Latest CVE Feed
Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.
A vulnerability was identified in itsourcecode Fees Management System 1.0. This affects an unknown part of the file /manage_course.php. The manipulation of the argument ID leads to sql injection. It …
A vulnerability was determined in itsourcecode Fees Management System 1.0. Affected by this issue is some unknown functionality of the file /ajax.php. Executing a manipulation of the argument Usernam…
A vulnerability was found in SourceCodester Customer Review App 1.0. Affected by this vulnerability is the function add_review/save_review/get_all_reviews of the file review_app.py. Performing a mani…
Memory Corruption when sending random number generator command with insufficient output buffer size.
Memory Corruption when output buffer size is smaller than input buffer size during data copying operation.
Memory corruption in windows drivers while sending incorrect trusted application request
Memory corruption in diagnostic services due to absence of input validation
Memory Corruption when processing IOCTL requests with mismatched API versions due to concurrent modification of user-space buffer.
Information Disclosure when processing advertisement frames with malformed MBSSID elements of insufficient length.
Memory Corruption when writing to invalid memory locations occurs due to heap memory exhaustion during secure data initialization.
Memory Corruption when processing device identifier strings that exceed the expected maximum length.
Memory Corruption when running a memory copy operation due to invalid writes caused by a null pointer.
Information Disclosure when resetting device to factory default settings through powerline interface allows unauthorized access to device configuration.
Dräger Infinity Explorer C700 contains a privilege escalation vulnerability that allows attackers to break out of kiosk mode and access the underlying operating system through a specific dialog inter…
Pixa Bank 2.0 contains an SQL injection vulnerability that allows unauthenticated attackers to extract sensitive data by injecting SQL code into the 'rib' parameter. Attackers can send POST requests …
Cloud Foundry UAA versions v76.12.0 through v78.12.0 are vulnerable to a private key exposure. The server contains a vulnerability where EC (Elliptic Curve) private keys are inadvertently exposed thr…
Authentication Bypass in cf-auth-proxy in Cloud Foundry Foundation all installations allows an unauthenticated remote attacker to gain read access to every log and metric for every application and pl…
In multiple functions of AppOpsService.java, there is a possible missing permission check due to a permissions bypass. This could lead to local information disclosure with no additional execution pri…
In fixInitiatingUserIfNecessary of CallIntentProcessor.java, there is a possible way to make an emergency call due to a logic error in the code. This could lead to local with null execution privileg…
In multiple functions, there is a possible desync in persistence due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. Use…