Latest CVE Feed
-
9.8
CRITICALCVE-2025-10842
A vulnerability was detected in code-projects Online Bidding System 1.0. Affected is an unknown function of the file /administrator/wew.php. Performing manipulation of the argument ID results in sql injection. The attack may be initiated remotely. The exp... Read more
Affected Products : online_bidding_system- Published: Sep. 23, 2025
- Modified: Sep. 25, 2025
- Vuln Type: Injection
-
9.8
CRITICALCVE-2025-10843
A flaw has been found in Reservation Online Hotel Reservation System 1.0. Affected by this vulnerability is an unknown functionality of the file /reservation/paypalpayout.php. Executing manipulation of the argument confirm can lead to sql injection. The a... Read more
Affected Products : online_hotel_reservation_system- Published: Sep. 23, 2025
- Modified: Sep. 25, 2025
- Vuln Type: Injection
-
8.8
HIGHCVE-2025-10844
A vulnerability has been found in Portabilis i-Educar up to 2.10. Affected by this issue is some unknown functionality of the file /module/Cadastro/aluno. The manipulation of the argument is leads to sql injection. Remote exploitation of the attack is pos... Read more
Affected Products : i-educar- Published: Sep. 23, 2025
- Modified: Sep. 25, 2025
- Vuln Type: Injection
-
8.8
HIGHCVE-2025-10845
A vulnerability was found in Portabilis i-Educar up to 2.10. This affects an unknown part of the file /module/ComponenteCurricular/view. The manipulation of the argument ID results in sql injection. The attack can be executed remotely. The exploit has bee... Read more
Affected Products : i-educar- Published: Sep. 23, 2025
- Modified: Sep. 25, 2025
- Vuln Type: Injection
-
8.8
HIGHCVE-2025-10846
A vulnerability was determined in Portabilis i-Educar up to 2.10. This vulnerability affects unknown code of the file /module/ComponenteCurricular/edit. This manipulation of the argument ID causes sql injection. The attack is possible to be carried out re... Read more
Affected Products : i-educar- Published: Sep. 23, 2025
- Modified: Sep. 25, 2025
- Vuln Type: Injection
-
8.8
HIGHCVE-2025-10848
A vulnerability was identified in Campcodes Society Membership Information System 1.0. This issue affects some unknown processing of the file /check_student.php. Such manipulation of the argument student_id leads to sql injection. The attack may be perfor... Read more
Affected Products : society_membership_information_system- Published: Sep. 23, 2025
- Modified: Sep. 25, 2025
- Vuln Type: Injection
-
9.8
CRITICALCVE-2025-10851
A security flaw has been discovered in Campcodes Gym Management System 1.0. Impacted is an unknown function of the file /ajax.php?action=login. Performing manipulation of the argument Username results in sql injection. It is possible to initiate the attac... Read more
Affected Products : gym_management_system- Published: Sep. 23, 2025
- Modified: Sep. 25, 2025
- Vuln Type: Injection
-
9.8
CRITICALCVE-2025-10857
A security flaw has been discovered in Campcodes Point of Sale System POS 1.0. Affected by this issue is some unknown functionality of the file /login.php. Performing manipulation of the argument Username results in sql injection. The attack is possible t... Read more
Affected Products : point_of_sale_system- Published: Sep. 23, 2025
- Modified: Sep. 25, 2025
- Vuln Type: Injection
-
6.5
MEDIUMCVE-2025-29083
SQL Injection vulnerability in CSZ-CMS v.1.3.0 allows a remote attacker to execute arbitrary code via the execSqlFile function in the Plugin_Manager.php file.... Read more
Affected Products : csz_cms- Published: Sep. 23, 2025
- Modified: Sep. 25, 2025
- Vuln Type: Injection
-
6.5
MEDIUMCVE-2025-29084
SQL Injection vulnerability in CSZ-CMS v.1.3.0 allows a remote attacker to execute arbitrary code via the execSqlFile function in the Upgrade.php file.... Read more
