CVE-2025-10030 - Campcodes Grocery Sales and Inventory System ajax.php sql injection
CVE ID : CVE-2025-10030
Published : Sept. 6, 2025, 10:32 a.m. | 37 minutes ago
Description : A weakness has been identified in Campcodes Grocery Sales and Inventory System 1.0. This issue affects some unknown processing of the file /ajax.php?action=save_receiving. Executing manipulation of the argument ID can lead to sql injection. The attack may be launched remotely. The exploit has been made available to the public and could be exploited.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-10030
Published : Sept. 6, 2025, 10:32 a.m. | 37 minutes ago
Description : A weakness has been identified in Campcodes Grocery Sales and Inventory System 1.0. This issue affects some unknown processing of the file /ajax.php?action=save_receiving. Executing manipulation of the argument ID can lead to sql injection. The attack may be launched remotely. The exploit has been made available to the public and could be exploited.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-10031 - Campcodes Grocery Sales and Inventory System ajax.php sql injection
CVE ID : CVE-2025-10031
Published : Sept. 6, 2025, 12:15 p.m. | 2 hours, 54 minutes ago
Description : A security vulnerability has been detected in Campcodes Grocery Sales and Inventory System 1.0. Impacted is an unknown function of the file /ajax.php?action=delete_sales. The manipulation of the argument ID leads to sql injection. Remote exploitation of the attack is possible. The exploit has been disclosed publicly and may be used.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-10031
Published : Sept. 6, 2025, 12:15 p.m. | 2 hours, 54 minutes ago
Description : A security vulnerability has been detected in Campcodes Grocery Sales and Inventory System 1.0. Impacted is an unknown function of the file /ajax.php?action=delete_sales. The manipulation of the argument ID leads to sql injection. Remote exploitation of the attack is possible. The exploit has been disclosed publicly and may be used.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-10032 - Campcodes Grocery Sales and Inventory System index.php cross site scripting
CVE ID : CVE-2025-10032
Published : Sept. 6, 2025, 1:15 p.m. | 1 hour, 54 minutes ago
Description : A vulnerability was detected in Campcodes Grocery Sales and Inventory System 1.0. The affected element is an unknown function of the file /index.php. The manipulation of the argument page results in cross site scripting. The attack can be executed remotely. The exploit is now public and may be used.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-10032
Published : Sept. 6, 2025, 1:15 p.m. | 1 hour, 54 minutes ago
Description : A vulnerability was detected in Campcodes Grocery Sales and Inventory System 1.0. The affected element is an unknown function of the file /index.php. The manipulation of the argument page results in cross site scripting. The attack can be executed remotely. The exploit is now public and may be used.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-10033 - itsourcecode Online Discussion Forum admin sql injection
CVE ID : CVE-2025-10033
Published : Sept. 6, 2025, 1:15 p.m. | 1 hour, 54 minutes ago
Description : A vulnerability has been found in itsourcecode Online Discussion Forum 1.0. This affects an unknown function of the file /admin. Such manipulation of the argument Username leads to sql injection. The attack may be performed from remote. The exploit has been disclosed to the public and may be used.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-10033
Published : Sept. 6, 2025, 1:15 p.m. | 1 hour, 54 minutes ago
Description : A vulnerability has been found in itsourcecode Online Discussion Forum 1.0. This affects an unknown function of the file /admin. Such manipulation of the argument Username leads to sql injection. The attack may be performed from remote. The exploit has been disclosed to the public and may be used.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-10034 - D-Link DIR-825 httpd ping6_response.cg get_ping6_app_stat buffer overflow
CVE ID : CVE-2025-10034
Published : Sept. 6, 2025, 2:32 p.m. | 38 minutes ago
Description : A vulnerability was found in D-Link DIR-825 1.08.01. This impacts the function get_ping6_app_stat of the file ping6_response.cg of the component httpd. Performing manipulation of the argument ping6_ipaddr results in buffer overflow. It is possible to initiate the attack remotely. The exploit has been made public and could be used. This vulnerability only affects products that are no longer supported by the maintainer.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-10034
Published : Sept. 6, 2025, 2:32 p.m. | 38 minutes ago
Description : A vulnerability was found in D-Link DIR-825 1.08.01. This impacts the function get_ping6_app_stat of the file ping6_response.cg of the component httpd. Performing manipulation of the argument ping6_ipaddr results in buffer overflow. It is possible to initiate the attack remotely. The exploit has been made public and could be used. This vulnerability only affects products that are no longer supported by the maintainer.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2021-26377 - Citrix XenServer Integer Overflow Denial of Service
CVE ID : CVE-2021-26377
Published : Sept. 6, 2025, 4:15 p.m. | 2 hours, 55 minutes ago
Description : Insufficient parameter validation while allocating process space in the Trusted OS (TOS) may allow for a malicious userspace process to trigger an integer overflow, leading to a potential denial of service.
