Latest CVE Feed
-
6.5
CVSS31CVE-2025-45157
Insecure permissions in Splashin iOS v2.0 allow unauthorized attackers to access location data for specific users.... Read more
Affected Products :- Published: Jul. 18, 2025
- Modified: Jul. 18, 2025
-
5.3
CVSS31CVE-2025-45156
Splashin iOS v2.0 fails to enforce server-side interval restrictions for location updates for free-tier users.... Read more
Affected Products :- Published: Jul. 18, 2025
- Modified: Jul. 18, 2025
-
5.4
CVSS31CVE-2025-33014
IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.7 and 6.2.0.0 through 6.2.0.4 uses a web link with untrusted references to an external site. A remote attacker could exploit this vulnerability to expose sensitive information... Read more
Affected Products :- Published: Jul. 18, 2025
- Modified: Jul. 18, 2025
-
7.5
CVSS31CVE-2025-7754
A vulnerability was found in code-projects Patient Record Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /xray_form.php. The manipulation of the argument itr_no leads to sql injection. The atta... Read more
Affected Products : patient_record_management_system- Published: Jul. 17, 2025
- Modified: Jul. 18, 2025
-
9.8
CVSS31CVE-2025-7753
A vulnerability was found in code-projects Online Appointment Booking System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/adddoctor.php. The manipulation of the argument Username leads to sql injection. It is po... Read more
Affected Products : online_appointment_booking_system- Published: Jul. 17, 2025
- Modified: Jul. 18, 2025
-
9.8
CVSS31CVE-2025-7752
A vulnerability was found in code-projects Online Appointment Booking System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/deletedoctor.php. The manipulation of the argument did leads to sql inject... Read more
Affected Products : online_appointment_booking_system- Published: Jul. 17, 2025
- Modified: Jul. 18, 2025
-
9.8
CVSS31CVE-2025-7751
A vulnerability has been found in code-projects Online Appointment Booking System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/addclinic.php. The manipulation of the argument cid leads to sq... Read more
Affected Products : online_appointment_booking_system- Published: Jul. 17, 2025
- Modified: Jul. 18, 2025
-
9.8
CVSS31CVE-2025-7750
A vulnerability, which was classified as critical, was found in code-projects Online Appointment Booking System 1.0. Affected is an unknown function of the file /admin/adddoctorclinic.php. The manipulation of the argument clinic leads to sql injection. It... Read more
Affected Products : online_appointment_booking_system- Published: Jul. 17, 2025
- Modified: Jul. 18, 2025
-
5.3
CVSS31CVE-2025-7797
A vulnerability was found in GPAC up to 2.4. It has been rated as problematic. Affected by this issue is the function gf_dash_download_init_segment of the file src/media_tools/dash_client.c. The manipulation of the argument base_init_url leads to null poi... Read more
Affected Products :- Published: Jul. 18, 2025
- Modified: Jul. 18, 2025
-
8.8
CVSS31CVE-2025-7796
A vulnerability, which was classified as critical, was found in Tenda FH451 1.0.0.9. This affects the function fromPptpUserAdd of the file /goform/PPTPDClient. The manipulation of the argument Username leads to stack-based buffer overflow. It is possible ... Read more
Affected Products :- Published: Jul. 18, 2025
- Modified: Jul. 18, 2025
-
8.8
CVSS31CVE-2025-7795
A vulnerability, which was classified as critical, has been found in Tenda FH451 1.0.0.9. Affected by this issue is the function fromP2pListFilter of the file /goform/P2pListFilter. The manipulation of the argument page leads to stack-based buffer overflo... Read more
Affected Products :- Published: Jul. 18, 2025
- Modified: Jul. 18, 2025
-
3.5
CVSS31CVE-2025-53901
Wasmtime is a runtime for WebAssembly. Prior to versions 24.0.4, 33.0.2, and 34.0.2, a bug in Wasmtime's implementation of the WASIp1 set of import functions can lead to a WebAssembly guest inducing a panic in the host (embedder). The specific bug is trig... Read more
Affected Products :- Published: Jul. 18, 2025
- Modified: Jul. 18, 2025
-
9.8
CVSS31CVE-2025-51630
TOTOLINK N350RT V9.3.5u.6139_B20201216 was discovered to contain a buffer overflow via the ePort parameter in the function setIpPortFilterRules.... Read more
- Published: Jul. 17, 2025
- Modified: Jul. 18, 2025
-
9.8
CVSS31CVE-2025-52046
Totolink A3300R V17.0.0cu.596_B20250515 was found to contain a command injection vulnerability in the sub_4197C0 function via the mac and desc parameters. This vulnerability allows unauthenticated attackers to execute arbitrary commands via a crafted requ... Read more
- Published: Jul. 17, 2025
- Modified: Jul. 18, 2025
-
8.8
CVSS31CVE-2025-7794
A vulnerability classified as critical was found in Tenda FH451 1.0.0.9. Affected by this vulnerability is the function fromNatStaticSetting of the file /goform/NatStaticSetting. The manipulation of the argument page leads to stack-based buffer overflow. ... Read more
Affected Products :- Published: Jul. 18, 2025
- Modified: Jul. 18, 2025
-
8.8
CVSS31CVE-2025-7793
A vulnerability classified as critical has been found in Tenda FH451 1.0.0.9. Affected is the function formWebTypeLibrary of the file /goform/webtypelibrary. The manipulation of the argument webSiteId leads to stack-based buffer overflow. It is possible t... Read more
Affected Products : fh451_firmware- Published: Jul. 18, 2025
- Modified: Jul. 18, 2025
-
8.8
CVSS31CVE-2025-7792
A vulnerability was found in Tenda FH451 1.0.0.9. It has been rated as critical. This issue affects the function formSafeEmailFilter of the file /goform/SafeEmailFilter. The manipulation of the argument page leads to stack-based buffer overflow. The attac... Read more
Affected Products : fh451_firmware- Published: Jul. 18, 2025
- Modified: Jul. 18, 2025
-
8.7
CVSS31CVE-2025-53762
Permissive list of allowed inputs in Microsoft Purview allows an authorized attacker to elevate privileges over a network.... Read more
Affected Products :- Published: Jul. 18, 2025
- Modified: Jul. 18, 2025
-
9.9
CVSS31CVE-2025-49747
Missing authorization in Azure Machine Learning allows an authorized attacker to elevate privileges over a network.... Read more
Affected Products :- Published: Jul. 18, 2025
- Modified: Jul. 18, 2025
-
9.9
CVSS31CVE-2025-49746
Improper authorization in Azure Machine Learning allows an authorized attacker to elevate privileges over a network.... Read more
Affected Products :- Published: Jul. 18, 2025
- Modified: Jul. 18, 2025