7.1
CVE-2025-28398 -
D-LINK DI-8100 16.07.26A1 is vulnerable to Buffer Overflow in the ipsec_net_asp function via the remot_ip parameter.
7.1
CVE-2025-21973 - eth: bnxt: fix kernel panic in the bnxt_get_queue_stats{rx | tx}
In the Linux kernel, the following vulnerability has been resolved: eth: bnxt: fix kernel panic in the bnxt_get_queue_stats{rx | tx} When qstats-get operation is executed, callbacks of netdev_stats_ops are called. The bnxt_get_queue_stats{rx | tx} collect per-queue stats from sw_stats in the ringβ¦
5.9
CVE-2025-29036 -
An issue in hackathon-starter v.8.1.0 allows a remote attacker to escalate privileges via the user.js component.
7.8
CVE-2025-21928 - HID: intel-ish-hid: Fix use-after-free issue in ishtp_hid_remove()
In the Linux kernel, the following vulnerability has been resolved: HID: intel-ish-hid: Fix use-after-free issue in ishtp_hid_remove() The system can experience a random crash a few minutes after the driver is removed. This issue occurs due to improper handling of memory freeing in the ishtp_hid_β¦
5.5
CVE-2025-21965 - sched_ext: Validate prev_cpu in scx_bpf_select_cpu_dfl()
In the Linux kernel, the following vulnerability has been resolved: sched_ext: Validate prev_cpu in scx_bpf_select_cpu_dfl() If a BPF scheduler provides an invalid CPU (outside the nr_cpu_ids range) as prev_cpu to scx_bpf_select_cpu_dfl() it can cause a kernel crash. To prevent this, validate prβ¦
5.5
CVE-2025-21926 - net: gso: fix ownership in __udp_gso_segment
In the Linux kernel, the following vulnerability has been resolved: net: gso: fix ownership in __udp_gso_segment In __udp_gso_segment the skb destructor is removed before segmenting the skb but the socket reference is kept as-is. This is an issue if the original skb is later orphaned as we can hiβ¦
5.3
CVE-2025-3041 - Project Worlds Online Time Table Generator updatestudent.php unrestricted upload
A vulnerability classified as critical has been found in Project Worlds Online Time Table Generator 1.0. This affects an unknown part of the file /admin/updatestudent.php. The manipulation of the argument pic leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit β¦
5.3
CVE-2025-3040 - Project Worlds Online Time Table Generator add_student.php unrestricted upload
A vulnerability was found in Project Worlds Online Time Table Generator 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/add_student.php. The manipulation of the argument pic leads to unrestricted upload. The attack may be launched remotelyβ¦
5.3
CVE-2025-3039 - code-projects Payroll Management System add_employee.php sql injection
A vulnerability was found in code-projects Payroll Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /add_employee.php. The manipulation of the argument lname/fname leads to sql injection. It is possible to launch the attack remotely. The exploitβ¦
5.3
CVE-2025-3038 - code-projects Payroll Management System view_account.php sql injection
A vulnerability was found in code-projects Payroll Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /view_account.php. The manipulation of the argument salary_rate leads to sql injection. The attack may be initiated remotely. The exploit has bβ¦