Severity: 4.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2021-26377
Published : Sept. 6, 2025, 4:15 p.m. | 2 hours, 55 minutes ago
Description : Insufficient parameter validation while allocating process space in the Trusted OS (TOS) may allow for a malicious userspace process to trigger an integer overflow, leading to a potential denial of service.
Severity: 4.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2021-46750 - Intel TEE Graphics Mailbox TMR Overlap Vulnerability
CVE ID : CVE-2021-46750
Published : Sept. 6, 2025, 4:15 p.m. | 2 hours, 55 minutes ago
Description : Failure to validate the address and size in TEE (Trusted Execution Environment) may allow a malicious x86 attacker to send malformed messages to the graphics mailbox resulting in an overlap of a TMR (Trusted Memory Region) that was previously allocated by the ASP bootloader leading to a potential loss of integrity.
Severity: 3.0 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2021-46750
Published : Sept. 6, 2025, 4:15 p.m. | 2 hours, 55 minutes ago
Description : Failure to validate the address and size in TEE (Trusted Execution Environment) may allow a malicious x86 attacker to send malformed messages to the graphics mailbox resulting in an overlap of a TMR (Trusted Memory Region) that was previously allocated by the ASP bootloader leading to a potential loss of integrity.
Severity: 3.0 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2023-20516 - Fusion-io ASP Privilege Escalation Vulnerability
CVE ID : CVE-2023-20516
Published : Sept. 6, 2025, 5:15 p.m. | 1 hour, 55 minutes ago
Description : Improper handling of insufficiency privileges in the ASP could allow a privileged attacker to modify Translation Map Registers (TMRs) potentially resulting in loss of confidentiality or integrity.
Severity: 3.3 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2023-20516
Published : Sept. 6, 2025, 5:15 p.m. | 1 hour, 55 minutes ago
Description : Improper handling of insufficiency privileges in the ASP could allow a privileged attacker to modify Translation Map Registers (TMRs) potentially resulting in loss of confidentiality or integrity.
Severity: 3.3 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2023-31306 - AMD Graphics Driver Array Index Validation Vulnerability (Information Disclosure)
CVE ID : CVE-2023-31306
Published : Sept. 6, 2025, 5:15 p.m. | 1 hour, 55 minutes ago
Description : Improper validation of an array index in the AMD graphics driver software could allow an attacker to pass malformed arguments to the dynamic power management (DPM) functions resulting in an out of bounds read and loss of availability.
Severity: 3.3 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2023-31306
Published : Sept. 6, 2025, 5:15 p.m. | 1 hour, 55 minutes ago
Description : Improper validation of an array index in the AMD graphics driver software could allow an attacker to pass malformed arguments to the dynamic power management (DPM) functions resulting in an out of bounds read and loss of availability.
Severity: 3.3 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2023-31322 - Apache ASP Type Confusion Memory Corruption Vulnerability
CVE ID : CVE-2023-31322
Published : Sept. 6, 2025, 5:15 p.m. | 1 hour, 55 minutes ago
Description : Type confusion in the ASP could allow an attacker to pass a malformed argument to the Reliability, Availability, and Serviceability trusted application (RAS TA) potentially leading to a read or write to shared memory resulting in loss of confidentiality, integrity, or availability.
