6.9
CVE-2025-3138 - PHPGurukul Online Security Guards Hiring System edit-guard-detail.php sql injection
A vulnerability has been found in PHPGurukul Online Security Guards Hiring System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/edit-guard-detail.php. The manipulation of the argument editid leads to sql injection. The attack can be laβ¦
6.9
CVE-2025-3137 - PHPGurukul Online Security Guards Hiring System changeimage.php sql injection
A vulnerability, which was classified as critical, was found in PHPGurukul Online Security Guards Hiring System 1.0. Affected is an unknown function of the file /admin/changeimage.php. The manipulation of the argument editid leads to sql injection. It is possible to launch the attack remotely. The β¦
4.8
CVE-2025-3136 - PyTorch CUDACachingAllocator.cpp torch.cuda.memory.caching_allocator_delete memory corruption
A vulnerability, which was classified as problematic, has been found in PyTorch 2.6.0. This issue affects the function torch.cuda.memory.caching_allocator_delete of the file c10/cuda/CUDACachingAllocator.cpp. The manipulation leads to memory corruption. An attack has to be approached locally. The eβ¦
5.3
CVE-2025-3135 - fcba_zzm ics-park Smart Park Management System update sql injection
A vulnerability classified as critical was found in fcba_zzm ics-park Smart Park Management System 2.1. This vulnerability affects unknown code of the file /api/system/dept/update. The manipulation leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the pβ¦
5.3
CVE-2025-3134 - code-projects Payroll Management System add_overtime.php sql injection
A vulnerability classified as critical has been found in code-projects Payroll Management System 1.0. This affects an unknown part of the file /add_overtime.php. The manipulation of the argument rate leads to sql injection. It is possible to initiate the attack remotely. The exploit has been discloβ¦
5.1
CVE-2025-3153 - Concrete CMS version 9 below 9.4.0RC2 and versions below 8.5.20 - CSRF and XSS in Concrete CMS Custβ¦
Concrete CMS version 9 below 9.4.0RC2 and versions below 8.5.20 are vulnerable to CSRF and XSS in the Concrete CMS Address attribute because addresses are not properly sanitized in the output when a country is not specified.Β Attackers are limited to individuals whom a site administrator has granteβ¦
7.5
CVE-2025-32049 - Libsoup: denial of service attack to websocket server
A flaw was found in libsoup. The SoupWebsocketConnection may accept a large WebSocket message, which may cause libsoup to allocate memory and lead to a denial of service (DoS).
9.1
CVE-2025-22927 -
An issue in OS4ED openSIS v8.0 through v9.1 allows attackers to execute a directory traversal by sending a crafted POST request to /Modules.php?modname=messaging/Inbox.php&modfunc=save&filename.
7.8
CVE-2025-21999 - proc: fix UAF in proc_get_inode()
In the Linux kernel, the following vulnerability has been resolved: proc: fix UAF in proc_get_inode() Fix race between rmmod and /proc/XXX's inode instantiation. The bug is that pde->proc_ops don't belong to /proc, it belongs to a module, therefore dereferencing it after /proc entry has been regβ¦
6.5
CVE-2025-32053 - Libsoup: heap buffer overflows in sniff_feed_or_html() and skip_insignificant_space()
A flaw was found in libsoup. A vulnerability in sniff_feed_or_html() and skip_insignificant_space() functions may lead to a heap buffer over-read.