Latest CVE Feed

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

Score
Vulnerability
Published
6.5 MEDIUM
CVE-2026-10297 — itsourcecode Fees Management System manage_course.php sql injection

A vulnerability was identified in itsourcecode Fees Management System 1.0. This affects an unknown part of the file /manage_course.php. The manipulation of the argument ID leads to sql injection. It …

fees_management_system | Remote | Injection
Jun 01, 2026 Jun 01, 2026
Jun 01, 2026
Jun 01, 2026
6.5 MEDIUM
CVE-2026-10296 — itsourcecode Fees Management System ajax.php sql injection

A vulnerability was determined in itsourcecode Fees Management System 1.0. Affected by this issue is some unknown functionality of the file /ajax.php. Executing a manipulation of the argument Usernam…

fees_management_system | Remote | Injection
Jun 01, 2026 Jun 01, 2026
Jun 01, 2026
Jun 01, 2026
3.3 LOW
CVE-2026-10295 — SourceCodester Customer Review App review_app.py get_all_reviews denial of service

A vulnerability was found in SourceCodester Customer Review App 1.0. Affected by this vulnerability is the function add_review/save_review/get_all_reviews of the file review_app.py. Performing a mani…

customer_review_app | Denial of Service
Jun 01, 2026 Jun 01, 2026
Jun 01, 2026
Jun 01, 2026
6.7 MEDIUM
CVE-2025-59614 — Out-of-bounds Write in Windows Compute

Memory Corruption when sending random number generator command with insufficient output buffer size.

| Memory Corruption
Jun 01, 2026 Jun 01, 2026
Jun 01, 2026
Jun 01, 2026
6.7 MEDIUM
CVE-2025-59613 — Stack-based Buffer Overflow in Windows Compute

Memory Corruption when output buffer size is smaller than input buffer size during data copying operation.

| Memory Corruption
Jun 01, 2026 Jun 01, 2026
Jun 01, 2026
Jun 01, 2026
6.7 MEDIUM
CVE-2025-59612 — Stack-based Buffer Overflow in Windows Compute

Memory corruption in windows drivers while sending incorrect trusted application request

| Memory Corruption
Jun 01, 2026 Jun 01, 2026
Jun 01, 2026
Jun 01, 2026
6.7 MEDIUM
CVE-2025-59611 — Out-of-bounds Write in Core Services

Memory corruption in diagnostic services due to absence of input validation

| Memory Corruption
Jun 01, 2026 Jun 01, 2026
Jun 01, 2026
Jun 01, 2026
6.4 MEDIUM
CVE-2025-59610 — Time-of-check Time-of-use (TOCTOU) Race Condition in Camera Driver

Memory Corruption when processing IOCTL requests with mismatched API versions due to concurrent modification of user-space buffer.

| Memory Corruption
Jun 01, 2026 Jun 01, 2026
Jun 01, 2026
Jun 01, 2026
5.5 MEDIUM
CVE-2025-59609 — Buffer Over-read in WLAN Host Communication

Information Disclosure when processing advertisement frames with malformed MBSSID elements of insufficient length.

Remote | Information Disclosure
Jun 01, 2026 Jun 01, 2026
Jun 01, 2026
Jun 01, 2026
7.8 HIGH
CVE-2025-59606 — NULL Pointer Dereference in HLOS

Memory Corruption when writing to invalid memory locations occurs due to heap memory exhaustion during secure data initialization.

| Memory Corruption
Jun 01, 2026 Jun 01, 2026
Jun 01, 2026
Jun 01, 2026
7.8 HIGH
CVE-2025-59605 — Out-of-bounds Write in HLOS

Memory Corruption when processing device identifier strings that exceed the expected maximum length.

| Memory Corruption
Jun 01, 2026 Jun 01, 2026
Jun 01, 2026
Jun 01, 2026
7.8 HIGH
CVE-2025-59604 — NULL Pointer Dereference in SPS Applications

Memory Corruption when running a memory copy operation due to invalid writes caused by a null pointer.

| Memory Corruption
Jun 01, 2026 Jun 01, 2026
Jun 01, 2026
Jun 01, 2026
6.5 MEDIUM
CVE-2025-59601 — Exposure of Sensitive Information Through Metadata in Powerline Communication Firmware

Information Disclosure when resetting device to factory default settings through powerline interface allows unauthorized access to device configuration.

| Information Disclosure
Jun 01, 2026 Jun 01, 2026
Jun 01, 2026
Jun 01, 2026
8.6 HIGH
CVE-2019-25718 — Dräger Infinity Explorer C700 Privilege Escalation via Kiosk Mode Bypass

Dräger Infinity Explorer C700 contains a privilege escalation vulnerability that allows attackers to break out of kiosk mode and access the underlying operating system through a specific dialog inter…

| Authorization
Jun 01, 2026 Jun 01, 2026
Jun 01, 2026
Jun 01, 2026
8.2 HIGH
CVE-2026-49491 — Pixa Bank 2.0 SQL Injection via agence-ajax.php API

Pixa Bank 2.0 contains an SQL injection vulnerability that allows unauthenticated attackers to extract sensitive data by injecting SQL code into the 'rib' parameter. Attackers can send POST requests …

Remote | Injection
Jun 01, 2026 Jun 01, 2026
Jun 01, 2026
Jun 01, 2026
10.0 CRITICAL
CVE-2026-40965 — Cloud Foundry UAA EC Private Key Exposure

Cloud Foundry UAA versions v76.12.0 through v78.12.0 are vulnerable to a private key exposure. The server contains a vulnerability where EC (Elliptic Curve) private keys are inadvertently exposed thr…

Remote | Cryptography
Jun 01, 2026 Jun 01, 2026
Jun 01, 2026
Jun 01, 2026
7.5 HIGH
CVE-2026-40964 — Cloud Foundry cf-auth-proxy Authentication Bypass

Authentication Bypass in cf-auth-proxy in Cloud Foundry Foundation all installations allows an unauthenticated remote attacker to gain read access to every log and metric for every application and pl…

Remote | Authentication
Jun 01, 2026 Jun 01, 2026
Jun 01, 2026
Jun 01, 2026
3.3 LOW
CVE-2026-28586 — Android AppOpsService Information Disclosure

In multiple functions of AppOpsService.java, there is a possible missing permission check due to a permissions bypass. This could lead to local information disclosure with no additional execution pri…

android | Authorization
Jun 01, 2026 Jun 01, 2026
Jun 01, 2026
Jun 01, 2026
4.0 MEDIUM
CVE-2026-28581 — Android Telephony Denial of Service

In fixInitiatingUserIfNecessary of CallIntentProcessor.java, there is a possible way to make an emergency call due to a logic error in the code. This could lead to local with null execution privileg…

android | Authorization
Jun 01, 2026 Jun 01, 2026
Jun 01, 2026
Jun 01, 2026
7.8 HIGH
CVE-2026-28580 — Apple macOS Privilege Escalation

In multiple functions, there is a possible desync in persistence due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. Use…

android | Memory Corruption
Jun 01, 2026 Jun 01, 2026
Jun 01, 2026
Jun 01, 2026
Showing 20 of 7025 Results