It’s been a hard day’s night, and I’ve been working like a dog It’s been a hard day’s night, I
Vulnerabilities
CVE-2025-36753 | Growatt ShineLan-X up to 3.6.0.2 SWD Debug Interface authentication spoofing
A vulnerability was found in Growatt ShineLan-X up to 3.6.0.2. It has been declared as critical. Affected by this issue
CVE-2025-36750 | Growatt ShineLan-X up to 3.6.0.2 Plant Management Page Plant Name cross site scripting
A vulnerability was found in Growatt ShineLan-X up to 3.6.0.2. It has been rated as problematic. This affects an unknown
CVE-2025-36748 | Growatt ShineLan-X up to 3.6.0.2 Communication cross site scripting
A vulnerability categorized as problematic has been discovered in Growatt ShineLan-X up to 3.6.0.2. This vulnerability affects unknown code of
CVE-2025-14641 | code-projects Computer Laboratory System 1.0 admin/admin_pic.php image unrestricted upload
A vulnerability identified as critical has been detected in code-projects Computer Laboratory System 1.0. This issue affects some unknown processing
CVE-2025-14642 | code-projects Computer Laboratory System 1.0 technical_staff_pic.php image unrestricted upload
A vulnerability labeled as critical has been found in code-projects Computer Laboratory System 1.0. Impacted is an unknown function of
CVE-2025-14643 | code-projects Simple Attendance Record System 2.0 /check.php student sql injection
A vulnerability marked as critical has been reported in code-projects Simple Attendance Record System 2.0. The affected element is an
CVE-2025-14644 | itsourcecode Student Management System 1.0 /update_subject.php ID sql injection
A vulnerability described as critical has been identified in itsourcecode Student Management System 1.0. The impacted element is an unknown
CVE-2025-14645 | code-projects Student File Management System 1.0 /admin/delete_user.php user_id sql injection
A vulnerability classified as critical has been found in code-projects Student File Management System 1.0. This affects an unknown function
CVE-2025-14646 | code-projects Student File Management System 1.0 delete_student.php stud_id sql injection
A vulnerability classified as critical was found in code-projects Student File Management System 1.0. This impacts an unknown function of
CVE-2025-14647 | code-projects Computer Book Store 1.0 /admin_delete.php bookisbn sql injection
A vulnerability, which was classified as critical, has been found in code-projects Computer Book Store 1.0. Affected is an unknown
CVE-2025-14648 | DedeBIZ up to 6.5.9 catalog_add.php command injection
A vulnerability, which was classified as critical, was found in DedeBIZ up to 6.5.9. Affected by this vulnerability is an
CVE-2025-14649 | itsourcecode Online Cake Ordering System 1.0 /cakeshop/supplier.php supplier sql injection
A vulnerability has been found in itsourcecode Online Cake Ordering System 1.0 and classified as critical. Affected by this issue
CVE-2025-14650 | itsourcecode Online Cake Ordering System 1.0 /cakeshop/product.php Product sql injection
A vulnerability was found in itsourcecode Online Cake Ordering System 1.0 and classified as critical. This affects an unknown part
CVE-2025-14651 | MartialBE one-hub up to 0.14.27 docker-compose.yml SESSION_SECRET hard-coded key (Issue 872)
A vulnerability was found in MartialBE one-hub up to 0.14.27. It has been classified as critical. This vulnerability affects unknown
CVE-2025-14652 | itsourcecode Online Cake Ordering System 1.0 admindetail.php?action=edit ID sql injection
A vulnerability was found in itsourcecode Online Cake Ordering System 1.0. It has been declared as critical. This issue affects
Fedora 43: apptainer 2025-cf169a01e8
Apply fuse2fs patches that were accidentally empty Update to upstream 1.4.5, including a fix for CVE-2025-65105LinuxSecurity – Security AdvisoriesRead More
Fedora 42: apptainer 2025-ff963b3775
Apply fuse2fs patches that were accidentally empty Update to upstream 1.4.5, including a fix for CVE-2025-65105LinuxSecurity – Security AdvisoriesRead More
Fedora 41: apptainer 2025-df330356b2
Apply fuse2fs patches that were accidentally empty Update to upstream 1.4.5, including a fix for CVE-2025-65105LinuxSecurity – Security AdvisoriesRead More
CVE-2025-14640 | code-projects Student File Management System 1.0 /admin/save_student.php stud_no sql injection
A vulnerability classified as critical was found in code-projects Student File Management System 1.0. The affected element is an unknown
CVE-2025-67749 | pcsx2 up to 2.5.377 SCMD mg_buffer out-of-bounds (GHSA-69wg-97fx-8j5w)
