๐จ CVE-2025-59508
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Speech allows an authorized attacker to elevate privileges locally.
๐@cveNotify
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Speech allows an authorized attacker to elevate privileges locally.
๐@cveNotify
๐จ CVE-2025-59509
Insertion of sensitive information into sent data in Windows Speech allows an authorized attacker to disclose information locally.
๐@cveNotify
Insertion of sensitive information into sent data in Windows Speech allows an authorized attacker to disclose information locally.
๐@cveNotify
๐จ CVE-2025-59510
Improper link resolution before file access ('link following') in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to deny service locally.
๐@cveNotify
Improper link resolution before file access ('link following') in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to deny service locally.
๐@cveNotify
๐จ CVE-2025-59511
External control of file name or path in Windows WLAN Service allows an authorized attacker to elevate privileges locally.
๐@cveNotify
External control of file name or path in Windows WLAN Service allows an authorized attacker to elevate privileges locally.
๐@cveNotify
๐จ CVE-2025-59512
Improper access control in Customer Experience Improvement Program (CEIP) allows an authorized attacker to elevate privileges locally.
๐@cveNotify
Improper access control in Customer Experience Improvement Program (CEIP) allows an authorized attacker to elevate privileges locally.
๐@cveNotify
๐จ CVE-2025-59513
Out-of-bounds read in Windows Bluetooth RFCOM Protocol Driver allows an authorized attacker to disclose information locally.
๐@cveNotify
Out-of-bounds read in Windows Bluetooth RFCOM Protocol Driver allows an authorized attacker to disclose information locally.
๐@cveNotify
๐จ CVE-2018-11544
The Olive Tree Ftp Server application 1.32 for Android has Insecure Data Storage because a username and password are stored in the /data/data/com.theolivetree.ftpserver/shared_prefs/com.theolivetree.ftpserver_preferences.xml file as the prefUsername and prefUserpass strings.
๐@cveNotify
The Olive Tree Ftp Server application 1.32 for Android has Insecure Data Storage because a username and password are stored in the /data/data/com.theolivetree.ftpserver/shared_prefs/com.theolivetree.ftpserver_preferences.xml file as the prefUsername and prefUserpass strings.
๐@cveNotify
Pastebin
CVE-2018-11544 - Pastebin.com
Pastebin.com is the number one paste tool since 2002. Pastebin is a website where you can store text online for a set period of time.
๐จ CVE-2020-5510
PHPGurukul Hostel Management System v2.0 allows SQL injection via the id parameter in the full-profile.php file.
๐@cveNotify
PHPGurukul Hostel Management System v2.0 allows SQL injection via the id parameter in the full-profile.php file.
๐@cveNotify
Exploit Database
Hostel Management System 2.0 - 'id' SQL Injection
Hostel Management System 2.0 - 'id' SQL Injection.. webapps exploit for PHP platform
๐จ CVE-2025-3146
A vulnerability, which was classified as critical, was found in PHPGurukul Bus Pass Management System 1.0. This affects an unknown part of the file /view-pass-detail.php. The manipulation of the argument viewid leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
๐@cveNotify
A vulnerability, which was classified as critical, was found in PHPGurukul Bus Pass Management System 1.0. This affects an unknown part of the file /view-pass-detail.php. The manipulation of the argument viewid leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
๐@cveNotify
GitHub
Projectworlds Bus Pass Management System V1.0 /view-pass-detail.php SQL injection ยท Issue #1 ยท nabiland/cve
Projectworlds Bus Pass Management System V1.0 /view-pass-detail.php SQL injection NAME OF AFFECTED PRODUCT(S) Bus Pass Management System Vendor Homepage https://phpgurukul.com/bus-pass-management-s...
๐จ CVE-2025-56764
Trivision NC-227WF firmware 5.80 (build 20141010) login mechanism reveals whether a username exists or not by returning different error messages ("Unknown user" vs. "Wrong password"), allowing an attacker to enumerate valid usernames.
๐@cveNotify
Trivision NC-227WF firmware 5.80 (build 20141010) login mechanism reveals whether a username exists or not by returning different error messages ("Unknown user" vs. "Wrong password"), allowing an attacker to enumerate valid usernames.
๐@cveNotify
GitHub
GitHub - Remenis/CVE-2025-56764: Username Enumeration in Trivision NC-227WF
Username Enumeration in Trivision NC-227WF. Contribute to Remenis/CVE-2025-56764 development by creating an account on GitHub.
๐จ CVE-2025-61830
Adobe Pass versions 3.7.3 and earlier are affected by an Incorrect Authorization vulnerability. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized read and write access. Exploitation of this issue requires user interaction in that a victim must install a malicious SDK.
