Total
304045 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-8500 | 2025-08-03 | 6.3 Medium | ||
| A vulnerability was found in code-projects Human Resource Integrated System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /insert-and-view/action.php. The manipulation of the argument content leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-8499 | 2025-08-03 | 7.3 High | ||
| A vulnerability was found in code-projects Online Medicine Guide 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /cusfindambulence2.php. The manipulation of the argument Search leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2023-6610 | 2 Linux, Redhat | 5 Linux Kernel, Enterprise Linux, Logging and 2 more | 2025-08-03 | 7.1 High |
| An out-of-bounds read vulnerability was found in smb2_dump_detail in fs/smb/client/smb2ops.c in the Linux Kernel. This issue could allow a local attacker to crash the system or leak internal kernel information. | ||||
| CVE-2023-4459 | 2 Linux, Redhat | 7 Linux Kernel, Enterprise Linux, Rhel Aus and 4 more | 2025-08-03 | 5.5 Medium |
| A NULL pointer dereference flaw was found in vmxnet3_rq_cleanup in drivers/net/vmxnet3/vmxnet3_drv.c in the networking sub-component in vmxnet3 in the Linux Kernel. This issue may allow a local attacker with normal user privilege to cause a denial of service due to a missing sanity check during cleanup. | ||||
| CVE-2025-8498 | 2025-08-03 | 7.3 High | ||
| A vulnerability was found in code-projects Online Medicine Guide 1.0. It has been classified as critical. This affects an unknown part of the file /cart/index.php. The manipulation of the argument uname leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-8497 | 2025-08-03 | 7.3 High | ||
| A vulnerability was found in code-projects Online Medicine Guide 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /cusfindphar2.php. The manipulation of the argument Search leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-8496 | 2025-08-03 | 7.3 High | ||
| A vulnerability has been found in projectworlds Online Admission System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /viewform.php. The manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-52133 | 2025-08-03 | 6.4 Medium | ||
| The Mocca Calendar application before 2.15 for XWiki allows XSS via a title upon calendar import. | ||||
| CVE-2025-52132 | 2025-08-03 | 6.4 Medium | ||
| The Mocca Calendar application before 2.15 for XWiki allows XSS via a title to the view event page. | ||||
| CVE-2025-52131 | 2025-08-03 | 6.4 Medium | ||
| The Mocca Calendar application before 2.15 for XWiki allows XSS via the background or text color field. | ||||
| CVE-2025-6035 | 1 Redhat | 1 Enterprise Linux | 2025-08-03 | 6.6 Medium |
| A flaw was found in GIMP. An integer overflow vulnerability exists in the GIMP "Despeckle" plug-in. The issue occurs due to unchecked multiplication of image dimensions, such as width, height, and bytes-per-pixel (img_bpp), which can result in allocating insufficient memory and subsequently performing out-of-bounds writes. This issue could lead to heap corruption, a potential denial of service (DoS), or arbitrary code execution in certain scenarios. | ||||
| CVE-2025-4574 | 1 Redhat | 7 Directory Server, Enterprise Linux, Openshift and 4 more | 2025-08-03 | 6.5 Medium |
| In crossbeam-channel rust crate, the internal `Channel` type's `Drop` method has a race condition which could, in some circumstances, lead to a double-free that could result in memory corruption. | ||||
| CVE-2025-8495 | 2025-08-03 | 7.3 High | ||
| A vulnerability, which was classified as critical, was found in code-projects Intern Membership Management System 1.0. Affected is an unknown function of the file /admin/edit_admin_query.php. The manipulation of the argument Username leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-54351 | 2025-08-03 | 8.9 High | ||
| In iperf before 3.19.1, net.c has a buffer overflow when --skip-rx-copy is used (for MSG_TRUNC in recv). | ||||
| CVE-2025-54350 | 2025-08-03 | 3.7 Low | ||
| In iperf before 3.19.1, iperf_auth.c has a Base64Decode assertion failure and application exit upon a malformed authentication attempt. | ||||
| CVE-2025-54349 | 2025-08-03 | 6.5 Medium | ||
| In iperf before 3.19.1, iperf_auth.c has an off-by-one error and resultant heap-based buffer overflow. | ||||
| CVE-2025-8494 | 2025-08-03 | 7.3 High | ||
| A vulnerability, which was classified as critical, has been found in code-projects Intern Membership Management System 1.0. This issue affects some unknown processing of the file /admin/delete_student.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-54955 | 2025-08-03 | 8.1 High | ||
| OpenNebula Community Edition (CE) before 7.0.0 and Enterprise Edition (EE) before 6.10.3 have a critical FireEdge race condition that can lead to full account takeover. By exploiting this, an unauthenticated attacker can obtain a valid JSON Web Token (JWT) belonging to a legitimate user without knowledge of their credentials. | ||||
| CVE-2025-8493 | 2025-08-02 | 7.3 High | ||
| A vulnerability classified as critical was found in code-projects Intern Membership Management System 1.0. This vulnerability affects unknown code of the file /admin/edit_student_query.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-23290 | 2025-08-02 | 2.5 Low | ||
| NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager, where a guest could get global GPU metrics which may be influenced by work in other VMs. A successful exploit of this vulnerability might lead to information disclosure. | ||||