Intel unveiled its Core Ultra series 3 processors on Thursday, the first client chips built on its 18A process node
Vulnerabilities
CVE-2025-11582 | code-projects Online Job Search Engine 1.0 /registration.php txtusername sql injection
A vulnerability identified as critical has been detected in code-projects Online Job Search Engine 1.0. This issue affects some unknown
CVE-2025-11583 | code-projects Online Job Search Engine 1.0 /postjob.php txtjobID sql injection
A vulnerability labeled as critical has been found in code-projects Online Job Search Engine 1.0. Impacted is an unknown function
CVE-2025-11584 | code-projects Online Job Search Engine 1.0 /searchjob.php txtspecialization sql injection
A vulnerability marked as critical has been reported in code-projects Online Job Search Engine 1.0. The affected element is an
CVE-2025-11585 | code-projects Project Monitoring System 1.0 /useredit.php uid sql injection
A vulnerability described as critical has been identified in code-projects Project Monitoring System 1.0. The impacted element is an unknown
CVE-2025-11586 | Tenda AC7 15.03.06.44 /goform/setNotUpgrade newVersion stack-based overflow
A vulnerability classified as critical has been found in Tenda AC7 15.03.06.44. This affects an unknown function of the file
CVE-2025-11588 | CodeAstro Gym Management System 1.0 /customer/index.php fullname sql injection
A vulnerability classified as critical was found in CodeAstro Gym Management System 1.0. This impacts an unknown function of the
CVE-2025-11589 | CodeAstro Gym Management System 1.0 /admin/user-payment.php plan sql injection
A vulnerability, which was classified as critical, has been found in CodeAstro Gym Management System 1.0. Affected is an unknown
CVE-2025-11590 | CodeAstro Gym Management System 1.0 equipment-entry.php ename sql injection
A vulnerability, which was classified as critical, was found in CodeAstro Gym Management System 1.0. Affected by this vulnerability is
CVE-2025-11591 | CodeAstro Gym Management System 1.0 delete-member.php ID sql injection
A vulnerability has been found in CodeAstro Gym Management System 1.0 and classified as critical. Affected by this issue is
CVE-2025-11592 | CodeAstro Gym Management System 1.0 edit-equipmentform.php ID sql injection
A vulnerability was found in CodeAstro Gym Management System 1.0 and classified as critical. This affects an unknown part of
CVE-2025-11593 | CodeAstro Gym Management System 1.0 delete-equipment.php ID sql injection
A vulnerability was found in CodeAstro Gym Management System 1.0. It has been classified as critical. This vulnerability affects unknown
CVE-2025-61856 | Fuji Electric V-SFT up to 6.2.7.0 SFT File Parser WriteV7DataToRom stack-based overflow
A vulnerability labeled as critical has been found in Fuji Electric V-SFT up to 6.2.7.0. Affected is the function CV7BaseMap::WriteV7DataToRom
CVE-2025-40640 | Status Tracker Energy CRM 2025 Query create_invoice_submit.php customerName_0 cross site scripting
A vulnerability categorized as problematic has been discovered in Status Tracker Energy CRM 2025. This affects an unknown function of
CVE-2025-52655 | HCL MyXalytics 6.6 inclusion of functionality from untrusted control sphere (KB0124411)
A vulnerability identified as problematic has been detected in HCL MyXalytics 6.6. This impacts an unknown function. The manipulation leads
CVE-2025-11450 | ServiceNow AI Platform cross site scripting (KB2552817)
A vulnerability classified as problematic was found in ServiceNow AI Platform. This affects an unknown part. Such manipulation leads to
CVE-2025-62240 | Liferay Portal/DXP Calendar Events First Name/Middle Name/Last Name cross site scripting
A vulnerability, which was classified as problematic, has been found in Liferay Portal and DXP. This vulnerability affects unknown code
CVE-2025-59218 | Microsoft Entra access control
A vulnerability, which was classified as critical, was found in Microsoft Entra. This issue affects some unknown processing. Executing manipulation
CVE-2025-59246 | Microsoft Entra missing authentication
A vulnerability has been found in Microsoft Entra and classified as critical. Impacted is an unknown function. The manipulation leads
CVE-2025-59247 | Microsoft Azure PlayFab privileges management
A vulnerability was found in Microsoft Azure PlayFab and classified as critical. The affected element is an unknown function. The
CVE-2025-59252 | Microsoft 365 Word Copilot command injection
A vulnerability was found in Microsoft 365 Word Copilot. It has been classified as critical. The impacted element is an
CVE-2025-59271 | Microsoft Azure Cache for Redis Enterprise improper authorization
A vulnerability was found in Microsoft Azure Cache for Redis Enterprise and Azure Managed Redis. It has been declared as
CVE-2025-10124 | Booking Manager Plugin up to 2.1.14 on WordPress Shortcode authorization
A vulnerability was found in Booking Manager Plugin up to 2.1.14 on WordPress. It has been rated as problematic. This
CVE-2025-62292 | SonarSource SonarQube users resource transfer
A vulnerability categorized as problematic has been discovered in SonarSource SonarQube. Affected is an unknown function of the file /api/v2/users-management/users.
