CVE-2025-11503 - PHPGurukul Beauty Parlour Management System manage-services.php sql injection
CVE ID : CVE-2025-11503
Published : Oct. 8, 2025, 8:15 p.m. | 29 minutes ago
Description : A vulnerability was determined in PHPGurukul Beauty Parlour Management System 1.1. This issue affects some unknown processing of the file /admin/manage-services.php. Executing manipulation of the argument delid can lead to sql injection. The attack may be performed from remote. The exploit has been publicly disclosed and may be utilized.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-11503
Published : Oct. 8, 2025, 8:15 p.m. | 29 minutes ago
Description : A vulnerability was determined in PHPGurukul Beauty Parlour Management System 1.1. This issue affects some unknown processing of the file /admin/manage-services.php. Executing manipulation of the argument delid can lead to sql injection. The attack may be performed from remote. The exploit has been publicly disclosed and may be utilized.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-60311 - ProjectWorlds Gym Management System SQL Injection Vulnerability
CVE ID : CVE-2025-60311
Published : Oct. 8, 2025, 8:15 p.m. | 28 minutes ago
Description : ProjectWorlds Gym Management System1.0 is vulnerable to SQL Injection via the "id" parameter in the profile/edit.php page
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-60311
Published : Oct. 8, 2025, 8:15 p.m. | 28 minutes ago
Description : ProjectWorlds Gym Management System1.0 is vulnerable to SQL Injection via the "id" parameter in the profile/edit.php page
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-11526 - Tenda AC7 WifiMacFilterSet stack-based overflow
CVE ID : CVE-2025-11526
Published : Oct. 9, 2025, 3:15 a.m. | 1 hour, 33 minutes ago
Description : A vulnerability was found in Tenda AC7 15.03.06.44. The affected element is an unknown function of the file /goform/WifiMacFilterSet. Performing manipulation of the argument wifi_chkHz results in stack-based buffer overflow. The attack may be initiated remotely. The exploit has been made public and could be used.
Severity: 9.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-11526
Published : Oct. 9, 2025, 3:15 a.m. | 1 hour, 33 minutes ago
Description : A vulnerability was found in Tenda AC7 15.03.06.44. The affected element is an unknown function of the file /goform/WifiMacFilterSet. Performing manipulation of the argument wifi_chkHz results in stack-based buffer overflow. The attack may be initiated remotely. The exploit has been made public and could be used.
Severity: 9.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-11527 - Tenda AC7 fast_setting_pppoe_set stack-based overflow
CVE ID : CVE-2025-11527
Published : Oct. 9, 2025, 3:15 a.m. | 1 hour, 33 minutes ago
Description : A vulnerability was determined in Tenda AC7 15.03.06.44. The impacted element is an unknown function of the file /goform/fast_setting_pppoe_set. Executing manipulation of the argument Password can lead to stack-based buffer overflow. The attack may be launched remotely. The exploit has been publicly disclosed and may be utilized.
Severity: 9.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-11527
Published : Oct. 9, 2025, 3:15 a.m. | 1 hour, 33 minutes ago
Description : A vulnerability was determined in Tenda AC7 15.03.06.44. The impacted element is an unknown function of the file /goform/fast_setting_pppoe_set. Executing manipulation of the argument Password can lead to stack-based buffer overflow. The attack may be launched remotely. The exploit has been publicly disclosed and may be utilized.
Severity: 9.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-11528 - Tenda AC7 saveAutoQos stack-based overflow
CVE ID : CVE-2025-11528
Published : Oct. 9, 2025, 3:15 a.m. | 1 hour, 33 minutes ago
Description : A vulnerability was identified in Tenda AC7 15.03.06.44. This affects an unknown function of the file /goform/saveAutoQos. The manipulation of the argument enable leads to stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit is publicly available and might be used.
Severity: 9.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-11528
Published : Oct. 9, 2025, 3:15 a.m. | 1 hour, 33 minutes ago
Description : A vulnerability was identified in Tenda AC7 15.03.06.44. This affects an unknown function of the file /goform/saveAutoQos. The manipulation of the argument enable leads to stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit is publicly available and might be used.
