6.9
CVE-2025-14337 - itsourcecode Student Management System new_grade.php sql injection
A vulnerability was determined in itsourcecode Student Management System 1.0. This affects an unknown part of the file /new_grade.php. This manipulation of the argument grade causes sql injection. The attack can be initiated remotely. The exploit has been publicly disclosed and may be utilized.
9.3
CVE-2025-64113 - Emby Server allows attackers to gain administrative server access without preconditions
Emby Server is a user-installable home media server. Versions below 4.9.1.81 allow an attacker to gain full administrative access to an Emby Server (for Emby Server administration, not at the OS level). Other than network access, no specific preconditions need to be fulfilled for a server to be vulβ¦
6.9
CVE-2025-14336 - itsourcecode Student Management System promote.php sql injection
A vulnerability was found in itsourcecode Student Management System 1.0. Affected by this issue is some unknown functionality of the file /promote.php. The manipulation of the argument sy results in sql injection. It is possible to launch the attack remotely. The exploit has been made public and coβ¦
6.9
CVE-2025-14335 - itsourcecode Student Management System new_school_year.php sql injection
A vulnerability has been found in itsourcecode Student Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /new_school_year.php. The manipulation of the argument sy leads to sql injection. It is possible to initiate the attack remotely. The exploit has beenβ¦
6.5
CVE-2025-9613 - CVE-2025-9613
A vulnerability was discovered in the PCI Express (PCIe) Integrity and Data Encryption (IDE) specification, where insufficient guidance on tag reuse after completion timeouts may allow multiple outstanding Non-Posted Requests to share the same tag. This tag aliasing condition can result in completiβ¦
6.5
CVE-2025-9614 - CVE-2025-9614
An issue was discovered in the PCI Express (PCIe) Integrity and Data Encryption (IDE) specification, where insufficient guidance on re-keying and stream flushing during device rebinding may allow stale write transactions from a previous security context to be processed in a new one. This can lead tβ¦
5.1
CVE-2025-9612 - CVE-2025-9612
An issue was discovered in the PCI Express (PCIe) Integrity and Data Encryption (IDE) specification, where insufficient guidance on Transaction Layer Packet (TLP) ordering and tag uniqueness may allow encrypted packets to be replayed or reordered without detection. This can enable local or physicalβ¦
6.9
CVE-2025-14334 - itsourcecode Student Management System new_adviser.php sql injection
A flaw has been found in itsourcecode Student Management System 1.0. Affected is an unknown function of the file /new_adviser.php. Executing manipulation of the argument Name can lead to sql injection. The attack may be performed from remote. The exploit has been published and may be used.
4.8
CVE-2025-11531 - HP System Event Utility and Omen Gaming Hub β Potential Arbitrary Code Execution
HP System Event Utility and Omen Gaming Hub might allow execution of certain files outside of their restricted paths. This potential vulnerability was remediated with HP System Event Utility version 3.2.12 and Omen Gaming Hub version 1101.2511.101.0.
9.3
CVE-2025-34414 - Entrust Instant Financial Issuance (IFI) Legacy Remoting Service .NET Remoting RCE
Entrust Instant Financial Issuance (IFI) On Premise software (formerly referred to as CardWizard) versions 5.x, prior to 6.10.5, and prior to 6.11.1 contain an insecure .NET Remoting exposure in the Legacy Remoting Service that is enabled by default. The service registers a TCP remoting channel witβ¦