A vulnerability was found in pcsx2 up to 2.5.377. It has been rated as critical. Affected is an unknown function
CVE-2025-67721 | airlift aircompressor up to 3.3 insertion of sensitive information into sent data (GHSA-vx9q-rhv9-3jvg)
A vulnerability categorized as problematic has been discovered in airlift aircompressor up to 3.3. Affected by this vulnerability is an
CVE-2025-13970 | OpenPLC v3 Setting cross-site request forgery
A vulnerability identified as problematic has been detected in OpenPLC v3. Affected by this issue is some unknown functionality of
CVE-2025-14636 | Tenda AX9 22.03.01.46 httpd image_check weak hash
A vulnerability labeled as problematic has been found in Tenda AX9 22.03.01.46. This affects the function image_check of the component
CVE-2025-14637 | itsourcecode Online Pet Shop Management System 1.0 /pet1/addcnp.php cnpname sql injection
A vulnerability marked as critical has been reported in itsourcecode Online Pet Shop Management System 1.0. This vulnerability affects unknown
CVE-2025-14638 | itsourcecode Online Pet Shop Management System 1.0 /pet1/update_cnp.php ID sql injection
A vulnerability described as critical has been identified in itsourcecode Online Pet Shop Management System 1.0. This issue affects some
CVE-2025-14639 | itsourcecode Student Management System 1.0 /uprec.php ID sql injection
A vulnerability classified as critical has been found in itsourcecode Student Management System 1.0. Impacted is an unknown function of
CVE-2025-43320 | Apple macOS up to 15.7.2 App Local Privilege Escalation
A vulnerability classified as problematic was found in Apple macOS up to 15.7.2. Impacted is an unknown function of the
CVE-2025-14611 | Gladinet CentreStack/TrioFox prior 16.12.10420.56791 Request file inclusion
A vulnerability, which was classified as problematic, has been found in Gladinet CentreStack and TrioFox. The affected element is an
CVE-2025-43351 | Apple macOS up to 26.0 App permission
A vulnerability, which was classified as critical, was found in Apple macOS up to 26.0. The impacted element is an
CVE-2025-43381 | Apple macOS up to 26.0 App symlink
A vulnerability has been found in Apple macOS up to 26.0 and classified as critical. This affects an unknown function
CVE-2025-43388 | Apple macOS up to 26.0 App information disclosure
A vulnerability was found in Apple macOS up to 26.0 and classified as problematic. This impacts an unknown function of
CVE-2025-43410 | Apple macOS up to 14.8.1/15.7.1 Note denial of service
A vulnerability was found in Apple macOS up to 14.8.1/15.7.1. It has been classified as problematic. Affected is an unknown
CVE-2025-43393 | Apple macOS up to 26.0 App sandbox
A vulnerability was found in Apple macOS up to 26.0. It has been declared as critical. Affected by this vulnerability
CVE-2025-43402 | Apple macOS up to 26.0 memory corruption
A vulnerability was found in Apple macOS up to 26.0. It has been rated as critical. Affected by this issue
CVE-2025-43404 | Apple macOS up to 26.0 sandbox
A vulnerability categorized as critical has been discovered in Apple macOS up to 26.0. This affects an unknown part. Executing
CVE-2025-43406 | Apple macOS up to 26.0 App information disclosure
A vulnerability identified as problematic has been detected in Apple macOS up to 26.0. This vulnerability affects unknown code of
CVE-2025-43520 | Apple macOS/tvOS/visionOS/watchOS/iOS and iPadOS up to 26.0 memory corruption
A vulnerability labeled as critical has been found in Apple macOS, tvOS, visionOS, watchOS and iOS and iPadOS up to
CVE-2025-43542 | Apple macOS up to 15.7.2 Password missing initialization
A vulnerability marked as problematic has been reported in Apple macOS up to 15.7.2. Impacted is an unknown function. This
CVE-2025-11266 | Grassroots DICOM Library prior 3.2.2 DICOM File Parser out-of-bounds write
A vulnerability described as critical has been identified in Grassroots DICOM Library. The affected element is an unknown function of
CVE-2025-43470 | Apple macOS up to 26.0 Disk Image permission
A vulnerability classified as critical has been found in Apple macOS up to 26.0. The impacted element is an unknown
CVE-2025-43494 | Apple macOS/visionOS/watchOS/iOS and iPadOS up to 26.0 denial of service
A vulnerability classified as problematic was found in Apple macOS, visionOS, watchOS and iOS and iPadOS up to 26.0. This
CVE-2025-43506 | Apple macOS up to 26.0 iCloud Private Relay information disclosure
