SQL injection in Callvision Healthcare's Callvision Emergency Code product (versions prior to V3.0) allows remote unauthenticated attackers to manipulate backend database queries, including via blind SQLi techniques. The flaw carries a CVSS 9.8 critical rating with complete confidentiality, integrity, and availability impact, and no public exploit identified at time of analysis. Reported through Turkey's national CERT (USOM), this vulnerability is particularly concerning given the healthcare-emergency context where the affected system likely processes sensitive patient or incident data.
A vulnerability was found in code-projects Student Crud Operation up to 3.3. This vulnerability affects the function move_uploaded_file of the file add.php of the component Add Student Page/Edit Student Page. Performing manipulation results in unrestricted upload. The attack can be initiated remotely. The exploit has been made public and could be used.
A security flaw has been discovered in PHPGurukul Beauty Parlour Management System 1.1. This affects an unknown part of the file /admin/invoices.php. Performing a manipulation of the argument delid results in sql injection. The attack can be initiated remotely. The exploit has been released to the public and may be used for attacks.
A vulnerability was identified in PHPGurukul Beauty Parlour Management System 1.1. Affected by this issue is some unknown functionality of the file /admin/customer-list.php. Such manipulation of the argument delid leads to sql injection. It is possible to launch the attack remotely. The exploit is publicly available and might be used.
A security flaw has been discovered in Campcodes Online Apartment Visitor Management System 1.0. The affected element is an unknown function of the file /bwdates-reports-details.php. The manipulation of the argument fromdate/todate results in sql injection. The attack may be launched remotely. The exploit has been released to the public and may be used for attacks.
A vulnerability was identified in Campcodes Online Apartment Visitor Management System 1.0. Impacted is an unknown function of the file /search-visitor.php. The manipulation of the argument searchdata leads to sql injection. The attack may be initiated remotely. The exploit is publicly available and might be used.
A vulnerability was determined in Campcodes Online Apartment Visitor Management System 1.0. This issue affects some unknown processing of the file /index.php. Executing a manipulation of the argument Username can lead to sql injection. The attack can be launched remotely. The exploit has been publicly disclosed and may be utilized.
A security flaw has been discovered in SourceCodester Hotel and Lodge Management System 1.0. The affected element is an unknown function of the file /login.php. Performing manipulation of the argument email results in sql injection. The attack may be initiated remotely. The exploit has been released to the public and may be exploited.
A vulnerability was identified in code-projects Simple Food Ordering System 1.0. Impacted is an unknown function of the file /product.php. Such manipulation of the argument Category leads to sql injection. The attack can be launched remotely. The exploit is publicly available and might be used.
A memory corruption vulnerability exists in the Linux kernel's MSM display port driver that occurs when more than eight display bridges are connected, allowing local attackers with low privileges to corrupt kernel memory beyond a fixed-size array. The vulnerability affects Linux kernel versions up to 6.1-rc2 and requires local access to exploit, with no known active exploitation in the wild (not in KEV) and a very low EPSS score of 0.02% indicating minimal real-world exploitation likelihood.
In the Linux kernel, the following vulnerability has been resolved: fs: dlm: fix use after free in midcomms commit While working on processing dlm message in softirq context I experienced the. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
In the Linux kernel, the following vulnerability has been resolved: blk-mq: use quiesced elevator switch when reinitializing queues The hctx's run_work may be racing with the elevator switch when. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.
A race condition vulnerability exists in the Linux kernel's parisc architecture-specific firmware call pdc_iodc_print() that allows local attackers to cause buffer overflows and potentially execute arbitrary code. The vulnerability affects Linux kernel versions from 2.6.25 through versions before the patched releases, requiring local access with low privileges to exploit. With an EPSS score of only 0.01%, this vulnerability has very low exploitation likelihood in the wild despite its high CVSS score of 7.8.
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_event: call disconnect callback before deleting conn In hci_cs_disconnect, we do hci_conn_del even if disconnection. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.
OS command injection in D-Link DI-7001 MINI firmware 24.04.18B1 allows authenticated remote attackers to execute arbitrary system commands via manipulation of the path argument in /upgrade_filter.asp. Public exploit code is available, though the CVSS 2.1 score and 0.07% EPSS percentile indicate limited real-world exploitation likelihood despite the vulnerability's remote network accessibility.
Stored cross-site scripting (XSS) in PHPGurukul Cyber Cafe Management System 1.0 allows remote attackers to inject malicious scripts via the searchdata POST parameter in /search.php, requiring user interaction to execute. The vulnerability has a low CVSS score (2.1) due to limited impact scope, but publicly available exploit code exists and the EPSS score (0.05%, 14th percentile) suggests minimal real-world exploitation likelihood despite public availability.
Unrestricted file upload in code-projects Online Hotel Reservation System 1.0 allows authenticated remote attackers to upload files via manipulation of the image parameter in /admin/addslideexec.php, leading to potential remote code execution. The CVSS score of 2.1 reflects low confidentiality, integrity, and availability impact due to authentication requirements (PR:L), but publicly available exploit code exists and the low EPSS score (0.05%, 14th percentile) indicates exploitation is unlikely to be widespread in practice.
Code-Projects Online Hotel Reservation System 1.0 allows authenticated remote attackers to upload arbitrary files via manipulation of the image parameter in /admin/addgalleryexec.php, bypassing file upload restrictions. The vulnerability requires valid admin credentials (PR:L in CVSS vector) and results in limited confidentiality, integrity, and availability impact. Public exploit code is available, though the low EPSS score (0.04%) and limited scope suggest this is not actively exploited at scale.