Severity: 8.7 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2023-31322
Published : Sept. 6, 2025, 5:15 p.m. | 1 hour, 55 minutes ago
Description : Type confusion in the ASP could allow an attacker to pass a malformed argument to the Reliability, Availability, and Serviceability trusted application (RAS TA) potentially leading to a read or write to shared memory resulting in loss of confidentiality, integrity, or availability.
Severity: 8.7 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2023-31325 - Xilinx Zynq-7000 SOC Data Confidentiality and Integrity Vulnerability
CVE ID : CVE-2023-31325
Published : Sept. 6, 2025, 5:15 p.m. | 1 hour, 55 minutes ago
Description : Improper isolation of shared resources on System-on-a-chip (SOC) could a privileged attacker to tamper with the contents of the PSP reserved DRAM region potentially resulting in loss of confidentiality and integrity.
Severity: 7.2 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2023-31325
Published : Sept. 6, 2025, 5:15 p.m. | 1 hour, 55 minutes ago
Description : Improper isolation of shared resources on System-on-a-chip (SOC) could a privileged attacker to tamper with the contents of the PSP reserved DRAM region potentially resulting in loss of confidentiality and integrity.
Severity: 7.2 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2023-31326 - Apache ASP Uninitialized Variable Information Disclosure Vulnerability
CVE ID : CVE-2023-31326
Published : Sept. 6, 2025, 5:15 p.m. | 1 hour, 55 minutes ago
Description : Use of an uninitialized variable in the ASP could allow an attacker to access leftover data from a trusted execution environment (TEE) driver, potentially leading to loss of confidentiality.
Severity: 2.8 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2023-31326
Published : Sept. 6, 2025, 5:15 p.m. | 1 hour, 55 minutes ago
Description : Use of an uninitialized variable in the ASP could allow an attacker to access leftover data from a trusted execution environment (TEE) driver, potentially leading to loss of confidentiality.
Severity: 2.8 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2023-31330 - "Qualcomm Snapdragon ASP Out-of-Bounds Read Vulnerability"
CVE ID : CVE-2023-31330
Published : Sept. 6, 2025, 5:15 p.m. | 1 hour, 55 minutes ago
Description : An out-of-bounds read in the ASP could allow a privileged attacker with access to a malicious bootloader to potentially read sensitive memory resulting in loss of confidentiality.
Severity: 2.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2023-31330
Published : Sept. 6, 2025, 5:15 p.m. | 1 hour, 55 minutes ago
Description : An out-of-bounds read in the ASP could allow a privileged attacker with access to a malicious bootloader to potentially read sensitive memory resulting in loss of confidentiality.
Severity: 2.5 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2023-31351 - VMware vSphere IOMMU Privilege Escalation Vulnerability
CVE ID : CVE-2023-31351
Published : Sept. 6, 2025, 5:15 p.m. | 1 hour, 55 minutes ago
Description : Improper restriction of operations in the IOMMU could allow a malicious hypervisor to access guest private memory resulting in loss of integrity.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2023-31351
Published : Sept. 6, 2025, 5:15 p.m. | 1 hour, 55 minutes ago
Description : Improper restriction of operations in the IOMMU could allow a malicious hypervisor to access guest private memory resulting in loss of integrity.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2023-31365 - AMD SMU Integer Overflow Vulnerability
CVE ID : CVE-2023-31365
Published : Sept. 6, 2025, 5:15 p.m. | 1 hour, 55 minutes ago
Description : An integer overflow in the SMU could allow a privileged attacker to potentially write memory beyond the end of the reserved dRAM area resulting in loss of integrity or availability.
Severity: 3.9 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2023-31365
Published : Sept. 6, 2025, 5:15 p.m. | 1 hour, 55 minutes ago
Description : An integer overflow in the SMU could allow a privileged attacker to potentially write memory beyond the end of the reserved dRAM area resulting in loss of integrity or availability.
