CVE-2025-11529 - ChurchCRM API Endpoint AuthMiddleware.php AuthMiddleware missing authentication
CVE ID : CVE-2025-11529
Published : Oct. 9, 2025, 3:15 a.m. | 1 hour, 33 minutes ago
Description : A security flaw has been discovered in ChurchCRM up to 5.18.0. This impacts the function AuthMiddleware of the file src/ChurchCRM/Slim/Middleware/AuthMiddleware.php of the component API Endpoint. The manipulation results in missing authentication. The attack can be executed remotely. The exploit has been released to the public and may be exploited. The patch is identified as 3a1cffd2aea63d884025949cfbcfd274d06216a4. A patch should be applied to remediate this issue.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-11529
Published : Oct. 9, 2025, 3:15 a.m. | 1 hour, 33 minutes ago
Description : A security flaw has been discovered in ChurchCRM up to 5.18.0. This impacts the function AuthMiddleware of the file src/ChurchCRM/Slim/Middleware/AuthMiddleware.php of the component API Endpoint. The manipulation results in missing authentication. The attack can be executed remotely. The exploit has been released to the public and may be exploited. The patch is identified as 3a1cffd2aea63d884025949cfbcfd274d06216a4. A patch should be applied to remediate this issue.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-11530 - code-projects Online Complaint Site state.php sql injection
CVE ID : CVE-2025-11530
Published : Oct. 9, 2025, 4:16 a.m. | 32 minutes ago
Description : A weakness has been identified in code-projects Online Complaint Site 1.0. Affected is an unknown function of the file /cms/admin/state.php. This manipulation of the argument state causes sql injection. The attack is possible to be carried out remotely. The exploit has been made available to the public and could be exploited.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-11530
Published : Oct. 9, 2025, 4:16 a.m. | 32 minutes ago
Description : A weakness has been identified in code-projects Online Complaint Site 1.0. Affected is an unknown function of the file /cms/admin/state.php. This manipulation of the argument state causes sql injection. The attack is possible to be carried out remotely. The exploit has been made available to the public and could be exploited.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-27039 - Detection of Error Condition Without Action in Computer Vision
CVE ID : CVE-2025-27039
Published : Oct. 9, 2025, 4:16 a.m. | 32 minutes ago
Description : Memory corruption may occur while processing IOCTL call for DMM/WARPNCC CONFIG request.
Severity: 6.6 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-27039
Published : Oct. 9, 2025, 4:16 a.m. | 32 minutes ago
Description : Memory corruption may occur while processing IOCTL call for DMM/WARPNCC CONFIG request.
Severity: 6.6 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-27040 - Improper Input Validation in TZ Firmware
CVE ID : CVE-2025-27040
Published : Oct. 9, 2025, 4:16 a.m. | 32 minutes ago
Description : Information disclosure may occur while processing the hypervisor log.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-27040
Published : Oct. 9, 2025, 4:16 a.m. | 32 minutes ago
Description : Information disclosure may occur while processing the hypervisor log.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-27041 - Buffer Over-read in Video
CVE ID : CVE-2025-27041
Published : Oct. 9, 2025, 4:16 a.m. | 32 minutes ago
Description : Transient DOS while processing video packets received from video firmware.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-27041
Published : Oct. 9, 2025, 4:16 a.m. | 32 minutes ago
Description : Transient DOS while processing video packets received from video firmware.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-27045 - Buffer Over-read in Video
CVE ID : CVE-2025-27045
Published : Oct. 9, 2025, 4:16 a.m. | 32 minutes ago
Description : Information disclosure while processing batch command execution in Video driver.
Severity: 6.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-27045
Published : Oct. 9, 2025, 4:16 a.m. | 32 minutes ago
Description : Information disclosure while processing batch command execution in Video driver.
