A security flaw exists in the Next.js framework that allows an attacker to bypass authorization checks if such checks are implemented in middleware. This vulnerability arises in versions prior to 14.2.25 and 15.2.3. To mitigate risk, it is recommended to restrict incoming requests that include th...

A path traversal vulnerability identified in reggie 1.0 allows an attacker to manipulate the 'name' argument in the download function of CommonController.java. This vulnerability enables unauthorized access to file systems, allowing remote attackers to read sensitive files by exploiting this flaw...

WordPress does not properly restrict which user fields are searchable via the REST API, allowing unauthenticated attackers to discern the email addresses of users who have published public posts on an affected website via an Oracle style attack

The Lana Downloads Manager plugin for WordPress, prior to version 1.10.0, is susceptible to a path traversal vulnerability. This flaw arises from inadequate validation of user input used in file path specifications. As a result, authenticated users with admin privileges may exploit this weakness ...

The Gutentor plugin for WordPress prior to version 3.4.7 is susceptible to SQL injection due to a lack of proper sanitization and escaping of user-supplied parameters within SQL statements. This vulnerability could potentially allow administrators to manipulate the database in unintended ways, le...

A security flaw exists in DocsGPT that allows unauthorized access leading to Remote Code Execution. An attacker can exploit this vulnerability through the improper parsing of JSON data using the eval() function. By sending arbitrary Python code to the /api/remote endpoint, an attacker can execute...

Why is Microsoft republishing a CVE from 2013? We are republishing CVE-2013-3900 in the Security Update Guide to update the Security Updates table and to inform customers that the EnableCertPaddingCheck is available in all currently supported versions of Windows 10 and Windows 11. While the forma...

An issue exists in KeePass 2.x versions prior to 2.54 where attackers can exploit memory dumps to recover the cleartext master password, even if the workspace is locked or the application is no longer running. This exploitation can occur through various forms of memory dumps, such as a KeePass pr...

A SQL injection vulnerability exists in the SourceCodester Apartment Visitor Management System version 1.0, specifically in the remove-apartment.php file. This vulnerability arises from insufficient validation of input parameters, allowing attackers to manipulate the ID argument. Successful explo...

A path traversal vulnerability exists in GuoMinJim PersonManage 1.0, specifically in the preHandle function located at /login/. This flaw allows remote attackers to manipulate the Request argument, potentially leading to unauthorized file access and disclosure of sensitive information. Given the ...

A significant vulnerability has been detected in the Project Worlds Online Time Table Generator version 1.0, specifically in the /admin/updatestudent.php file. This issue allows attackers to manipulate the 'pic' argument, enabling unrestricted file uploads. As a result, malicious users can remote...

A vulnerability has been identified in the Project Worlds Online Time Table Generator version 1.0, specifically within the /student/updateprofile.php file. This flaw enables attackers to manipulate the 'pic' argument, resulting in the potential for unrestricted file uploads. Such a vulnerability ...

A significant vulnerability has been identified in the Project Worlds Online Time Table Generator 1.0 that allows unauthorized file uploads through the /admin/add_student.php interface. By manipulating the 'pic' argument, attackers may exploit this weakness to upload malicious files remotely. Thi...

A SQL injection vulnerability exists within the Code-Projects Payroll Management System in the /add_employee.php file. This vulnerability arises from improper handling of user-supplied input parameters, specifically lname and fname, allowing attackers to manipulate database queries and potentiall...

A vulnerability in Vite's frontend development tooling allows attackers to bypass file access restrictions. Specifically, versions prior to 6.2.3, 6.1.2, 6.0.12, 5.4.15, and 4.5.10 expose the risk where app URLs can be manipulated with trailing query parameters such as '?raw?' or '?import&raw?' t...

A SQL injection vulnerability exists in version 1.0 of the Payroll Management System by Code-Projects, specifically within the file /view_account.php. This vulnerability arises from improper processing of the argument 'salary_rate', allowing attackers to perform unauthorized actions via SQL manip...

A vulnerability has been discovered in yzk2356911358 StudentServlet-JSP that allows for cross-site request forgery (CSRF) attacks. This flaw can be exploited remotely, enabling an attacker to manipulate the application's requests without the user's consent. The ongoing rolling release model of th...