Severity: 3.9 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-0009 - AMD Crash Defender NULL Pointer Dereference
CVE ID : CVE-2025-0009
Published : Sept. 6, 2025, 6:12 p.m. | 57 minutes ago
Description : A NULL pointer dereference in AMD Crash Defender could allow an attacker to write a NULL output to a log file potentially resulting in a system crash and loss of availability.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-0009
Published : Sept. 6, 2025, 6:12 p.m. | 57 minutes ago
Description : A NULL pointer dereference in AMD Crash Defender could allow an attacker to write a NULL output to a log file potentially resulting in a system crash and loss of availability.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2024-21947 - Intel SMM Arbitrary Code Execution Vulnerability
CVE ID : CVE-2024-21947
Published : Sept. 6, 2025, 6:15 p.m. | 55 minutes ago
Description : Improper input validation in the system management mode (SMM) could allow a privileged attacker to overwrite arbitrary memory potentially resulting in arbitrary code execution at the SMM level.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2024-21947
Published : Sept. 6, 2025, 6:15 p.m. | 55 minutes ago
Description : Improper input validation in the system management mode (SMM) could allow a privileged attacker to overwrite arbitrary memory potentially resulting in arbitrary code execution at the SMM level.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2024-21970 - AMD AND Power Management Firmware Array Index Validation Vulnerability
CVE ID : CVE-2024-21970
Published : Sept. 6, 2025, 6:15 p.m. | 55 minutes ago
Description : Improper validation of an array index in the AND power Management Firmware could allow a privileged attacker to corrupt AGESA memory potentially leading to a loss of integrity.
Severity: 4.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2024-21970
Published : Sept. 6, 2025, 6:15 p.m. | 55 minutes ago
Description : Improper validation of an array index in the AND power Management Firmware could allow a privileged attacker to corrupt AGESA memory potentially leading to a loss of integrity.
Severity: 4.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2024-36326 - AMD RomArmor Missing Authorization Vulnerability
CVE ID : CVE-2024-36326
Published : Sept. 6, 2025, 6:15 p.m. | 55 minutes ago
Description : Missing authorization in AMD RomArmor could allow an attacker to bypass ROMArmor protections during system resume from a standby state, potentially resulting in a loss of confidentiality and integrity.
Severity: 8.4 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2024-36326
Published : Sept. 6, 2025, 6:15 p.m. | 55 minutes ago
Description : Missing authorization in AMD RomArmor could allow an attacker to bypass ROMArmor protections during system resume from a standby state, potentially resulting in a loss of confidentiality and integrity.
Severity: 8.4 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2024-36331 - AMD SEV-SNP CPU Cache Memory Overwrite Vulnerability
CVE ID : CVE-2024-36331
Published : Sept. 6, 2025, 6:15 p.m. | 55 minutes ago
Description : Improper initialization of CPU cache memory could allow a privileged attacker with hypervisor access to overwrite SEV-SNP guest memory resulting in loss of data integrity.
Severity: 3.2 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2024-36331
Published : Sept. 6, 2025, 6:15 p.m. | 55 minutes ago
Description : Improper initialization of CPU cache memory could allow a privileged attacker with hypervisor access to overwrite SEV-SNP guest memory resulting in loss of data integrity.
Severity: 3.2 | LOW
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2024-36342 - NVIDIA GPU Driver Heap Overflow Vulnerability
CVE ID : CVE-2024-36342
Published : Sept. 6, 2025, 6:15 p.m. | 55 minutes ago
Description : Improper input validation in the GPU driver could allow an attacker to exploit a heap overflow potentially resulting in arbitrary code execution.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2024-36342
Published : Sept. 6, 2025, 6:15 p.m. | 55 minutes ago
Description : Improper input validation in the GPU driver could allow an attacker to exploit a heap overflow potentially resulting in arbitrary code execution.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...