5.5.16 allows a remote attacker to obtain sensitive information via the bbs/member_confirm.php.

πŸ“… Published: July 7, 2025, midnight πŸ”„ Last Modified: July 10, 2025, 9:20 p.m.

9.8

CVSS3.1

CVE-2024-25176 - luajit: From CVEorg collector

LuaJIT through 2.1 and OpenRusty luajit2 before v2.1-20240626 have a stack-buffer-overflow in lj_strfmt_wfnum in lj_strfmt_num.c.

πŸ“… Published: July 7, 2025, midnight πŸ”„ Last Modified: Nov. 3, 2025, 7:15 p.m.

9.8

CVSS3.1

CVE-2025-43931 -

flask-boilerplate through a170e7c allows account takeover via the password reset feature because SERVER_NAME is not configured and thus a reset depends on the Host HTTP header.

πŸ“… Published: July 7, 2025, midnight πŸ”„ Last Modified: April 15, 2026, 12:35 a.m.

6.3

CVSS4.0

CVE-2025-7099 - BoyunCMS Installation install2.php deserialization

A vulnerability has been found in BoyunCMS up to 1.21 on PHP7 and classified as critical. Affected by this vulnerability is an unknown functionality of the file install/install2.php of the component Installation Handler. The manipulation of the argument db_host leads to deserialization. The attack …

πŸ“… Published: July 6, 2025, 11:32 p.m. πŸ”„ Last Modified: Sept. 15, 2025, 5:37 p.m.

6.3

CVSS4.0

CVE-2025-7098 - Comodo Internet Security Premium File Name path traversal

A vulnerability, which was classified as critical, was found in Comodo Internet Security Premium 12.3.4.8162. Affected is an unknown function of the component File Name Handler. The manipulation of the argument name/folder leads to path traversal. It is possible to launch the attack remotely. The c…

πŸ“… Published: July 6, 2025, 11:02 p.m. πŸ”„ Last Modified: July 17, 2025, 8:28 p.m.

7.5

CVSS3.1

CVE-2025-3108 - Unsafe Deserialization in JsonPickleSerializer Enables Remote Code Execution in run-llama/llama_ind…

A critical deserialization vulnerability exists in the run-llama/llama_index library's JsonPickleSerializer component, affecting versions v0.12.27 through v0.12.40. This vulnerability allows remote code execution due to an insecure fallback to Python's pickle module. JsonPickleSerializer prioritize…

πŸ“… Published: July 6, 2025, 10:47 p.m. πŸ”„ Last Modified: July 30, 2025, 9:29 p.m.

9.2

CVSS4.0

CVE-2025-7097 - Comodo Internet Security Premium Manifest File cis_update_x64.xml os command injection

A vulnerability, which was classified as critical, has been found in Comodo Internet Security Premium 12.3.4.8162. This issue affects some unknown processing of the file cis_update_x64.xml of the component Manifest File Handler. The manipulation of the argument binary/params leads to os command inj…

πŸ“… Published: July 6, 2025, 10:32 p.m. πŸ”„ Last Modified: July 18, 2025, 3:11 p.m.
Total resulsts: 349182
Page 4776 of 34,919
Β« previous page Β» next page
Filters