A vulnerability, which was classified as problematic, has been found in Apple macOS up to 26.0. This impacts an unknown
CVE-2025-43510 | Apple macOS/tvOS/visionOS/watchOS/iOS and iPadOS up to 26.0 memory corruption
A vulnerability, which was classified as critical, was found in Apple macOS, tvOS, visionOS, watchOS and iOS and iPadOS up
CVE-2025-43511 | Apple iOS/iPadOS up to 18.7.1 Web use after free
A vulnerability has been found in Apple iOS and iPadOS up to 18.7.1 and classified as critical. Affected by this
CVE-2025-43516 | Apple macOS up to 14.8.2/15.7.2 user session
A vulnerability was found in Apple macOS up to 14.8.2/15.7.2 and classified as problematic. Affected by this issue is some
CVE-2025-46287 | Apple macOS up to 14.8.2/15.7.2 FaceTime Call state issue
A vulnerability was found in Apple macOS up to 14.8.2/15.7.2. It has been classified as problematic. This affects an unknown
CVE-2025-46276 | Apple macOS up to 14.8.3/15.7.3 App information disclosure
A vulnerability was found in Apple macOS up to 14.8.3/15.7.3. It has been declared as problematic. This vulnerability affects unknown
CVE-2025-43463 | Apple macOS up to 26.0 App information disclosure
A vulnerability was found in Apple macOS up to 26.0. It has been rated as problematic. This issue affects some
CVE-2025-43465 | Apple macOS up to 26.0 App information disclosure
A vulnerability categorized as problematic has been discovered in Apple macOS up to 26.0. Impacted is an unknown function of
CVE-2025-43513 | Apple macOS up to 14.8.2/15.7.2 App permission
A vulnerability identified as critical has been detected in Apple macOS up to 14.8.2/15.7.2. The affected element is an unknown
CVE-2025-43517 | Apple macOS up to 14.8.2/15.7.2 log file
A vulnerability labeled as problematic has been found in Apple macOS up to 14.8.2/15.7.2. The impacted element is an unknown
CVE-2025-43518 | Apple macOS up to 14.8.2/15.7.2 Spellcheck API Local Privilege Escalation
A vulnerability marked as problematic has been reported in Apple macOS up to 14.8.2/15.7.2. This affects an unknown function of
CVE-2025-43521 | Apple macOS up to 15.7.2 App information disclosure
A vulnerability described as problematic has been identified in Apple macOS up to 15.7.2. This impacts an unknown function of
CVE-2025-43522 | Apple macOS up to 15.7.2 information disclosure
A vulnerability classified as problematic has been found in Apple macOS up to 15.7.2. Affected is an unknown function. The
CVE-2025-43532 | Apple macOS up to 14.8.2/15.7.2 App memory corruption
A vulnerability classified as critical was found in Apple macOS up to 14.8.2/15.7.2. Affected by this vulnerability is an unknown
CVE-2025-43539 | Apple macOS up to 14.8.2/15.7.2 memory corruption
A vulnerability, which was classified as critical, has been found in Apple macOS up to 14.8.2/15.7.2. Affected by this issue
CVE-2025-43437 | Apple iOS/iPadOS up to 26.0 App information disclosure
A vulnerability, which was classified as problematic, was found in Apple iOS and iPadOS up to 26.0. This affects an
CVE-2025-43467 | Apple macOS up to 26.0 App Local Privilege Escalation
A vulnerability has been found in Apple macOS up to 26.0 and classified as critical. This vulnerability affects unknown code
CVE-2025-43527 | Apple macOS up to 15.7.2 App permission
A vulnerability was found in Apple macOS up to 15.7.2 and classified as critical. This issue affects some unknown processing
CVE-2025-43464 | Apple macOS up to 26.0 App denial of service
A vulnerability was found in Apple macOS up to 26.0. It has been classified as problematic. Impacted is an unknown
CVE-2025-43416 | Apple macOS up to 14.7.2/15.7.2 App access control
A vulnerability was found in Apple macOS up to 14.7.2/15.7.2. It has been declared as critical. The affected element is
CVE-2025-43471 | Apple macOS up to 26.0 App information disclosure
A vulnerability was found in Apple macOS up to 26.0. It has been rated as problematic. The impacted element is
CVE-2025-43473 | Apple macOS up to 26.0 App information disclosure
A vulnerability categorized as problematic has been discovered in Apple macOS up to 26.0. This affects an unknown function of
CVE-2025-43461 | Apple macOS up to 26.0 App symlink
A vulnerability identified as critical has been detected in Apple macOS up to 26.0. This impacts an unknown function of
CVE-2025-46285 | Apple macOS up to 14.8.2/15.7.2 App integer overflow
A vulnerability labeled as critical has been found in Apple macOS up to 14.8.2/15.7.2. Affected is an unknown function of
CVE-2025-43466 | Apple macOS up to 26.0 App information disclosure
