5.5
CVE-2025-40325 - md/raid10: wait barrier before returning discard request with REQ_NOWAIT
In the Linux kernel, the following vulnerability has been resolved: md/raid10: wait barrier before returning discard request with REQ_NOWAIT raid10_handle_discard should wait barrier before returning a discard bio which has REQ_NOWAIT. And there is no need to print warning calltrace if a discard β¦
9.8
CVE-2025-28238 -
Improper session management in Elber REBLE310 Firmware v5.5.1.R , Equipment Model: REBLE310/RX10/4ASI allows attackers to execute a session hijacking attack.
6.8
CVE-2025-25984 -
An issue in Macro-video Technologies Co.,Ltd V380E6_C1 IP camera (Hw_HsAKPIQp_WF_XHR) 1020302 allows a physically proximate attacker to execute arbitrary code via UART component.
9.8
CVE-2025-29058 -
An issue in Qimou CMS v.3.34.0 allows a remote attacker to execute arbitrary code via the upgrade.php component.
8.6
CVE-2025-3246 - Markdown math block sanitization bypass allows privilege escalation and unauthorized workflow triggβ¦
An improper neutralization of input vulnerability was identified in GitHub Enterprise Server that allowed cross-site scripting in GitHub Markdown that used `$$..$$` math blocks. Exploitation required access to the target GitHub Enterprise Server instance and privileged user interaction with the maβ¦
7.1
CVE-2025-3509 - Pre-Receive Hook Remote Code Execution vulnerability was identified in GitHub Enterprise Server thaβ¦
A Remote Code Execution (RCE) vulnerability was identified in GitHub Enterprise Server that allowed attackers to execute arbitrary code by exploiting the pre-receive hook functionality, potentially leading to privilege escalation and system compromise. The vulnerability involves using dynamically aβ¦
5.3
CVE-2025-3124 - Missing Authorization vulnerability was identified in GitHub Enterprise Server that allowed unauthoβ¦
A missing authorization vulnerability was identified in GitHub Enterprise Server that allowed a user to see the names of private repositories that they wouldn't otherwise have access to in the Security Overview in GitHub Advanced Security. The Security Overview was required to be filtered only usinβ¦
2.5
CVE-2024-42178 - HCL MyXalytics is affected by a failure to restrict URL access vulnerability
HCL MyXalytics is affected by a failure to restrict URL access vulnerability. Unauthenticated users might gain unauthorized access to potentially confidential information, creating a risk of misuse, manipulation, or unauthorized distribution.
5.3
CVE-2025-3765 - SourceCodester Web-based Pharmacy Product Management System edit-photo.php unrestricted upload
A vulnerability, which was classified as critical, has been found in SourceCodester Web-based Pharmacy Product Management System 1.0. This issue affects some unknown processing of the file /edit-photo.php. The manipulation of the argument Avatar leads to unrestricted upload. The attack may be initiβ¦
5.3
CVE-2025-3764 - SourceCodester Web-based Pharmacy Product Management System edit-product.php unrestricted upload
A vulnerability classified as critical was found in SourceCodester Web-based Pharmacy Product Management System 1.0. This vulnerability affects unknown code of the file /edit-product.php. The manipulation of the argument Avatar leads to unrestricted upload. The attack can be initiated remotely. Theβ¦