CVE-2025-59272 | Microsoft 365 Copilot Business Chat command injection
A vulnerability identified as critical has been detected in Microsoft 365 Copilot Business Chat. Affected by this vulnerability is an
CVE-2025-59286 | Microsoft 365 Copilots Business Chat command injection
A vulnerability labeled as critical has been found in Microsoft 365 Copilots Business Chat. Affected by this issue is some
CVE-2025-55321 | Microsoft Azure Monitor cross site scripting
A vulnerability marked as problematic has been reported in Microsoft Azure Monitor. This affects an unknown part. This manipulation causes
CVE-2025-21049 | Samsung Devices access control
A vulnerability described as critical has been identified in Samsung Devices. This vulnerability affects unknown code. Such manipulation leads to
CVE-2025-21058 | Samsung Routines prior 4.8.7.1/4.9.6.0 access control
A vulnerability classified as critical has been found in Samsung Routines. This issue affects some unknown processing. Performing manipulation results
CVE-2025-21060 | Samsung Smart Switch 3.7.64.10 cleartext storage
A vulnerability classified as problematic was found in Samsung Smart Switch 3.7.64.10. Impacted is an unknown function. Executing manipulation can
CVE-2025-21061 | Samsung Smart Switch 3.7.64.10 cleartext storage
A vulnerability, which was classified as problematic, has been found in Samsung Smart Switch 3.7.64.10. The affected element is an
CVE-2025-21062 | Samsung Smart Switch 3.7.64.10 risky encryption
A vulnerability, which was classified as problematic, was found in Samsung Smart Switch 3.7.64.10. The impacted element is an unknown
CVE-2025-21063 | Samsung Voice Recorder prior 21.5.73.12/21.5.81.40 access control
A vulnerability has been found in Samsung Voice Recorder and classified as critical. This affects an unknown function. This manipulation
CVE-2025-21055 | Samsung Devices libimagecodec.quram.so out-of-bounds write
A vulnerability was found in Samsung Devices and classified as critical. This impacts an unknown function of the file libimagecodec.quram.so.
CVE-2025-21064 | Samsung Smart Switch 3.7.64.10 improper authentication
A vulnerability was found in Samsung Smart Switch 3.7.64.10. It has been classified as critical. Affected is an unknown function.