A vulnerability has been identified in the Student Management Handler of yzk2356911358's StudentServlet-JSP. This issue allows an attacker to manipulate the 'Name' argument, leading to potential cross-site scripting attacks. Such vulnerabilities enable malicious actors to execute unauthorized scr...

The Online Eyewear Shop by SourceCodester is susceptible to an SQL injection vulnerability located in the /classes/Users.php function. This vulnerability arises due to inadequate input validation on the 'ID' parameter, enabling an attacker to manipulate database queries executed by the applicatio...

A significant out-of-bounds write vulnerability has been identified in TA-Lib, specifically affecting the setInputBuffer function within the ta_regtest component. This flaw allows unauthorized users to manipulate memory, potentially leading to data corruption or execution of arbitrary code. The v...

A vulnerability exists in the Open Asset Import Library Assimp version 5.4.3 specifically within the function Assimp::ASEImporter::BuildUniqueRepresentation found in the ASE file handler component. This vulnerability arises from improper handling of the argument mIndices, leading to an out-of-bou...

A null pointer dereference vulnerability exists in the Khronos Group glslang 15.1.0 implementation. This flaw, located in the glslang::TIntermediate::isConversionAllowed function within the Intermediate.cpp file, can be exploited through local access. If an attacker successfully manipulates the a...

A security vulnerability was discovered in the Jinher Network OA C6 product, specifically in the file NetDiskProperty.aspx. This vulnerability allows for SQL Injection through the manipulation of the ID parameter. Attackers can exploit this weakness remotely, potentially gaining unauthorized acce...

A security vulnerability has been identified in PHPGurukul's e-Diary Management System version 1.0, specifically within the /edit-category.php file. The vulnerability allows attackers to manipulate the 'Category' parameter, leading to potential SQL injection attacks. This exposure could enable un...

A vulnerability exists in the Sayski ForestBlog, specifically within the Friend Link Handler component, affecting versions up to 20250321. This security issue allows remote attackers to manipulate the component and execute cross site scripting (XSS) attacks. Given that the exploit has been public...

A security issue in the Kubernetes platform allows an unauthenticated attacker with access to the pod network to execute arbitrary code within the context of the ingress-nginx controller. This vulnerability poses serious security risks, as it can potentially expose sensitive secrets accessible to...

A vulnerability exists in Sayski ForestBlog that allows for cross-site scripting through improper handling of user input in the /search file. By manipulating the 'keywords' parameter, attackers can execute arbitrary scripts in the context of the user's browser. This poses a significant security r...

A SQL injection vulnerability has been identified in ESAFENET CDG 3, specifically within the UserAjax functionality. This flaw allows attackers to manipulate the Username parameter, enabling them to execute unauthorized SQL commands remotely. The vulnerability poses a significant security risk, a...

A vulnerability has been identified in Digital China DCME-520 affecting versions up to 20250320, specifically within the processing of input parameters in the file /usr/local/WWW/function/audit/newstatistics/mon_merge_stat_hist.php. An improper handling of the 'type_name' argument allows an attac...

A vulnerability in PyTorch 2.6.0 has been identified, specifically within the torch.lstm_cell function. This flaw allows for memory corruption, which could be exploited locally by an attacker. The manipulation of this function creates the risk of segmentation faults, potentially leading to unexpe...

A vulnerability exists in PyTorch 2.6.0 affecting the torch.jit.script function, allowing for potential memory corruption. This issue can be exploited locally, posing risks to system integrity. The vulnerability has been publicly disclosed and could lead to unauthorized access or disruption of se...

The vulnerability in Bricks Builder, developed by Codeer Limited, allows for improper control of code generation, leading to code injection risks. This condition is particularly critical in versions ranging from n/a to 1.9.6. Attackers may exploit this weakness to execute arbitrary code on the se...

A memory corruption vulnerability exists in the torch.nn.utils.rnn.pad_packed_sequence function of PyTorch version 2.6.0. This issue requires local access for exploitation, potentially allowing an attacker to manipulate memory allocation, leading to segmentation faults or unexpected behavior in a...

