5.3
CVE-2025-6122 - code-projects Restaurant Order System table.php sql injection
A vulnerability, which was classified as critical, was found in code-projects Restaurant Order System 1.0. This affects an unknown part of the file /table.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed β¦
9.3
CVE-2025-6121 - D-Link DIR-632 HTTP POST Request get_pure_content stack-based overflow
A vulnerability, which was classified as critical, has been found in D-Link DIR-632 FW103B08. Affected by this issue is the function get_pure_content of the component HTTP POST Request Handler. The manipulation of the argument Content-Length leads to stack-based buffer overflow. The attack may be lβ¦
8.5
CVE-2025-5689 - Improper Permission Management in SSH Session Handling
A flaw was found in the temporary user record that authd uses in the pre-auth NSS. As a result, a user login for the first time will be considered to be part of the root group in the context of that SSH session.
4.8
CVE-2025-6120 - Open Asset Import Library Assimp HL1MDLLoader.cpp read_meshes heap-based overflow
A vulnerability classified as critical was found in Open Asset Import Library Assimp up to 5.4.3. Affected by this vulnerability is the function read_meshes in the library assimp/code/AssetLib/MDL/HalfLife/HL1MDLLoader.cpp. The manipulation leads to heap-based buffer overflow. It is possible to lauβ¦
3.8
CVE-2025-24388 - Unsafe handling of AJAX calls
A vulnerability in the OTRS Admin Interface and Agent Interface (versions before OTRS 8) allow parameter injection due to for an autheniticated agent or admin user. This issue affects: * OTRS 7.0.X * OTRS 8.0.X * OTRS 2023.X * OTRS 2024.X * OTRS 2025.X * ((OTRS)) Community Edβ¦
5.7
CVE-2025-46710 -
Possible kernel exceptions caused by reading and writing kernel heap data after free.
9.1
CVE-2025-40916 - Mojolicious::Plugin::CaptchaPNG version 1.05 for Perl uses a weak random number source for generatiβ¦
Mojolicious::Plugin::CaptchaPNG version 1.05 for Perl uses a weak random number source for generating the captcha. That version uses the built-in rand() function for generating the captcha text as well as image noise, which is insecure.
4.8
CVE-2025-4748 - Absolute path traversal in zip:unzip/1,2
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Erlang OTP (stdlib modules) allows Absolute Path Traversal, File Manipulation. This vulnerability is associated with program files lib/stdlib/src/zip.erl and program routines zip:unzip/1, zip:unzip/2, ziβ¦
9.8
CVE-2025-47869 - Apache NuttX RTOS: examples/xmlrpc: Fix calls buffers size.
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability was discovered in Apache NuttX RTOS apps/exapmles/xmlrpc application. In this example application device stats structure that stored remotely provided parameters had hardcoded buffer size which could lead to buffeβ¦
4.8
CVE-2025-6119 - Open Asset Import Library Assimp BVHLoader.cpp ReadNodeChannels use after free
A vulnerability classified as critical has been found in Open Asset Import Library Assimp up to 5.4.3. Affected is the function Assimp::BVHLoader::ReadNodeChannels in the library assimp/code/AssetLib/BVH/BVHLoader.cpp. The manipulation of the argument pNode leads to use after free. Attacking locallβ¦