CVE-2025-21065 | Samsung Retail Mode up to 5.59.10 input validation
A vulnerability was found in Samsung Retail Mode up to 5.59.10. It has been declared as critical. Affected by this
CVE-2025-21044 | Samsung Devices Fingerprint Trustlet out-of-bounds write
A vulnerability was found in Samsung Devices. It has been rated as critical. Affected by this issue is some unknown
CVE-2025-21045 | Samsung Galaxy Watch sensitive information
A vulnerability categorized as critical has been discovered in Samsung Galaxy Watch. This affects an unknown part. The manipulation results
CVE-2025-21047 | Samsung KnoxGuard Privileged API access control
A vulnerability identified as critical has been detected in Samsung KnoxGuard. This vulnerability affects unknown code of the component Privileged
CVE-2025-21048 | Samsung Knox Enterprise path traversal
A vulnerability labeled as critical has been found in Samsung Knox Enterprise. This issue affects some unknown processing. Such manipulation
CVE-2025-21051 | Samsung Devices JPEG decoding libpadm.so out-of-bounds write
A vulnerability marked as critical has been reported in Samsung Devices. Impacted is an unknown function of the file libpadm.so
CVE-2025-21052 | Samsung Devices JPEG Decoding libpadm.so out-of-bounds write
A vulnerability described as critical has been identified in Samsung Devices. The affected element is an unknown function of the
CVE-2025-21057 | Samsung Notes up to 4.4.29.23 implicit intent
A vulnerability classified as problematic has been found in Samsung Notes up to 4.4.29.23. The impacted element is an unknown
CVE-2025-21053 | Samsung Devices JPEG Decoding libpadm.so out-of-bounds write
A vulnerability classified as critical was found in Samsung Devices. This affects an unknown function of the file libpadm.so of
CVE-2025-21059 | Samsung Health up to 6.30.1.003 improper authorization
A vulnerability, which was classified as critical, has been found in Samsung Health up to 6.30.1.003. This impacts an unknown
CVE-2025-21054 | Samsung Devices JPEG Decoding libpadm.so out-of-bounds
A vulnerability, which was classified as critical, was found in Samsung Devices. Affected is an unknown function of the file
CVE-2025-21066 | Samsung Notes up to 4.4.29.23 SPI Decoder out-of-bounds
A vulnerability has been found in Samsung Notes up to 4.4.29.23 and classified as problematic. Affected by this vulnerability is
CVE-2025-21067 | Samsung Notes up to 4.4.29.23 Image out-of-bounds
A vulnerability was found in Samsung Notes up to 4.4.29.23 and classified as problematic. Affected by this issue is some
CVE-2025-21068 | Samsung Notes up to 4.4.29.23 Image out-of-bounds
A vulnerability was found in Samsung Notes up to 4.4.29.23. It has been classified as problematic. This affects an unknown
CVE-2025-21069 | Samsung Notes up to 4.4.29.23 Image out-of-bounds
A vulnerability was found in Samsung Notes up to 4.4.29.23. It has been declared as problematic. This vulnerability affects unknown
CVE-2025-21070 | Samsung Notes up to 4.4.29.23 SPI Decoder out-of-bounds write
A vulnerability was found in Samsung Notes up to 4.4.29.23. It has been rated as critical. This issue affects some
CVE-2025-21046 | Samsung Devices WindowManager access control
A vulnerability categorized as critical has been discovered in Samsung Devices. Impacted is an unknown function of the component WindowManager.
CVE-2025-7374 | WP JobHunt Plugin up to 7.6 on WordPress authorization
A vulnerability identified as critical has been detected in WP JobHunt Plugin up to 7.6 on WordPress. The affected element
CVE-2025-7781 | WP JobHunt Plugin up to 7.6 on WordPress cs_job_title cross site scripting
A vulnerability labeled as problematic has been found in WP JobHunt Plugin up to 7.6 on WordPress. The impacted element
CVE-2025-61725 | Google Go up to 1.25.1 net-mail ParseAddress resource consumption
A vulnerability marked as problematic has been reported in Google Go up to 1.25.1. This affects the function ParseAddress of
CVE-2025-47912 | Google Go up to 1.25.1 net-url Remote Code Execution
A vulnerability described as critical has been identified in Google Go up to 1.25.1. This impacts an unknown function of
CVE-2025-58185 | Google Go up to 1.25.1 encoding-asn1 memory allocation
A vulnerability classified as problematic has been found in Google Go up to 1.25.1. Affected is an unknown function of
CVE-2025-61723 | Google Go up to 1.25.1 encoding-pem resource consumption
A vulnerability classified as problematic was found in Google Go up to 1.25.1. Affected by this vulnerability is an unknown