A vulnerability exists in Youkefu version 4.2.0 developed by Zhangyanbo2007, specifically within an unverified function of the file /res/url. This flaw arises from improper handling of the 'url' argument, allowing an attacker to perform server-side request forgery (SSRF). Through SSRF, a remote a...

A path traversal vulnerability exists in Splunk Enterprise running on Windows, affecting versions prior to 9.2.2, as well as versions 9.1.5 and 9.0.10. This issue allows an attacker to potentially access restricted directories and files on the server through the /modules/messaging/ endpoint. Ensu...

A newly discovered vulnerability in the Tenda FH1202's Web Management Interface allows for improper access control, particularly in the /goform/SysToolDDNS file. This flaw enables remote attackers to manipulate access controls, potentially compromising the device's security and integrity. The iss...

A vulnerability exists in the Tenda FH1202 Web Management Interface, specifically in the /goform/SysToolChangePwd file, allowing unauthorized manipulation of access controls. This flaw can be exploited remotely, providing attackers with the ability to gain unauthorized access to sensitive system ...

A vulnerability has been identified in the Tenda FH1202 router’s web management interface. The flaw resides in the qossetting component, which suffers from improper access controls, allowing an unauthorized remote attacker to manipulate settings and potentially gain sensitive information. Exploit...

A security flaw in the Tenda FH1202 router allows unauthorized access due to improper access controls associated with the /default.cfg file. This vulnerability can be exploited remotely, enabling attackers to manipulate sensitive configurations without proper authentication. Due to the public dis...

The Tenda FH1202 device's Web Management Interface is susceptible to an improper access control vulnerability. Specifically, the flaw resides in the '/goform/AdvSetWrlsafeset' component, allowing unauthorized access that could be exploited remotely. This issue can lead to various security risks, ...

A vulnerability exists in the Tenda FH1202's web management interface that allows remote attackers to exploit inadequate access controls. The issue arises from the 'AdvSetWrlmacfilter' function, potentially allowing unauthorized users to gain elevated privileges and manipulate configurations with...

A security flaw has been identified in the Tenda FH1202 router, specifically within the Web Management Interface. This vulnerability arises from improper access controls in processing requests to the file /goform/AdvSetWrlGstset, potentially allowing unauthorized remote attackers to manipulate se...

A vulnerability has been identified in the Tenda FH1202 model's Web Management Interface, specifically within the AdvSetWrl component. This vulnerability enables unauthorized manipulation due to improper access controls, allowing potential attackers to gain unrestricted access to sensitive functi...

A vulnerability has been identified in the Payroll Management System 1.0 developed by Code-Projects that allows for SQL injection through the manipulation of the 'deduction' parameter within the 'update_account.php' file. This flaw can be exploited remotely, enabling attackers to execute unauthor...

The Chamilo platform's wsConvertPpt component contains a command injection vulnerability that allows attackers to execute arbitrary system commands. This security flaw manifests through the processing of crafted PowerPoint file names in the SOAP API, potentially enabling unauthorized operations w...

An OGNL injection vulnerability exists in Confluence Server and Data Center, allowing unauthenticated attackers to execute arbitrary code on affected instances. Versions earlier than 7.4.17, and specific ranges of 7.13.x, 7.14.x, 7.15.x, 7.16.x, 7.17.x, and 7.18.x, are vulnerable. This security i...

A vulnerability exists in the egress packet processing of the Cisco StarOS operating system. This flaw allows unauthenticated remote attackers to disrupt the forwarding of packets by exploiting the maximum length check of transmitted packets. By sending specially crafted IP packets or fragments, ...

Static code injection vulnerability in setup.php in phpMyAdmin 2.11.x before 2.11.9.5 and 3.x before 3.1.3.1 allows remote attackers to inject arbitrary PHP code into a configuration file via the save action.

A vulnerability exists in the Payroll Management System version 1.0, specifically within the /delete.php file. This flaw arises from improper handling of the emp_id argument, which can be exploited to perform SQL injection attacks. Remote attackers may manipulate this vulnerability to gain unauth...

TP-Link Tapo C200 IP camera, on its 1.1.15 firmware version and below, is affected by an unauthenticated RCE vulnerability, present in the uhttpd binary running by default as root. The exploitation of this vulnerability allows an attacker to take full control of the camera.