8.5
CVE-2025-30420 - Out of Bounds Read in Bitmap::InternalDraw() in NI Circuit Design Suite
There is a memory corruption vulnerability due to an out of bounds read in Bitmap::InternalDraw() when using the SymbolEditor in NI Circuit Design Suite. Β This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user β¦
8.5
CVE-2025-30419 - Out of Bounds Read in GetSymbolBorderRectSize() in NI Circuit Design Suite
There is a memory corruption vulnerability due to an out of bounds read in GetSymbolBorderRectSize() when using the SymbolEditor in NI Circuit Design Suite. Β This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a usβ¦
5.6
CVE-2025-1647 - XSS in Bootstrap title attribute for Tooltip and Popover
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Bootstrap allows Cross-Site Scripting (XSS).This issue affects Bootstrap: from 3.4.1 before 4.0.0.
8.5
CVE-2025-30418 - Out of Bounds Write in CheckPins() in NI Circuit Design Suite
There is a memory corruption vulnerability due to an out of bounds write in CheckPins() when using the SymbolEditor in NI Circuit Design Suite. Β This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a β¦
8.5
CVE-2025-30417 - Out of Bounds Write in Library!DecodeBase64() in NI Circuit Design Suite
There is a memory corruption vulnerability due to an out of bounds write inΒ Library!DecodeBase64() when using the SymbolEditor in NI Circuit Design Suite. Β This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a useβ¦
6.9
CVE-2025-4705 - PHPGurukul Vehicle Parking Management System view-incomingvehicle-detail.php sql injection
A vulnerability was found in PHPGurukul Vehicle Parking Management System 1.13. It has been classified as critical. This affects an unknown part of the file /admin/view-incomingvehicle-detail.php. The manipulation of the argument viewid leads to sql injection. It is possible to initiate the attack β¦
5.5
CVE-2025-3440 - IBM Security Guardium cross-site scripting
IBM Security Guardium 11.5 is vulnerable to stored cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
6.9
CVE-2025-4704 - PHPGurukul Vehicle Parking Management System edit-category.php sql injection
A vulnerability was found in PHPGurukul Vehicle Parking Management System 1.13 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/edit-category.php. The manipulation of the argument editid leads to sql injection. The attack may be launched remotely. β¦
6.9
CVE-2025-4703 - PHPGurukul Vehicle Parking Management System admin-profile.php sql injection
A vulnerability has been found in PHPGurukul Vehicle Parking Management System 1.13 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/admin-profile.php. The manipulation of the argument contactnumber leads to sql injection. The attack can be lβ¦
2.7
CVE-2025-2570 - System Admin Cannot Access Environment settings in System Console While System Manager Can
Mattermost versions 10.5.x <= 10.5.3, 9.11.x <= 9.11.11 fail to check `RestrictSystemAdmin` setting if user doesn't have access to `ExperimentalSettings` which allows a System Manager to access `ExperimentSettings` when `RestrictSystemAdmin` is true via System Console.