Severity: 6.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-27048 - Untrusted Pointer Dereference in Camera
CVE ID : CVE-2025-27048
Published : Oct. 9, 2025, 4:16 a.m. | 32 minutes ago
Description : Memory corruption while processing camera platform driver IOCTL calls.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-27048
Published : Oct. 9, 2025, 4:16 a.m. | 32 minutes ago
Description : Memory corruption while processing camera platform driver IOCTL calls.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-27049 - Buffer Over-read in Camera
CVE ID : CVE-2025-27049
Published : Oct. 9, 2025, 4:16 a.m. | 32 minutes ago
Description : Transient DOS while processing IOCTL call for image encoding.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-27049
Published : Oct. 9, 2025, 4:16 a.m. | 32 minutes ago
Description : Transient DOS while processing IOCTL call for image encoding.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-27053 - Incorrect Calculation of Buffer Size in HLOS
CVE ID : CVE-2025-27053
Published : Oct. 9, 2025, 4:16 a.m. | 31 minutes ago
Description : Memory corruption during PlayReady APP usecase while processing TA commands.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-27053
Published : Oct. 9, 2025, 4:16 a.m. | 31 minutes ago
Description : Memory corruption during PlayReady APP usecase while processing TA commands.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-27054 - Out-of-bounds Write in Display
CVE ID : CVE-2025-27054
Published : Oct. 9, 2025, 4:16 a.m. | 31 minutes ago
Description : Memory corruption while processing a malformed license file during reboot.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-27054
Published : Oct. 9, 2025, 4:16 a.m. | 31 minutes ago
Description : Memory corruption while processing a malformed license file during reboot.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-27059 - Use of Out-of-range Pointer Offset in TZ Firmware
CVE ID : CVE-2025-27059
Published : Oct. 9, 2025, 4:16 a.m. | 31 minutes ago
Description : Memory corruption while performing SCM call.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-27059
Published : Oct. 9, 2025, 4:16 a.m. | 31 minutes ago
Description : Memory corruption while performing SCM call.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-27060 - Untrusted Pointer Dereference in TZ Firmware
CVE ID : CVE-2025-27060
Published : Oct. 9, 2025, 4:16 a.m. | 31 minutes ago
Description : Memory corruption while performing SCM call with malformed inputs.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-27060
Published : Oct. 9, 2025, 4:16 a.m. | 31 minutes ago
Description : Memory corruption while performing SCM call with malformed inputs.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-47338 - Untrusted Pointer Dereference in DSP Service
CVE ID : CVE-2025-47338
Published : Oct. 9, 2025, 4:16 a.m. | 31 minutes ago
Description : Memory corruption while processing escape commands from userspace.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-47338
Published : Oct. 9, 2025, 4:16 a.m. | 31 minutes ago
Description : Memory corruption while processing escape commands from userspace.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-47340 - Out-of-bounds Write in DSP Service
CVE ID : CVE-2025-47340
Published : Oct. 9, 2025, 4:16 a.m. | 31 minutes ago
Description : Memory corruption while processing IOCTL call to get the mapping.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-47340
Published : Oct. 9, 2025, 4:16 a.m. | 31 minutes ago
Description : Memory corruption while processing IOCTL call to get the mapping.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-47341 - Buffer Copy Without Checking Size of Input in Camera
CVE ID : CVE-2025-47341
Published : Oct. 9, 2025, 4:16 a.m. | 31 minutes ago
Description : memory corruption while processing an image encoding completion event.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-47341
Published : Oct. 9, 2025, 4:16 a.m. | 31 minutes ago
Description : memory corruption while processing an image encoding completion event.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-47342 - Use After Free in BT Controller
CVE ID : CVE-2025-47342
Published : Oct. 9, 2025, 4:16 a.m. | 31 minutes ago
Description : Transient DOS may occur when multi-profile concurrency arises with QHS enabled.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-47342
Published : Oct. 9, 2025, 4:16 a.m. | 31 minutes ago
Description : Transient DOS may occur when multi-profile concurrency arises with QHS enabled.
Severity: 7.1 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-47347 - Stack-based Buffer Overflow in Automotive Software platform based on QNX
CVE ID : CVE-2025-47347
Published : Oct. 9, 2025, 4:16 a.m. | 31 minutes ago
Description : Memory corruption while processing control commands in the virtual memory management interface.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-47347
Published : Oct. 9, 2025, 4:16 a.m. | 31 minutes ago
Description : Memory corruption while processing control commands in the virtual memory management interface.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-47349 - Use of Out-of-range Pointer Offset in DSP Service
CVE ID : CVE-2025-47349
Published : Oct. 9, 2025, 4:16 a.m. | 31 minutes ago
Description : Memory corruption while processing an escape call.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-47349
Published : Oct. 9, 2025, 4:16 a.m. | 31 minutes ago
Description : Memory corruption while processing an escape call.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-47351 - Integer Overflow or Wraparound in DSP Service
CVE ID : CVE-2025-47351
Published : Oct. 9, 2025, 4:16 a.m. | 31 minutes ago
Description : Memory corruption while processing user buffers.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-47351
Published : Oct. 9, 2025, 4:16 a.m. | 31 minutes ago
Description : Memory corruption while processing user buffers.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-47354 - Use After Free in DSP Service
CVE ID : CVE-2025-47354
Published : Oct. 9, 2025, 4:16 a.m. | 31 minutes ago
Description : Memory corruption while allocating buffers in DSP service.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-47354
Published : Oct. 9, 2025, 4:16 a.m. | 31 minutes ago
Description : Memory corruption while allocating buffers in DSP service.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-47355 - Out-of-bounds Write in DSP Service
CVE ID : CVE-2025-47355
Published : Oct. 9, 2025, 4:16 a.m. | 31 minutes ago
Description : Memory corruption while invoking remote procedure IOCTL calls.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-47355
Published : Oct. 9, 2025, 4:16 a.m. | 31 minutes ago
Description : Memory corruption while invoking remote procedure IOCTL calls.
Severity: 7.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...