๐@cveNotify
Adobe Pass versions 3.7.3 and earlier are affected by an Incorrect Authorization vulnerability. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized read and write access. Exploitation of this issue requires user interaction in that a victim must install a malicious SDK.
๐@cveNotify
Adobe
Adobe Security Bulletin
Security update available for Adobe Pass | APSB25-112
๐จ CVE-2025-61837
Format Plugins versions 1.1.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
๐@cveNotify
Format Plugins versions 1.1.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
๐@cveNotify
Adobe
Adobe Security Bulletin
Security updates available for Adobe Format Plugins | APSB25-114
๐จ CVE-2025-61838
Format Plugins versions 1.1.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
๐@cveNotify
Format Plugins versions 1.1.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
๐@cveNotify
Adobe
Adobe Security Bulletin
Security updates available for Adobe Format Plugins | APSB25-114
๐จ CVE-2025-61839
Format Plugins versions 1.1.1 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
๐@cveNotify
Format Plugins versions 1.1.1 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
๐@cveNotify
Adobe
Adobe Security Bulletin
Security updates available for Adobe Format Plugins | APSB25-114
๐จ CVE-2025-61840
Format Plugins versions 1.1.1 and earlier are affected by an Out-of-bounds Read vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to disclose sensitive information stored in memory. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
๐@cveNotify
Format Plugins versions 1.1.1 and earlier are affected by an Out-of-bounds Read vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to disclose sensitive information stored in memory. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
๐@cveNotify
Adobe
Adobe Security Bulletin
Security updates available for Adobe Format Plugins | APSB25-114
๐จ CVE-2025-61841
Format Plugins versions 1.1.1 and earlier are affected by an Out-of-bounds Read vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to access sensitive memory information. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
๐@cveNotify
Format Plugins versions 1.1.1 and earlier are affected by an Out-of-bounds Read vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to access sensitive memory information. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
๐@cveNotify
Adobe
Adobe Security Bulletin
Security updates available for Adobe Format Plugins | APSB25-114
๐จ CVE-2025-61842
Format Plugins versions 1.1.1 and earlier are affected by a Use After Free vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to disclose sensitive information. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
๐@cveNotify
Format Plugins versions 1.1.1 and earlier are affected by a Use After Free vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to disclose sensitive information. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
๐@cveNotify
Adobe
Adobe Security Bulletin
Security updates available for Adobe Format Plugins | APSB25-114
๐จ CVE-2025-61843
Format Plugins versions 1.1.1 and earlier are affected by an Out-of-bounds Read vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to disclose sensitive information stored in memory. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
๐@cveNotify
Format Plugins versions 1.1.1 and earlier are affected by an Out-of-bounds Read vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to disclose sensitive information stored in memory. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
๐@cveNotify
Adobe
Adobe Security Bulletin
Security updates available for Adobe Format Plugins | APSB25-114
๐จ CVE-2025-61844
Format Plugins versions 1.1.1 and earlier are affected by an Out-of-bounds Read vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to disclose sensitive information stored in memory. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
๐@cveNotify
Format Plugins versions 1.1.1 and earlier are affected by an Out-of-bounds Read vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to disclose sensitive information stored in memory. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
๐@cveNotify
Adobe
Adobe Security Bulletin
Security updates available for Adobe Format Plugins | APSB25-114
๐จ CVE-2025-61845
Format Plugins versions 1.1.1 and earlier are affected by an Out-of-bounds Read vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to disclose sensitive information stored in memory. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
๐@cveNotify
Format Plugins versions 1.1.1 and earlier are affected by an Out-of-bounds Read vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to disclose sensitive information stored in memory. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
๐@cveNotify
Adobe
Adobe Security Bulletin
Security updates available for Adobe Format Plugins | APSB25-114
๐จ CVE-2025-9900
A flaw was found in Libtiff. This vulnerability is a "write-what-where" condition, triggered when the library processes a specially crafted TIFF image file.
By providing an abnormally large image height value in the file's metadata, an attacker can trick the library into writing attacker-controlled color data to an arbitrary memory location. This memory corruption can be exploited to cause a denial of service (application crash) or to achieve arbitrary code execution with the permissions of the user.
๐@cveNotify
A flaw was found in Libtiff. This vulnerability is a "write-what-where" condition, triggered when the library processes a specially crafted TIFF image file.
By providing an abnormally large image height value in the file's metadata, an attacker can trick the library into writing attacker-controlled color data to an arbitrary memory location. This memory corruption can be exploited to cause a denial of service (application crash) or to achieve arbitrary code execution with the permissions of the user.
๐@cveNotify