Severity: 9.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-11529 - ChurchCRM API Endpoint AuthMiddleware.php AuthMiddleware missing authentication
CVE ID : CVE-2025-11529
Published : Oct. 9, 2025, 3:15 a.m. | 1 hour, 33 minutes ago
Description : A security flaw has been discovered in ChurchCRM up to 5.18.0. This impacts the function AuthMiddleware of the file src/ChurchCRM/Slim/Middleware/AuthMiddleware.php of the component API Endpoint. The manipulation results in missing authentication. The attack can be executed remotely. The exploit has been released to the public and may be exploited. The patch is identified as 3a1cffd2aea63d884025949cfbcfd274d06216a4. A patch should be applied to remediate this issue.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-11529
Published : Oct. 9, 2025, 3:15 a.m. | 1 hour, 33 minutes ago
Description : A security flaw has been discovered in ChurchCRM up to 5.18.0. This impacts the function AuthMiddleware of the file src/ChurchCRM/Slim/Middleware/AuthMiddleware.php of the component API Endpoint. The manipulation results in missing authentication. The attack can be executed remotely. The exploit has been released to the public and may be exploited. The patch is identified as 3a1cffd2aea63d884025949cfbcfd274d06216a4. A patch should be applied to remediate this issue.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-11530 - code-projects Online Complaint Site state.php sql injection
CVE ID : CVE-2025-11530
Published : Oct. 9, 2025, 4:16 a.m. | 32 minutes ago
Description : A weakness has been identified in code-projects Online Complaint Site 1.0. Affected is an unknown function of the file /cms/admin/state.php. This manipulation of the argument state causes sql injection. The attack is possible to be carried out remotely. The exploit has been made available to the public and could be exploited.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-11530
Published : Oct. 9, 2025, 4:16 a.m. | 32 minutes ago
Description : A weakness has been identified in code-projects Online Complaint Site 1.0. Affected is an unknown function of the file /cms/admin/state.php. This manipulation of the argument state causes sql injection. The attack is possible to be carried out remotely. The exploit has been made available to the public and could be exploited.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-27039 - Detection of Error Condition Without Action in Computer Vision
CVE ID : CVE-2025-27039
Published : Oct. 9, 2025, 4:16 a.m. | 32 minutes ago
Description : Memory corruption may occur while processing IOCTL call for DMM/WARPNCC CONFIG request.
Severity: 6.6 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-27039
Published : Oct. 9, 2025, 4:16 a.m. | 32 minutes ago
Description : Memory corruption may occur while processing IOCTL call for DMM/WARPNCC CONFIG request.
Severity: 6.6 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-27040 - Improper Input Validation in TZ Firmware
CVE ID : CVE-2025-27040
Published : Oct. 9, 2025, 4:16 a.m. | 32 minutes ago
Description : Information disclosure may occur while processing the hypervisor log.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-27040
Published : Oct. 9, 2025, 4:16 a.m. | 32 minutes ago
Description : Information disclosure may occur while processing the hypervisor log.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-27041 - Buffer Over-read in Video
CVE ID : CVE-2025-27041
Published : Oct. 9, 2025, 4:16 a.m. | 32 minutes ago
Description : Transient DOS while processing video packets received from video firmware.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-27041
Published : Oct. 9, 2025, 4:16 a.m. | 32 minutes ago
Description : Transient DOS while processing video packets received from video firmware.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-27045 - Buffer Over-read in Video
CVE ID : CVE-2025-27045
Published : Oct. 9, 2025, 4:16 a.m. | 32 minutes ago
Description : Information disclosure while processing batch command execution in Video driver.
Severity: 6.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-27045
Published : Oct. 9, 2025, 4:16 a.m. | 32 minutes ago
Description : Information disclosure while processing batch command execution in Video driver.
