Latest CVE Feed
-
9.8
CRITICALCVE-2025-8947
A vulnerability was found in projectworlds Visitor Management System 1.0. This issue affects some unknown processing of the file /query_data.php. The manipulation of the argument dateF/dateP leads to sql injection. The attack may be initiated remotely. Th... Read more
Affected Products : visitor_management_system- Published: Aug. 14, 2025
- Modified: Aug. 14, 2025
-
8.0
HIGHCVE-2025-50162
Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to execute code over a network.... Read more
- Published: Aug. 12, 2025
- Modified: Aug. 14, 2025
-
9.8
CRITICALCVE-2025-8948
A vulnerability was determined in projectworlds Visitor Management System 1.0. Affected is an unknown function of the file /front.php. The manipulation of the argument rid leads to sql injection. It is possible to launch the attack remotely. The exploit h... Read more
Affected Products : visitor_management_system- Published: Aug. 14, 2025
- Modified: Aug. 14, 2025
-
8.8
HIGHCVE-2025-50163
Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network.... Read more
- Published: Aug. 12, 2025
- Modified: Aug. 14, 2025
-
9.8
CRITICALCVE-2025-8950
A vulnerability was identified in Campcodes Online Recruitment Management System 1.0. This issue affects some unknown processing of the file /Recruitment/index.php?page=view_vacancy. The manipulation of the argument ID leads to sql injection. The attack m... Read more
Affected Products : online_recruitment_management_system- Published: Aug. 14, 2025
- Modified: Aug. 14, 2025
-
8.0
HIGHCVE-2025-50164
Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to execute code over a network.... Read more
- Published: Aug. 12, 2025
- Modified: Aug. 14, 2025
-
9.8
CRITICALCVE-2025-8951
A vulnerability has been found in PHPGurukul Teachers Record Management System 2.1. Affected is an unknown function of the file /admin/search.php. The manipulation of the argument searchdata leads to sql injection. It is possible to launch the attack remo... Read more
Affected Products : teachers_record_management_system- Published: Aug. 14, 2025
- Modified: Aug. 14, 2025
-
9.8
CRITICALCVE-2025-8952
A vulnerability was found in Campcodes Online Flight Booking Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/ajax.php?action=login of the component Login. The manipulation of the argument Username leads... Read more
Affected Products : online_flight_booking_management_system- Published: Aug. 14, 2025
- Modified: Aug. 14, 2025
-
6.5
MEDIUMCVE-2025-50166
Integer overflow or wraparound in Windows Distributed Transaction Coordinator allows an authorized attacker to disclose information over a network.... Read more
Affected Products : windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 +9 more products- Published: Aug. 12, 2025
- Modified: Aug. 14, 2025
-
9.8
CRITICALCVE-2025-8954
A vulnerability was identified in PHPGurukul Hospital Management System 4.0. This affects an unknown part of the file /admin/doctor-specilization.php. The manipulation of the argument doctorspecilization leads to sql injection. It is possible to initiate ... Read more
Affected Products : hospital_management_system- Published: Aug. 14, 2025
- Modified: Aug. 14, 2025
-
7.0
HIGHCVE-2025-50167
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Hyper-V allows an authorized attacker to elevate privileges locally.... Read more
Affected Products : windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_21h2 windows_10_22h2 windows_server_2022 windows_11_22h2 windows_10_1507 +6 more products- Published: Aug. 12, 2025
- Modified: Aug. 14, 2025
-
9.8
CRITICALCVE-2025-8955
A vulnerability has been found in PHPGurukul Hospital Management System 4.0. This vulnerability affects unknown code of the file /admin/edit-doctor.php. The manipulation of the argument docfees leads to sql injection. The attack can be initiated remotely.... Read more
Affected Products : hospital_management_system- Published: Aug. 14, 2025
- Modified: Aug. 14, 2025
-
9.8
CRITICALCVE-2025-8957
A vulnerability was determined in Campcodes Online Flight Booking Management System 1.0. Affected is an unknown function of the file /flights.php. The manipulation of the argument departure_airport_id leads to sql injection. It is possible to launch the a... Read more
Affected Products : online_flight_booking_management_system- Published: Aug. 14, 2025
- Modified: Aug. 14, 2025
-
9.1
CRITICALCVE-2025-53792
Azure Portal Elevation of Privilege Vulnerability... Read more
Affected Products : azure_portal- Published: Aug. 07, 2025
- Modified: Aug. 14, 2025
-
8.2
HIGH- Published: Aug. 07, 2025
- Modified: Aug. 14, 2025
-
7.5
HIGH- Published: Aug. 07, 2025
- Modified: Aug. 14, 2025
-
9.8
CRITICALCVE-2025-8960
A vulnerability has been found in Campcodes Online Flight Booking Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/save_airlines.php. The manipulation of the argument ID leads to sql injection. The attack may ... Read more
Affected Products : online_flight_booking_management_system- Published: Aug. 14, 2025
- Modified: Aug. 14, 2025
-
10.0
CRITICAL- Published: Aug. 07, 2025
- Modified: Aug. 14, 2025
-
6.5
MEDIUMCVE-2025-53771
Improper authentication in Microsoft Office SharePoint allows an unauthorized attacker to perform spoofing over a network.... Read more
- Published: Jul. 20, 2025
- Modified: Aug. 14, 2025
-
9.9
CRITICALCVE-2025-53762
Permissive list of allowed inputs in Microsoft Purview allows an authorized attacker to elevate privileges over a network.... Read more
- Published: Jul. 18, 2025
- Modified: Aug. 14, 2025