CVE-2025-58188 | Google Go up to 1.25.1 crypto-x509 Equal denial of service
A vulnerability, which was classified as problematic, has been found in Google Go up to 1.25.1. Affected by this issue
CVE-2025-58183 | Google Go up to 1.25.1 archive-tar allocation of resources
A vulnerability, which was classified as problematic, was found in Google Go up to 1.25.1. This affects an unknown part
CVE-2025-58189 | Google Go up to 1.25.1 crypto-tls injection
A vulnerability has been found in Google Go up to 1.25.1 and classified as critical. This vulnerability affects unknown code
CVE-2025-61724 | Google Go up to 1.25.1 net-textproto Reader.ReadResponse resource consumption
A vulnerability was found in Google Go up to 1.25.1 and classified as problematic. This issue affects the function Reader.ReadResponse
CVE-2025-58186 | Google Go up to 1.25.1 net-http memory allocation
A vulnerability was found in Google Go up to 1.25.1. It has been classified as problematic. Impacted is an unknown
CVE-2025-58187 | Google Go up to 1.25.1 crypto-x509 resource consumption
A vulnerability was found in Google Go up to 1.25.1. It has been declared as problematic. The affected element is
CVE-2025-21050 | Samsung Devices Contacts information disclosure
A vulnerability was found in Samsung Devices. It has been rated as problematic. The impacted element is an unknown function
CVE-2025-61783 | python-social-auth social-app-django up to 5.5.x Authentication Service associate_by_email incorrect implementation of authentication algorithm (ID 220)
A vulnerability was found in python-social-auth social-app-django up to 5.5.x. It has been declared as problematic. Impacted is the function
CVE-2025-61926 | ossf allstar prior 0.0.0-20250721181116-e004ecb540d6 Reviewbot variable initialization (GHSA-33f4-mjch-7fpr)
A vulnerability was found in ossf allstar. It has been rated as critical. The affected element is an unknown function
CVE-2016-15047 | AVTECH IP Camera/NVR/and DVR Devices CloudSetup.cgi exefile os command injection (EDB-40500)
A vulnerability categorized as critical has been discovered in AVTECH IP Camera, NVR and and DVR Devices. The impacted element
Ubuntu 18.04: Vim Important Denial of Service USN-7815-1 CVE-2025-24014
Vim could be made to crash if it received specially crafted input.LinuxSecurity – Security AdvisoriesRead More
Mageia: kernel-linus Critical Security Advisory MGASA-2025-0234
MGASA-2025-0234 – Updated kernel-linus packages fix security vulnerabilitiesLinuxSecurity – Security AdvisoriesRead More
Slackware 15.0: python3 Critical Security Update SSA:2025-282-01
New python3 packages are available for Slackware 15.0 and -current to fix security issues.LinuxSecurity – Security AdvisoriesRead More
Ubuntu 25.04: WebKitGTK Important Remote Code Execution Threat USN-7817-1
Several security issues were fixed in WebKitGTK.LinuxSecurity – Security AdvisoriesRead More
Ubuntu 24.04: LibHTP Important DoS Issues CVE-2025-53537 USN-7814-1
Several security issues were fixed in LibHTP.LinuxSecurity – Security AdvisoriesRead More
openSUSE Tumbleweed: libexslt0 Moderate Threat CVE-2025-10911
An update that solves one vulnerability can now be installed.LinuxSecurity – Security AdvisoriesRead More
Fedora: python39-websockets Medium CVSS:5.9 Patch 2024:14567-2
An update that solves one vulnerability can now be installed.LinuxSecurity – Security AdvisoriesRead More
openSUSE Tumbleweed: pgadmin4 Moderate CVE-2025-9636 Advisory 2025:15612-1
An update that solves one vulnerability can now be installed.LinuxSecurity – Security AdvisoriesRead More
Ubuntu 25.04: DPDK Important Denial of Service CVE-2025-23259
DPDK could be made to crash if it received specially crafted network traffic.LinuxSecurity – Security AdvisoriesRead More
openSUSE: grafana Moderate CVE-2025-11065 Security Update 2025:15610-1
An update that solves one vulnerability can now be installed.LinuxSecurity – Security AdvisoriesRead More
Debian LTS 11: Redis Important RCE DoS Risks DLA-4325-1 CVE-2025-46817
Multiple vulnerabilities were discovered in Redis, a popular key/value database: * CVE-2025-46817: Fix an issue where an authenticated user could
CVE-2025-35050 | Newforma Project Center 2024.3 URL Rewrite /remoteweb/remote.rem deserialization
A vulnerability classified as very critical was found in Newforma Project Center 2024.3. The impacted element is an unknown function
CVE-2025-35051 | Newforma Project Center 2024.3 NPCS Endpoint /ProjectCenter.rem deserialization
A vulnerability, which was classified as very critical, has been found in Newforma Project Center 2024.3. This affects an unknown
