7.8
CVE-2025-40114 - iio: light: Add check for array bounds in veml6075_read_int_time_ms
In the Linux kernel, the following vulnerability has been resolved: iio: light: Add check for array bounds in veml6075_read_int_time_ms The array contains only 5 elements, but the index calculated by veml6075_read_int_time_index can range from 0 to 7, which could lead to out-of-bounds access. Theβ¦
5.5
CVE-2024-57493 -
An issue in redoxOS relibc before commit 98aa4ea5 allows a local attacker to cause a denial of service via the setsockopt function.
9.8
CVE-2025-28238 -
Improper session management in Elber REBLE310 Firmware v5.5.1.R , Equipment Model: REBLE310/RX10/4ASI allows attackers to execute a session hijacking attack.
6.8
CVE-2025-25984 -
An issue in Macro-video Technologies Co.,Ltd V380E6_C1 IP camera (Hw_HsAKPIQp_WF_XHR) 1020302 allows a physically proximate attacker to execute arbitrary code via UART component.
9.8
CVE-2025-29058 -
An issue in Qimou CMS v.3.34.0 allows a remote attacker to execute arbitrary code via the upgrade.php component.
8.6
CVE-2025-3246 - Markdown math block sanitization bypass allows privilege escalation and unauthorized workflow triggβ¦
An improper neutralization of input vulnerability was identified in GitHub Enterprise Server that allowed cross-site scripting in GitHub Markdown that used `$$..$$` math blocks. Exploitation required access to the target GitHub Enterprise Server instance and privileged user interaction with the maβ¦
7.1
CVE-2025-3509 - Pre-Receive Hook Remote Code Execution vulnerability was identified in GitHub Enterprise Server thaβ¦
A Remote Code Execution (RCE) vulnerability was identified in GitHub Enterprise Server that allowed attackers to execute arbitrary code by exploiting the pre-receive hook functionality, potentially leading to privilege escalation and system compromise. The vulnerability involves using dynamically aβ¦
5.3
CVE-2025-3124 - Missing Authorization vulnerability was identified in GitHub Enterprise Server that allowed unauthoβ¦
A missing authorization vulnerability was identified in GitHub Enterprise Server that allowed a user to see the names of private repositories that they wouldn't otherwise have access to in the Security Overview in GitHub Advanced Security. The Security Overview was required to be filtered only usinβ¦
2.5
CVE-2024-42178 - HCL MyXalytics is affected by a failure to restrict URL access vulnerability
HCL MyXalytics is affected by a failure to restrict URL access vulnerability. Unauthenticated users might gain unauthorized access to potentially confidential information, creating a risk of misuse, manipulation, or unauthorized distribution.
5.3
CVE-2025-3765 - SourceCodester Web-based Pharmacy Product Management System edit-photo.php unrestricted upload
A vulnerability, which was classified as critical, has been found in SourceCodester Web-based Pharmacy Product Management System 1.0. This issue affects some unknown processing of the file /edit-photo.php. The manipulation of the argument Avatar leads to unrestricted upload. The attack may be initiβ¦