5.5
CVE-2025-29476 -
Buffer Overflow vulnerability in compress_chunk_fuzzer with oss-fuzz on commit 16450518afddcb3139de627157208e49bfef6987 in c-blosc2 v.2.17.0 and before.
9.8
CVE-2025-28146 -
Edimax AC1200 Wave 2 Dual-Band Gigabit Router BR-6478AC V3 1.0.15 was discovered to contain a command injection vulnerability via fota_url in /boafrm/formLtefotaUpgradeQuectel
5.5
CVE-2025-29477 -
An issue in fluent-bit v.3.7.2 allows a local attacker to cause a denial of service via the function consume_event.
8.8
CVE-2025-25000 - Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
Access of resource using incompatible type ('type confusion') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.
6.9
CVE-2025-3186 - projectworlds Online Doctor Appointment Booking System invoice.php sql injection
A vulnerability was found in projectworlds Online Doctor Appointment Booking System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /patient/invoice.php. The manipulation of the argument appid leads to sql injection. The attack can be laβ¦
6.9
CVE-2025-3185 - projectworlds Online Doctor Appointment Booking System patientupdateprofile.php sql injection
A vulnerability was found in projectworlds Online Doctor Appointment Booking System 1.0. It has been classified as critical. Affected is an unknown function of the file /patient/patientupdateprofile.php. The manipulation of the argument patientFirstName leads to sql injection. It is possible to lauβ¦
6.9
CVE-2025-3184 - projectworlds Online Doctor Appointment Booking System profile.php sql injection
A vulnerability was found in projectworlds Online Doctor Appointment Booking System 1.0 and classified as critical. This issue affects some unknown processing of the file /patient/profile.php?patientId=1. The manipulation of the argument patientFirstName leads to sql injection. The attack may be inβ¦
4.3
CVE-2025-0278 - An internal path disclosure vulnerability affects HCL Traveler
HCL Traveler is affected by an internal path disclosure in a Windows application when the application inadvertently reveals internal file paths, in error messages, debug logs, or responses to user requests.
7.4
CVE-2025-30370 - jupyterlab-git has a command injection vulnerability in "Open Git Repository in Terminal"
jupyterlab-git is a JupyterLab extension for version control using Git. On many platforms, a third party can create a Git repository under a name that includes a shell command substitution string in the syntax $(<command>). These directory names are allowed in macOS and a majority of Linux distribuβ¦
6.9
CVE-2025-3183 - projectworlds Online Doctor Appointment Booking System patientupdateprofile.php sql injection
A vulnerability has been found in projectworlds Online Doctor Appointment Booking System 1.0 and classified as critical. This vulnerability affects unknown code of the file /patient/patientupdateprofile.php. The manipulation of the argument patientFirstName leads to sql injection. The attack can beβ¦