5.3
CVE-2025-3406 - Nothings stb Header Array stbhw_build_tileset_from_image out-of-bounds
A vulnerability was found in Nothings stb up to f056911. It has been classified as problematic. Affected is the function stbhw_build_tileset_from_image of the component Header Array Handler. The manipulation of the argument w leads to out-of-bounds read. It is possible to launch the attack remotelyβ¦
5.3
CVE-2025-3405 - FCJ Venture Builder appclientefiel HTTP GET Request ObterPedido resource injection
A vulnerability was found in FCJ Venture Builder appclientefiel 3.0.27. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /rest/cliente/ObterPedido/ of the component HTTP GET Request Handler. The manipulation of the argument ORDER_ID leads tβ¦
5.1
CVE-2025-3403 - Vivotek NVR ND8422P/NVR ND9525P/NVR ND9541P HTML Form sensitive information in source
A vulnerability was found in Vivotek NVR ND8422P, NVR ND9525P and NVR ND9541P 2.4.0.204/3.3.0.104/4.2.0.101. It has been classified as problematic. Affected is an unknown function of the component HTML Form Handler. The manipulation leads to inclusion of sensitive information in source code. It is β¦
5.3
CVE-2025-3402 - Seeyon Zhiyuan Interconnect FE Collaborative Office Platform check.js%70 sql injection
A vulnerability was found in Seeyon Zhiyuan Interconnect FE Collaborative Office Platform 5.5.2 and classified as critical. This issue affects some unknown processing of the file /sysform/042/check.js%70. The manipulation of the argument Name leads to sql injection. The attack may be initiated remoβ¦
6.9
CVE-2025-3401 - ESAFENET CDG getLimitIPList.jsp sql injection
A vulnerability has been found in ESAFENET CDG 5.6.3.154.205_20250114 and classified as critical. This vulnerability affects unknown code of the file /parameter/getLimitIPList.jsp. The manipulation of the argument noticeId leads to sql injection. The attack can be initiated remotely. The exploit haβ¦
0.0
CVE-2025-3441 -
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
6.7
CVE-2025-3364 - HGiga PowerStation - Chroot Escape
The SSH service of PowerStation from HGiga has a Chroot Escape vulnerability, allowing attackers with root privileges to bypass chroot restrictions and access the entire file system.
9.8
CVE-2025-3363 - HGiga iSherlock - OS Command Injection
The web service of iSherlock from HGiga has an OS Command Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary OS commands and execute them on the server.
9.8
CVE-2025-3362 - HGiga iSherlock - OS Command Injection
The web service of iSherlock from HGiga has an OS Command Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary OS commands and execute them on the server.
6.9
CVE-2025-3400 - ESAFENET CDG UnChkMailApplication.jsp sql injection
A vulnerability, which was classified as critical, was found in ESAFENET CDG 5.6.3.154.205_20250114. This affects an unknown part of the file /client/UnChkMailApplication.jsp. The manipulation of the argument typename leads to sql injection. It is possible to initiate the attack remotely. The exploβ¦