Total
294313 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-2734 | 1 Phpgurukul | 1 Old Age Home Management System | 2025-05-15 | 7.3 High |
| A vulnerability, which was classified as critical, was found in PHPGurukul Old Age Home Management System 1.0. Affected is an unknown function of the file /admin/aboutus.php. The manipulation of the argument pagetitle leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-30421 | 2025-05-15 | 7.8 High | ||
| There is a memory corruption vulnerability due to a stack-based buffer overflow in DrObjectStorage::XML_Serialize() when using the SymbolEditor in NI Circuit Design Suite. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted .sym file. This vulnerability affects NI Circuit Design Suite 14.3.0 and prior versions. | ||||
| CVE-2025-20012 | 2025-05-15 | 4.9 Medium | ||
| Incorrect behavior order for some Intel(R) Core™ Ultra Processors may allow an unauthenticated user to potentially enable information disclosure via physical access. | ||||
| CVE-2025-20015 | 2025-05-15 | 6.7 Medium | ||
| Uncontrolled search path element for some Intel(R) Ethernet Connection software before version 29.4 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2025-20018 | 2025-05-15 | 8.4 High | ||
| Untrusted pointer dereference for some Intel(R) Graphics Drivers may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2025-20022 | 2025-05-15 | 5.7 Medium | ||
| Insufficient control flow management for some Edge Orchestrator software for Intel(R) Tiber™ Edge Platform may allow a privileged user to potentially enable information disclosure via adjacent access. | ||||
| CVE-2025-2735 | 1 Phpgurukul | 1 Old Age Home Management System | 2025-05-15 | 7.3 High |
| A vulnerability has been found in PHPGurukul Old Age Home Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/add-services.php. The manipulation of the argument sertitle leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-4698 | 2025-05-15 | 7.3 High | ||
| A vulnerability classified as critical has been found in PHPGurukul Directory Management System 2.0. This affects an unknown part of the file /admin/forget-password.php. The manipulation of the argument email leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-4699 | 2025-05-15 | 7.3 High | ||
| A vulnerability classified as critical was found in PHPGurukul Apartment Visitors Management System 1.0. This vulnerability affects unknown code of the file /admin/visitors-form.php. The manipulation of the argument Category leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-2736 | 1 Phpgurukul | 1 Old Age Home Management System | 2025-05-15 | 7.3 High |
| A vulnerability was found in PHPGurukul Old Age Home Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/bwdates-report-details.php. The manipulation of the argument fromdate leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well. | ||||
| CVE-2024-10472 | 1 Stylishpricelist | 1 Stylish Price List | 2025-05-15 | 5.9 Medium |
| The Stylish Price List WordPress plugin before 7.1.12 does not sanitise and escape some of its settings, which could allow high privilege users such as contributor to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup). | ||||
| CVE-2025-24063 | 2025-05-15 | 7.8 High | ||
| Heap-based buffer overflow in Windows Kernel allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-47732 | 2025-05-15 | 8.7 High | ||
| Microsoft Dataverse Remote Code Execution Vulnerability | ||||
| CVE-2025-47733 | 2025-05-15 | 9.1 Critical | ||
| Server-Side Request Forgery (SSRF) in Microsoft Power Apps allows an unauthorized attacker to disclose information over a network | ||||
| CVE-2025-29813 | 2025-05-15 | 10 Critical | ||
| [Spoofable identity claims] Authentication Bypass by Assumed-Immutable Data in Azure DevOps allows an unauthorized attacker to elevate privileges over a network. | ||||
| CVE-2025-29827 | 2025-05-15 | 9.9 Critical | ||
| Improper Authorization in Azure Automation allows an authorized attacker to elevate privileges over a network. | ||||
| CVE-2025-29972 | 2025-05-15 | 9.9 Critical | ||
| Server-Side Request Forgery (SSRF) in Azure allows an authorized attacker to perform spoofing over a network. | ||||
| CVE-2025-32707 | 2025-05-15 | 7.8 High | ||
| Out-of-bounds read in Windows NTFS allows an unauthorized attacker to elevate privileges locally. | ||||
| CVE-2025-32705 | 2025-05-15 | 7.8 High | ||
| Out-of-bounds read in Microsoft Office Outlook allows an unauthorized attacker to execute code locally. | ||||
| CVE-2025-32704 | 2025-05-15 | 8.4 High | ||
| Buffer over-read in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | ||||