6.9
CVE-2025-2656 - PHPGurukul Zoo Management System login.php sql injection
A vulnerability classified as critical has been found in PHPGurukul Zoo Management System 2.1. Affected is an unknown function of the file /admin/login.php. The manipulation of the argument Username leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosedβ¦
6.9
CVE-2025-2655 - SourceCodester AC Repair and Services System Users.php delete_users sql injection
A vulnerability was detected in SourceCodester AC Repair and Services System 1.0. The affected element is the function save_users/delete_users of the file /classes/Users.php. Performing manipulation of the argument ID results in sql injection. It is possible to initiate the attack remotely. The expβ¦
7.8
CVE-2025-29795 - Microsoft Edge (Chromium-based) Update Elevation of Privilege Vulnerability
Improper link resolution before file access ('link following') in Microsoft Edge (Chromium-based) allows an authorized attacker to elevate privileges locally.
6.5
CVE-2025-29806 - Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
No cwe for this issue in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.
6.9
CVE-2025-2654 - SourceCodester AC Repair and Services System manage_service.php sql injection
A vulnerability was found in SourceCodester AC Repair and Services System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/services/manage_service.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely.β¦
5.3
CVE-2025-2653 - FoxCMS improper authorization
A vulnerability was found in FoxCMS 1.25 and classified as problematic. Affected by this issue is some unknown functionality. The manipulation leads to improper authorization. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
5.5
CVE-2025-0927 - kernel: heap overflow in the hfs and hfsplus filesystems with manually crafted filesystem
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Filesystem bugs due to corrupt images are not considered a CVE for any filesystem that is only mountable by CAP_SYS_ADMIN in the initial user namespace. That includes delegated mounting.
6.9
CVE-2025-2652 - SourceCodester Employee and Visitor Gate Pass Logging System exposure of information through directβ¦
A vulnerability has been found in SourceCodester Employee and Visitor Gate Pass Logging System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to exposure of information through directory listing. The attack can be launched remotβ¦
6.9
CVE-2025-2651 - SourceCodester Online Eyewear Shop admin exposure of information through directory listing
A vulnerability, which was classified as problematic, was found in SourceCodester Online Eyewear Shop 1.0. Affected is an unknown function of the file /oews/admin/. The manipulation leads to exposure of information through directory listing. It is possible to launch the attack remotely. The exploitβ¦
8.8
CVE-2025-2691 -
Versions of the package nossrf before 1.0.4 are vulnerable to Server-Side Request Forgery (SSRF) where an attacker can provide a hostname that resolves to a local or reserved IP address space and bypass the SSRF protection mechanism.