Affected Products : csz_cms- Published: Sep. 23, 2025
- Modified: Sep. 25, 2025
- Vuln Type: Injection
-
6.5
MEDIUMCVE-2025-57639
OS Command injection vulnerability in Tenda AC9 1.0 was discovered to contain a command injection vulnerability via the usb.samba.guest.user parameter in the formSetSambaConf function of the httpd file.... Read more
- Published: Sep. 23, 2025
- Modified: Sep. 25, 2025
- Vuln Type: Injection
-
7.5
HIGHCVE-2025-57638
Buffer overflow vulnerability in Tenda AC9 1.0 via the user supplied sys.vendor configuration value.... Read more
- Published: Sep. 23, 2025
- Modified: Sep. 25, 2025
- Vuln Type: Memory Corruption
-
7.5
HIGHCVE-2025-57637
Buffer overflow vulnerability in D-Link DI-7100G 2020-02-21 in the sub_451754 function of the jhttpd service in the viav4 parameter allowing attackers to cause a denial of service or execute arbitrary code.... Read more
- Published: Sep. 23, 2025
- Modified: Sep. 25, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2025-21476
Memory corruption when passing parameters to the Trusted Virtual Machine during the handshake.... Read more
Affected Products : qca6391_firmware wcn6855_firmware wcn6856_firmware wcn7850_firmware wcn7851_firmware wcn6750_firmware qca6698aq_firmware qcm6490_firmware qcn9011_firmware qcn9012_firmware +74 more products- Published: Sep. 24, 2025
- Modified: Sep. 25, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2025-21481
Memory corruption while performing private key encryption in trusted application.... Read more
Affected Products : aqt1000_firmware qam8295p_firmware qca6391_firmware qca6420_firmware qca6426_firmware qca6430_firmware qca6436_firmware qca6574au_firmware qca6595au_firmware qca6696_firmware +488 more products- Published: Sep. 24, 2025
- Modified: Sep. 25, 2025
- Vuln Type: Memory Corruption
-
6.1
MEDIUMCVE-2025-27030
information disclosure while invoking calibration data from user space to update firmware size.... Read more
Affected Products : qam8295p_firmware qca6574au_firmware qca6696_firmware sa6145p_firmware sa6150p_firmware sa6155p_firmware sa8145p_firmware sa8150p_firmware sa8155p_firmware sa8195p_firmware +72 more products- Published: Sep. 24, 2025
- Modified: Sep. 25, 2025
- Vuln Type: Information Disclosure
-
6.1
MEDIUMCVE-2025-27033
Information disclosure while running video usecase having rogue firmware.... Read more
Affected Products : wcn6856_firmware wcn7850_firmware wcn7851_firmware wcn6750_firmware qca6698aq_firmware qcm6490_firmware qcn9274_firmware qcs6490_firmware qcs8550_firmware qcm8550_firmware +54 more products- Published: Sep. 24, 2025
- Modified: Sep. 25, 2025
- Vuln Type: Information Disclosure
-
6.1
MEDIUMCVE-2025-27036
Information disclosure when Video engine escape input data is less than expected minimum size.... Read more
- Published: Sep. 24, 2025
- Modified: Sep. 25, 2025
- Vuln Type: Information Disclosure
-
7.8
HIGHCVE-2025-27037
Memory corruption while processing config_dev IOCTL when camera kernel driver drops its reference to CPU buffers.... Read more
Affected Products : qam8295p_firmware qca6391_firmware qca6426_firmware qca6436_firmware qca6574au_firmware qca6696_firmware sa6145p_firmware sa6150p_firmware sa6155p_firmware sa8145p_firmware +64 more products- Published: Sep. 24, 2025
- Modified: Sep. 25, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2025-27077
Memory corruption while processing message in guest VM.... Read more
Affected Products : qam8295p_firmware qca6574au_firmware qca6595au_firmware qca6696_firmware sa8295p_firmware qca6595_firmware qca6698aq_firmware sa8540p_firmware sa9000p_firmware qam8255p_firmware +44 more products- Published: Sep. 24, 2025
- Modified: Sep. 25, 2025
- Vuln Type: Memory Corruption