CVE-2025-35052 | Newforma Project Center 2024.3 download.aspx qs hard-coded key
A vulnerability, which was classified as problematic, was found in Newforma Project Center 2024.3. This impacts an unknown function of
CVE-2025-35054 | Newforma Project Center 2024.3 sensitive information
A vulnerability has been found in Newforma Project Center 2024.3 and classified as problematic. Affected is an unknown function. This
CVE-2025-35056 | Newforma Project Center prior 2024.1 MarkupServices.ashx path traversal
A vulnerability was found in Newforma Project Center and classified as critical. Affected by this vulnerability is an unknown functionality
CVE-2025-35057 | Newforma Project Center up to 2024.2 NIX Service IntegrationServices.ashx authentication replay
A vulnerability was found in Newforma Project Center up to 2024.2. It has been classified as critical. Affected by this
CVE-2025-35058 | Newforma Project Center up to 2023.1 NIX Service MarkupServices.ashx authentication replay
A vulnerability was found in Newforma Project Center up to 2023.1. It has been declared as critical. This affects an
CVE-2025-35053 | Newforma Project Center 2024.3 MarkupServices.ashx DownloadExportedPDF path traversal
A vulnerability was found in Newforma Project Center 2024.3. It has been rated as critical. This vulnerability affects the function
CVE-2025-35055 | Newforma Project Center up to 2023.0 UploadBlueimp.ashx path traversal
A vulnerability categorized as critical has been discovered in Newforma Project Center up to 2023.0. This issue affects some unknown
CVE-2025-35059 | Newforma Project Center 2023.1/2023.2 hyperlinkredirect.aspx nhl
A vulnerability identified as problematic has been detected in Newforma Project Center 2023.1/2023.2. Impacted is an unknown function of the
CVE-2025-61601 | BigBlueButton up to 3.0.12 answerIds improper check or handling of exceptional conditions
A vulnerability labeled as problematic has been found in BigBlueButton up to 3.0.12. The affected element is an unknown function.
CVE-2025-61773 | pyLoad up to 0.5.0b3.dev90 Captcha Script Endpoint injection
A vulnerability marked as problematic has been reported in pyLoad. The impacted element is an unknown function of the component
CVE-2025-61779 | confidential-containers trustee up to 0.14.x authorization
A vulnerability described as problematic has been identified in confidential-containers trustee up to 0.14.x. This affects an unknown function. Executing
CVE-2025-61602 | BigBlueButton up to 3.0.12 GraphQL Mutation chatSendMessageReaction reactionEmojiId improper check or handling of exceptional conditions
A vulnerability classified as problematic has been found in BigBlueButton up to 3.0.12. This impacts the function chatSendMessageReaction of the
CVE-2025-35060 | Newforma Project Center 2023.1/2023.2 SVG File cross site scripting
A vulnerability classified as problematic was found in Newforma Project Center 2023.1/2023.2. Affected is an unknown function of the component
CVE-2025-35061 | Newforma Project Center up to 2023.1 NIX Service LegacyIntegrationServices.asmx authentication replay
A vulnerability, which was classified as critical, has been found in Newforma Project Center up to 2023.1. Affected by this
CVE-2025-60375 | Perfex CRM up to 3.3.0 Password improper authentication
A vulnerability, which was classified as critical, was found in Perfex CRM up to 3.3.0. Affected by this issue is
CVE-2025-34248 | D-Link Nuclias Connect prior 1.3.1.4 deleteBackup deleteBackupList path traversal
A vulnerability has been found in D-Link Nuclias Connect and classified as critical. This affects an unknown part of the
CVE-2025-35062 | Newforma Project Center prior 2023.1 default permission
A vulnerability was found in Newforma Project Center and classified as critical. This vulnerability affects unknown code. Executing manipulation can
CVE-2025-43296 | Apple macOS up to 18.7.1 App access control
A vulnerability was found in Apple macOS. It has been classified as critical. This issue affects some unknown processing of
DirectAdmin v1.680 DOM Injection via return-to Parameter
Topic: DirectAdmin v1.680 DOM Injection via return-to Parameter Risk: Low Text: # Exploit Title: DirectAdmin v1.680 DOM Injection via return-to
CVE-2025-4614 | Palo Alto Cloud NGFW/PAN-OS/Prisma Access Session Token exposure of sensitive system information to an unauthorized control sphere
A vulnerability was found in Palo Alto Cloud NGFW, PAN-OS and Prisma Access. It has been classified as problematic. This