4.3

CVSS3.1

CVE-2025-27795 -

ReadJXLImage in JXL in GraphicsMagick before 1.3.46 lacks image dimension resource limits.

πŸ“… Published: March 7, 2025, midnight πŸ”„ Last Modified: Jan. 29, 2026, 9:08 p.m.

6.4

CVSS3.1

CVE-2025-27826 -

An XSS issue was discovered in the Bootstrap Lite theme before 1.x-1.4.5 for Backdrop CMS. It doesn't sufficiently sanitize certain class names.

πŸ“… Published: March 7, 2025, midnight πŸ”„ Last Modified: March 7, 2025, 10:29 p.m.

6.4

CVSS3.1

CVE-2025-27824 -

An XSS issue was discovered in the Link iframe formatter module before 1.x-1.1.1 for Backdrop CMS. It doesn't sufficiently sanitize input before displaying results to the screen. This vulnerability is mitigated by the fact that an attacker must have the ability to create content containing an iFram…

πŸ“… Published: March 7, 2025, midnight πŸ”„ Last Modified: March 7, 2025, 10:30 p.m.

4.5

CVSS3.1

CVE-2025-27796 -

ReadWPGImage in WPG in GraphicsMagick before 1.3.46 mishandles palette buffer allocation, resulting in out-of-bounds access to heap memory in ReadBlob.

πŸ“… Published: March 7, 2025, midnight πŸ”„ Last Modified: Jan. 29, 2026, 8:56 p.m.

3.2

CVSS3.1

CVE-2025-27839 -

operations/attestation/AttestationTask.kt in the Tangem SDK before 5.18.3 for Android has a logic flow in offline wallet attestation (genuineness check) that causes verification results to be disregarded during the first scan of a card. Exploitation may not have been possible.

πŸ“… Published: March 7, 2025, midnight πŸ”„ Last Modified: March 10, 2025, 5:19 p.m.

5.5

CVSS3.1

CVE-2025-21838 - usb: gadget: core: flush gadget workqueue after device removal

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: core: flush gadget workqueue after device removal device_del() can lead to new work being scheduled in gadget->work workqueue. This is observed, for example, with the dwc3 driver with the following call stack: devi…

πŸ“… Published: March 7, 2025, midnight πŸ”„ Last Modified: Nov. 3, 2025, 8:17 p.m.

4.3

CVSS3.1

CVE-2025-25617 -

Incorrect Access Control in Unifiedtransform 2.X leads to Privilege Escalation allowing teachers to create syllabus.

πŸ“… Published: March 7, 2025, midnight πŸ”„ Last Modified: March 7, 2025, 6:15 p.m.

9.8

CVSS3.1

CVE-2024-42733 -

An issue in Docmosis Tornado v.2.9.7 and before allows a remote attacker to execute arbitrary code via a crafted script to the UNC path input

πŸ“… Published: March 7, 2025, midnight πŸ”„ Last Modified: June 23, 2025, 7:40 p.m.

6.8

CVSS3.1

CVE-2025-1121 -

Privilege escalation in Installer and Recovery image handling in Google ChromeOS version 15786.48.2 on device allows an attacker with physical access to gain root code execution and potentially unenroll enterprise-managed devices via a specially crafted recovery image.

πŸ“… Published: March 6, 2025, 11:49 p.m. πŸ”„ Last Modified: July 21, 2025, 4:57 p.m.

6.9

CVSS4.0

CVE-2025-2050 - PHPGurukul User Registration & Login and User Management System login.php sql injection

A vulnerability classified as critical was found in PHPGurukul User Registration & Login and User Management System 3.3. Affected by this vulnerability is an unknown functionality of the file /login.php. The manipulation of the argument email leads to sql injection. The attack can be launched remot…

πŸ“… Published: March 6, 2025, 11:31 p.m. πŸ”„ Last Modified: May 28, 2025, 3:04 p.m.
Total resulsts: 343970
Page 5904 of 34,397
Β« previous page Β» next page
Filters