A vulnerability marked as problematic has been reported in Apple macOS up to 26.0. Affected by this vulnerability is an
CVE-2025-43482 | Apple macOS up to 14.8.2/15.7.2 App denial of service
A vulnerability described as problematic has been identified in Apple macOS up to 14.8.2/15.7.2. Affected by this issue is some
CVE-2025-43497 | Apple macOS up to 26.0 App sandbox
A vulnerability classified as critical has been found in Apple macOS up to 26.0. This affects an unknown part of
CVE-2025-43509 | Apple macOS up to 14.8.2/15.7.2 App information disclosure
A vulnerability classified as problematic was found in Apple macOS up to 14.8.2/15.7.2. This vulnerability affects unknown code of the
CVE-2025-43512 | Apple macOS up to 14.7.2/15.7.2 App Local Privilege Escalation
A vulnerability, which was classified as problematic, has been found in Apple macOS up to 14.7.2/15.7.2. This issue affects some
CVE-2025-43519 | Apple macOS up to 14.7.2/15.7.2 App permission
A vulnerability, which was classified as critical, was found in Apple macOS up to 14.7.2/15.7.2. Impacted is an unknown function
CVE-2025-43523 | Apple macOS up to 15.7.2 App permission
A vulnerability has been found in Apple macOS up to 15.7.2 and classified as critical. The affected element is an
CVE-2025-43530 | Apple macOS up to 14.8.2/15.7.2 App information disclosure
A vulnerability was found in Apple macOS up to 14.8.2/15.7.2 and classified as problematic. The impacted element is an unknown
CVE-2025-43538 | Apple macOS up to 14.8.2 App information disclosure
A vulnerability was found in Apple macOS up to 14.8.2. It has been classified as problematic. This affects an unknown
CVE-2025-46289 | Apple macOS up to 14.8.2/15.7.2 App access control
A vulnerability was found in Apple macOS up to 14.8.2/15.7.2. It has been declared as critical. This impacts an unknown
CVE-2024-58316 | PuneethReddyHC Online Shopping System Advanced 1.0 payment_success.php cm sql injection (Exploit 51811)
A vulnerability was found in PuneethReddyHC Online Shopping System Advanced 1.0. It has been classified as critical. This issue affects
CVE-2024-14010 | Typora 1.7.4 PDF Export run command os command injection (Exploit 51752 / EDB-51752)
A vulnerability was found in Typora 1.7.4. It has been declared as critical. Impacted is an unknown function of the
CVE-2024-58314 | ATCOM 100M IP Phones 2.7 Web Configuration web_cgi_main.cgi cmd os command injection (Exploit 51742 / EDB-51742)
A vulnerability was found in ATCOM 100M IP Phones 2.7. It has been rated as critical. The affected element is
CVE-2024-58299 | PCMan FTP Server 2.0 CMD Command stack-based overflow (Exploit 51767 / EDB-51767)
A vulnerability categorized as critical has been discovered in PCMan FTP Server 2.0. The impacted element is an unknown function
CVE-2024-58311 | Dormakaba Saflok System 6000 improper finite state machines in hardware logic (Exploit 51832 / EDB-51832)
A vulnerability identified as critical has been detected in Dormakaba Saflok System 6000. This affects an unknown function. This manipulation
CVE-2025-67750 | Flow-Scanner lightning-flow-scanner up to 6.10.5 Function code injection
A vulnerability labeled as critical has been found in Flow-Scanner lightning-flow-scanner up to 6.10.5. This impacts the function Function. Such
CVE-2025-67734 | Frappe LMS up to 2.41.x Job Form Website cross site scripting (GHSA-c495-qg4v-5vr7)
A vulnerability marked as problematic has been reported in Frappe LMS up to 2.41.x. Affected is an unknown function of
CVE-2024-58305 | WonderCMS 4.3.2 Module Installation Endpoint cross site scripting (Exploit 51805 / EDB-51805)
A vulnerability described as problematic has been identified in WonderCMS 4.3.2. Affected by this vulnerability is an unknown functionality of
CVE-2025-9207 | templateinvaders TI WooCommerce Wishlist Plugin up to 2.10.0 on WordPress cross site scripting
A vulnerability classified as problematic has been found in templateinvaders TI WooCommerce Wishlist Plugin up to 2.10.0 on WordPress. Affected
CVE-2025-8195 | JetWidgets for Elementor Plugin up to 1.0.20 on WordPress Subscribe Widget cross site scripting
A vulnerability classified as problematic was found in JetWidgets for Elementor Plugin up to 1.0.20 on WordPress. This affects an
CVE-2025-8780 | Livemesh SiteOrigin Widgets Plugin up to 3.9.1 on WordPress Pricing Table Widget cross site scripting
A vulnerability, which was classified as problematic, has been found in Livemesh SiteOrigin Widgets Plugin up to 3.9.1 on WordPress.
