4.8
CVE-2025-15214 - Campcodes Park Ticketing System admin_class.php save_pricing cross site scripting
A vulnerability was found in Campcodes Park Ticketing System 1.0. The impacted element is the function save_pricing of the file admin_class.php. The manipulation of the argument name/ride results in cross site scripting. The attack may be performed from remote. The exploit has been made public and β¦
7.5
CVE-2025-69235 -
Whale browser before 4.35.351.12 allows an attacker to bypass the Same-Origin Policy in a sidebar environment.
9.1
CVE-2025-69234 -
Whale browser before 4.35.351.12 allows an attacker to escape the iframe sandbox in a sidebar environment.
5.3
CVE-2025-15213 - code-projects Student File Management System File Download download.php improper authorization
A vulnerability has been found in code-projects Student File Management System 1.0. The affected element is an unknown function of the file /download.php of the component File Download Handler. The manipulation of the argument store_id leads to improper authorization. The attack is possible to be cβ¦
7.7
CVE-2025-69217 - Coturn has unsafe nonce and relay port randomization due to weak random number generation.
coturn is a free open source implementation of TURN and STUN Server. Versions 4.6.2r5 through 4.7.0-r4 have a bad random number generator for nonces and port randomization after refactoring. Additionally, random numbers aren't generated with openssl's RAND_bytes but libc's random() (if it's not runβ¦
5.3
CVE-2025-15212 - code-projects Refugee Food Management System regfood.php sql injection
A vulnerability was detected in code-projects Refugee Food Management System 1.0. This issue affects some unknown processing of the file /home/regfood.php. Performing manipulation of the argument a results in sql injection. Remote exploitation of the attack is possible. The exploit is now public anβ¦
5.3
CVE-2025-15211 - code-projects Refugee Food Management System refugee.php sql injection
A flaw has been found in code-projects Refugee Food Management System 1.0. Impacted is an unknown function of the file /home/refugee.php. Executing manipulation of the argument refNo/Fname/Lname/sex/age/contact/nationality_nid can lead to sql injection. The attack can be executed remotely. The explβ¦
5.5
CVE-2023-54313 - ovl: fix null pointer dereference in ovl_get_acl_rcu()
In the Linux kernel, the following vulnerability has been resolved: ovl: fix null pointer dereference in ovl_get_acl_rcu() Following process: P1 P2 path_openat link_path_walk may_lookup inode_permission(rcu) ovl_permission acl_permission_check β¦
5.5
CVE-2023-54312 - samples/bpf: Fix buffer overflow in tcp_basertt
In the Linux kernel, the following vulnerability has been resolved: samples/bpf: Fix buffer overflow in tcp_basertt Using sizeof(nv) or strlen(nv)+1 is correct.
5.5
CVE-2023-54311 - ext4: fix deadlock when converting an inline directory in nojournal mode
In the Linux kernel, the following vulnerability has been resolved: ext4: fix deadlock when converting an inline directory in nojournal mode In no journal mode, ext4_finish_convert_inline_dir() can self-deadlock by calling ext4_handle_dirty_dirblock() when it already has taken the directory lock.β¦