7.5

CVSS3.1

CVE-2024-47214 -

An issue was discovered in Iglu Server 0.13.0 and below. It is similar to CVE-2024-47212, but involves a different kind of malicious payload. As above, it can render Iglu Server completely unresponsive. If the operation of Iglu Server is not restored, event processing in the pipeline would eventual…

πŸ“… Published: April 3, 2025, midnight πŸ”„ Last Modified: April 10, 2025, 1:51 p.m.

9.8

CVSS3.1

CVE-2025-31161 -

CrushFTP 10 before 10.8.4 and 11 before 11.3.1 allows authentication bypass and takeover of the crushadmin account (unless a DMZ proxy instance is used), as exploited in the wild in March and April 2025, aka "Unauthenticated HTTP(S) port access." A race condition exists in the AWS4-HMAC (compatible…

πŸ“… Published: April 3, 2025, midnight πŸ”„ Last Modified: Oct. 31, 2025, 10:04 p.m.

7.4

CVSS3.1

CVE-2025-3155 - Yelp: arbitrary file read

A flaw was found in Yelp. The Gnome user help application allows the help document to execute arbitrary scripts. This vulnerability allows malicious users to input help documents, which may exfiltrate user files to an external environment.

πŸ“… Published: April 3, 2025, midnight πŸ”„ Last Modified: Nov. 11, 2025, 12:09 p.m.

5.5

CVSS3.1

CVE-2025-21997 - xsk: fix an integer overflow in xp_create_and_assign_umem()

In the Linux kernel, the following vulnerability has been resolved: xsk: fix an integer overflow in xp_create_and_assign_umem() Since the i and pool->chunk_size variables are of type 'u32', their product can wrap around and then be cast to 'u64'. This can lead to two different XDP buffers pointin…

πŸ“… Published: April 3, 2025, midnight πŸ”„ Last Modified: Nov. 3, 2025, 8:17 p.m.

9.8

CVSS3.1

CVE-2024-22611 -

OpenEMR 7.0.2 is vulnerable to SQL Injection via \openemr\library\classes\Pharmacy.class.php, \controllers\C_Pharmacy.class.php and \openemr\controller.php.

πŸ“… Published: April 3, 2025, midnight πŸ”„ Last Modified: April 8, 2025, 8:21 p.m.

5.5

CVSS3.1

CVE-2025-22007 - Bluetooth: Fix error code in chan_alloc_skb_cb()

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix error code in chan_alloc_skb_cb() The chan_alloc_skb_cb() function is supposed to return error pointers on error. Returning NULL will lead to a NULL dereference.

πŸ“… Published: April 3, 2025, midnight πŸ”„ Last Modified: Nov. 3, 2025, 8:17 p.m.

9.8

CVSS3.1

CVE-2025-22930 -

OS4ED openSIS v7.0 to v9.1 was discovered to contain a SQL injection vulnerability via the groupid parameter at /messaging/Group.php.

πŸ“… Published: April 3, 2025, midnight πŸ”„ Last Modified: April 29, 2025, 8 p.m.

7.8

CVSS3.1

CVE-2025-29570 -

An issue in Shenzhen Libituo Technology Co., Ltd LBT-T300-T400 v3.2 allows a local attacker to escalate privileges via the function tftp_image_check of a binary named rc.

πŸ“… Published: April 3, 2025, midnight πŸ”„ Last Modified: Aug. 20, 2025, 2:50 a.m.

9.8

CVSS3.1

CVE-2025-22929 -

OS4ED openSIS v7.0 to v9.1 was discovered to contain a SQL injection vulnerability via the filter_id parameter at /students/StudentFilters.php.

πŸ“… Published: April 3, 2025, midnight πŸ”„ Last Modified: April 29, 2025, 8:02 p.m.

9.8

CVSS3.1

CVE-2025-29647 -

SeaCMS v13.3 has a SQL injection vulnerability in the component admin_tempvideo.php.

πŸ“… Published: April 3, 2025, midnight πŸ”„ Last Modified: April 8, 2025, 8:15 p.m.
Total resulsts: 349182
Page 6043 of 34,919
Β« previous page Β» next page
Filters