9.1
CVE-2025-29312 -
An issue in onos v2.7.0 allows attackers to trigger unexpected behavior within a device connected to a legacy switch via changing the link type from indirect to direct.
6
CVE-2024-55279 -
Uguu through 1.8.9 allows Cross Site Scripting (XSS) via JavaScript in XML files.
7.1
CVE-2025-30112 -
On 70mai Dash Cam 1S devices, by connecting directly to the dashcam's network and accessing the API on port 80 and RTSP on port 554, an attacker can bypass the device authorization mechanism from the official mobile app that requires a user to physically press on the power button during a connectioβ¦
7.5
CVE-2025-29311 -
Limited secret space in LLDP packets used in onos v2.7.0 allows attackers to obtain the private key via a bruteforce attack. Attackers are able to leverage this vulnerability into creating crafted LLDP packets.
5.1
CVE-2025-2673 - code-projects Payroll Management System home_employee.php cross site scripting
A vulnerability classified as problematic has been found in code-projects Payroll Management System 1.0. Affected is an unknown function of the file /home_employee.php. The manipulation of the argument division leads to cross site scripting. It is possible to launch the attack remotely. The exploitβ¦
5.3
CVE-2025-2672 - code-projects Payroll Management System add_deductions.php sql injection
A vulnerability was found in code-projects Payroll Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /add_deductions.php. The manipulation of the argument bir leads to sql injection. The attack may be initiated remotely. The exploit has beeβ¦
5.4
CVE-2018-25109 - Nintendo Animal Crossing Letter Trigram ac-exploit-gc memory corruption
A vulnerability has been found in Nintendo Animal Crossing, Doubutsu no Mori+ and Doubutsu no Mori e+ 1.00/1.01 on GameCube and classified as critical. Affected by this vulnerability is an unknown functionality of the component Letter Trigram Handler. The manipulation leads to memory corruption. Itβ¦
5.3
CVE-2025-2671 - Yue Lao Blind Box ζθη²η Upload.php base64image unrestricted upload
A vulnerability was found in Yue Lao Blind Box ζθη²η up to 4.0. It has been declared as critical. This vulnerability affects the function base64image of the file /app/controller/Upload.php. The manipulation of the argument data leads to unrestricted upload. The attack can be initiated remotely. The β¦
6.9
CVE-2025-2665 - PHPGurukul Online Security Guards Hiring System bwdates-reports-details.php sql injection
A vulnerability was found in PHPGurukul Online Security Guards Hiring System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/bwdates-reports-details.php. The manipulation of the argument fromdate/todate leads to sql injection. It is possible to initiate the β¦
5.1
CVE-2025-2664 - CodeZips Hospital Management System suadpeted.php sql injection
A vulnerability was found in CodeZips Hospital Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /suadpeted.php. The manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit has been disβ¦