Common Vulnerabilities and Exposures (CVE)

CVE-2025-13570

Nov 24, 2025 21:23:40 UTC

A vulnerability was found in itsourcecode COVID Tracking System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/?page=state. Performing manipulation of the argument ID results in sql injection. The attack ...

CVE-2025-13569

Nov 24, 2025 21:23:09 UTC

A vulnerability has been found in itsourcecode COVID Tracking System 1.0. Affected is an unknown function of the file /admin/?page=city. Such manipulation of the argument ID leads to sql injection. The attack can be launched remotely. The e...

CVE-2025-13568

Nov 24, 2025 21:22:36 UTC

A flaw has been found in itsourcecode COVID Tracking System 1.0. This impacts an unknown function of the file /admin/?page=people. This manipulation of the argument ID causes sql injection. The attack can be initiated remotely. The exploit ...

CVE-2025-13567

Nov 24, 2025 21:21:33 UTC

A vulnerability was detected in itsourcecode COVID Tracking System 1.0. This affects an unknown function of the file /admin/?page=establishment. The manipulation of the argument ID results in sql injection. It is possible to launch the atta...

CVE-2025-13566

Nov 24, 2025 21:20:43 UTC

A security vulnerability has been detected in jarun nnn up to 5.1. The impacted element is the function show_content_in_floating_window/run_cmd_as_plugin of the file nnn/src/nnn.c. The manipulation leads to double free. An attack has to be ...

CVE-2025-13565

Nov 24, 2025 21:18:41 UTC

A weakness has been identified in SourceCodester Inventory Management System 1.0. The affected element is an unknown function of the file /model/user/resetPassword.php. Executing manipulation can lead to weak password recovery. The attack m...

CVE-2025-29933

Nov 24, 2025 21:17:12 UTC

Improper input validation within AMD uProf can allow a local attacker to write out of bounds, potentially resulting in a crash or denial of service

CVE-2025-48511

Nov 24, 2025 21:13:33 UTC

Improper input validation within AMD uprof can allow a local attacker to write to an arbitrary physical address, potentially resulting in crash or denial of service.

CVE-2025-13564

Nov 24, 2025 21:13:10 UTC

A security flaw has been discovered in SourceCodester Pre-School Management System 1.0. Impacted is the function removefile of the file app/controllers/FilehelperController.php. Performing manipulation of the argument filepath results in de...

CVE-2025-13561

Nov 24, 2025 21:08:22 UTC

A vulnerability was determined in SourceCodester Company Website CMS 1.0. This vulnerability affects unknown code of the file /admin/index.php. This manipulation of the argument Username causes sql injection. Remote exploitation of the atta...

CVE-2025-48510

Nov 24, 2025 21:07:15 UTC

Improper return value within AMD uProf can allow a local attacker to bypass KSLR, potentially resulting in loss of confidentiality or availability.

CVE-2023-52356

Nov 24, 2025 21:03:43 UTC

A segment fault (SEGV) flaw was found in libtiff that could be triggered by passing a crafted tiff file to the TIFFReadRGBATileExt() API. This flaw allows a remote attacker to cause a heap-buffer overflow, leading to a denial of service.

CVE-2023-52355

Nov 24, 2025 21:03:39 UTC

An out-of-memory flaw was found in libtiff that could be triggered by passing a crafted tiff file to the TIFFRasterScanlineSize64() API. This flaw allows a remote attacker to cause a denial of service via a crafted input with a size smaller...

CVE-2025-5372

Nov 24, 2025 21:03:17 UTC

A flaw was found in libssh versions built with OpenSSL versions older than 3.0, specifically in the ssh_kdf() function responsible for key derivation. Due to inconsistent interpretation of return values where OpenSSL uses 0 to indicate fail...

CVE-2025-9900

Nov 24, 2025 21:02:44 UTC

A flaw was found in Libtiff. This vulnerability is a "write-what-where" condition, triggered when the library processes a specially crafted TIFF image file. By providing an abnormally large image height value in the file's metadata, an att...