CVE-2025-9856 | Popup Builder Plugin up to 4.4.1 on WordPress Shortcode sg_popup cross site scripting
A vulnerability, which was classified as problematic, was found in Popup Builder Plugin up to 4.4.1 on WordPress. This issue
CVE-2025-8687 | Enter Addons Plugin up to 2.2.7 on WordPress Image Comparison Widget cross site scripting
A vulnerability has been found in Enter Addons Plugin up to 2.2.7 on WordPress and classified as problematic. Impacted is
CVE-2025-7960 | KingAddons King Addons for Elementor Plugin up to 51.1.39 on WordPress Widget cross site scripting
A vulnerability was found in KingAddons King Addons for Elementor Plugin up to 51.1.39 on WordPress and classified as problematic.
CVE-2025-0969 | Brizy Plugin up to 2.7.16 on WordPress get_users information disclosure
A vulnerability was found in Brizy Plugin up to 2.7.16 on WordPress. It has been classified as problematic. The impacted
CVE-2025-8199 | MarqueeAddons Plugin up to 2.4.3 on WordPress Testimonial Marquee Widget cross site scripting
A vulnerability was found in MarqueeAddons Plugin up to 2.4.3 on WordPress. It has been declared as problematic. This affects
CVE-2025-67634 | CISA Software Acquisition Guide Tool prior 2025-12-11 JSON File Parser cross site scripting
A vulnerability was found in CISA Software Acquisition Guide Tool. It has been rated as problematic. This impacts an unknown
CVE-2025-14617 | Jehovahs Witnesses JW Library App up to 15.5.1 on Android org.jw.jwlibrary.mobile.activity.SiloContainer path traversal
A vulnerability categorized as problematic has been discovered in Jehovahs Witnesses JW Library App up to 15.5.1 on Android. Affected
CVE-2025-14619 | code-projects Student File Management System 1.0 login_query.php stud_no sql injection
A vulnerability identified as critical has been detected in code-projects Student File Management System 1.0. Affected by this vulnerability is
CVE-2025-14620 | code-projects Student File Management System 1.0 /admin/login_query.php Username sql injection
A vulnerability labeled as critical has been found in code-projects Student File Management System 1.0. Affected by this issue is
CVE-2025-14621 | code-projects Student File Management System 1.0 /admin/update_user.php user_id sql injection
A vulnerability marked as critical has been reported in code-projects Student File Management System 1.0. This affects an unknown part
CVE-2025-14622 | code-projects Student File Management System 1.0 /admin/save_user.php firstname sql injection
A vulnerability described as critical has been identified in code-projects Student File Management System 1.0. This vulnerability affects unknown code
CVE-2025-14623 | code-projects Student File Management System 1.0 update_student.php stud_id sql injection
A vulnerability classified as critical has been found in code-projects Student File Management System 1.0. This issue affects some unknown
CVE-2025-11693 | Export WP Page to Static HTML & PDF Plugin up to 4.3.4 on WordPress Log File log file
A vulnerability has been found in Export WP Page to Static HTML & PDF Plugin up to 4.3.4 on WordPress
CVE-2025-14288 | Gallery Blocks with Lightbox Plugin up to 3.3.0 on WordPress AJAX edit_posts authorization
A vulnerability was found in Gallery Blocks with Lightbox Plugin up to 3.3.0 on WordPress and classified as problematic. This