Severity: 6.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-27048 - Untrusted Pointer Dereference in Camera
CVE ID : CVE-2025-27048
Published : Oct. 9, 2025, 4:16 a.m. | 32 minutes ago
Description : Memory corruption while processing camera platform driver IOCTL calls.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-27048
Published : Oct. 9, 2025, 4:16 a.m. | 32 minutes ago
Description : Memory corruption while processing camera platform driver IOCTL calls.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-27049 - Buffer Over-read in Camera
CVE ID : CVE-2025-27049
Published : Oct. 9, 2025, 4:16 a.m. | 32 minutes ago
Description : Transient DOS while processing IOCTL call for image encoding.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-27049
Published : Oct. 9, 2025, 4:16 a.m. | 32 minutes ago
Description : Transient DOS while processing IOCTL call for image encoding.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-27053 - Incorrect Calculation of Buffer Size in HLOS
CVE ID : CVE-2025-27053
Published : Oct. 9, 2025, 4:16 a.m. | 31 minutes ago
Description : Memory corruption during PlayReady APP usecase while processing TA commands.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-27053
Published : Oct. 9, 2025, 4:16 a.m. | 31 minutes ago
Description : Memory corruption during PlayReady APP usecase while processing TA commands.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-27054 - Out-of-bounds Write in Display
CVE ID : CVE-2025-27054
Published : Oct. 9, 2025, 4:16 a.m. | 31 minutes ago
Description : Memory corruption while processing a malformed license file during reboot.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-27054
Published : Oct. 9, 2025, 4:16 a.m. | 31 minutes ago
Description : Memory corruption while processing a malformed license file during reboot.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-27059 - Use of Out-of-range Pointer Offset in TZ Firmware
CVE ID : CVE-2025-27059
Published : Oct. 9, 2025, 4:16 a.m. | 31 minutes ago
Description : Memory corruption while performing SCM call.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-27059
Published : Oct. 9, 2025, 4:16 a.m. | 31 minutes ago
Description : Memory corruption while performing SCM call.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-27060 - Untrusted Pointer Dereference in TZ Firmware
CVE ID : CVE-2025-27060
Published : Oct. 9, 2025, 4:16 a.m. | 31 minutes ago
Description : Memory corruption while performing SCM call with malformed inputs.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-27060
Published : Oct. 9, 2025, 4:16 a.m. | 31 minutes ago
Description : Memory corruption while performing SCM call with malformed inputs.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-47338 - Untrusted Pointer Dereference in DSP Service
CVE ID : CVE-2025-47338
Published : Oct. 9, 2025, 4:16 a.m. | 31 minutes ago
Description : Memory corruption while processing escape commands from userspace.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-47338
Published : Oct. 9, 2025, 4:16 a.m. | 31 minutes ago
Description : Memory corruption while processing escape commands from userspace.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-47340 - Out-of-bounds Write in DSP Service
CVE ID : CVE-2025-47340
Published : Oct. 9, 2025, 4:16 a.m. | 31 minutes ago
Description : Memory corruption while processing IOCTL call to get the mapping.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-47340
Published : Oct. 9, 2025, 4:16 a.m. | 31 minutes ago
Description : Memory corruption while processing IOCTL call to get the mapping.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-47341 - Buffer Copy Without Checking Size of Input in Camera
CVE ID : CVE-2025-47341
Published : Oct. 9, 2025, 4:16 a.m. | 31 minutes ago
Description : memory corruption while processing an image encoding completion event.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-47341
Published : Oct. 9, 2025, 4:16 a.m. | 31 minutes ago
Description : memory corruption while processing an image encoding completion event.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-47342 - Use After Free in BT Controller
CVE ID : CVE-2025-47342
Published : Oct. 9, 2025, 4:16 a.m. | 31 minutes ago
Description : Transient DOS may occur when multi-profile concurrency arises with QHS enabled.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-47342
Published : Oct. 9, 2025, 4:16 a.m. | 31 minutes ago
Description : Transient DOS may occur when multi-profile concurrency arises with QHS enabled.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...