Unrestricted file upload in code-projects Online Hotel Reservation System 1.0 allows authenticated remote attackers to upload arbitrary files via the image parameter in /admin/addexec.php, potentially leading to remote code execution. The vulnerability has a low CVSS score (2.1) due to requirement for low-privilege authentication and limited impact scope, but publicly available exploit code exists and the issue affects confidentiality, integrity, and availability at the application layer.
Unrestricted file upload in code-projects Online Hotel Reservation System 1.0 allows authenticated remote attackers to upload arbitrary files via the image parameter in /admin/editpicexec.php, potentially leading to remote code execution. The vulnerability affects a low-impact scope but is publicly exploitable by authenticated users; EPSS scores this at 0.04% exploitation probability despite public POC availability, indicating limited real-world adoption of the vulnerable software.
Unrestricted file upload vulnerability in SourceCodester Hotel and Lodge Management System 1.0 allows authenticated remote attackers to upload arbitrary files via manipulation of the image parameter in /profile.php, with publicly available exploit code and low real-world risk despite network accessibility due to authentication requirement and minimal impact scope.
SQL injection in Campcodes Advanced Online Voting System 1.0 allows authenticated remote attackers to manipulate the firstname parameter in /admin/voters_add.php, leading to limited confidentiality and integrity impact. The vulnerability requires valid user credentials (PR:L) and has a publicly available exploit, but EPSS scoring (0.03%, percentile 8%) suggests low real-world exploitation probability despite public POC availability.
SQL injection in Campcodes Advanced Online Voting Management System 1.0 allows authenticated remote attackers to manipulate the voter parameter in /index.php, potentially leading to unauthorized data access or modification. The vulnerability has a low CVSS score (2.1) due to authentication requirements and limited confidentiality impact, but publicly available exploit code exists and exploitation probability is rated at 8th percentile by EPSS, suggesting this remains a lower-priority issue despite public POC availability.
SQL injection in Simple Banking System 1.0 via the ID parameter in /transfermoney.php allows authenticated remote attackers to execute arbitrary SQL queries with low impact on confidentiality, integrity, and availability. The vulnerability requires login credentials (PR:L) and exploitation probability is low (EPSS 0.03%), but publicly available exploit code exists and disclosure has occurred.
SQL injection in Simple Banking System 1.0 allows authenticated remote attackers to manipulate the ID parameter in /removeuser.php, leading to unauthorized database queries with limited information disclosure impact. The CVSS score of 2.1 reflects restricted exploitation scope (authenticated access required, PR:L), but publicly available exploit code exists, warranting patched deployment if still in use.
SQL injection in Simple Banking System 1.0 allows authenticated remote attackers to manipulate the Name parameter in /createuser.php and execute arbitrary SQL queries, resulting in limited impact to confidentiality, integrity, and availability. The vulnerability has a low CVSS score of 2.1 due to requirement for prior authentication (PR:L) and limited scope of impact, but publicly available exploit code exists and the EPSS score of 0.03% suggests minimal real-world exploitation probability despite public POC availability.
SQL injection in SourceCodester Hotel and Lodge Management System 1.0 allows authenticated remote attackers to execute arbitrary SQL commands via the ID parameter in /del_tax.php. The vulnerability has a low CVSS score (2.1) due to authentication requirements and limited technical impact, but publicly available exploit code exists and the EPSS score of 0.03% indicates minimal real-world exploitation probability despite public POC availability.
SQL injection in SourceCodester Hotel and Lodge Management System 1.0 allows authenticated remote attackers to manipulate the percentage argument in /pages/save_tax.php, enabling database query modification with limited confidentiality and integrity impact. Publicly available exploit code exists, though EPSS score of 0.03% suggests low real-world exploitation probability despite the SQL injection capability.
SQL injection in SourceCodester Hotel and Lodge Management System 1.0 allows authenticated remote attackers to manipulate the ID parameter in /del_booking.php, enabling unauthorized database queries with limited impact on confidentiality and integrity. Publicly available exploit code exists, but the EPSS score of 0.03% indicates minimal real-world exploitation probability despite low attack complexity, likely due to authentication requirement and limited scope of impact.
SQL injection in SourceCodester Hotel and Lodge Management System 1.0 allows authenticated remote attackers to manipulate the ID parameter in /del_curr.php, enabling database query modification with low confidentiality, integrity, and availability impact. Publicly available exploit code exists; however, the EPSS score of 0.03% indicates low real-world exploitation probability despite public disclosure, suggesting limited practical risk in typical deployments.
SQL injection in SourceCodester Hotel and Lodge Management System 1.0 allows authenticated remote attackers to manipulate the currcode parameter in /pages/save_curr.php, enabling arbitrary SQL query execution with limited confidentiality and integrity impact. CVSS 2.1 reflects the authentication requirement (PR:L) and restricted scope, but publicly available exploit code exists despite low EPSS score (0.03%), suggesting this is a low-priority threat suitable only for defense-in-depth and secure coding reviews rather than emergency patching.
SQL injection in SourceCodester Hotel and Lodge Management System 1.0 allows authenticated remote attackers to manipulate the ID parameter in /del_room.php, enabling database query modification with limited confidentiality and integrity impact. Publicly available exploit code exists; however, EPSS score of 0.03% indicates minimal real-world exploitation probability despite low attack complexity, suggesting this is primarily a security researcher proof-of-concept rather than an active threat.
SQL injection in SourceCodester Hotel and Lodge Management System 1.0 allows authenticated remote attackers to execute arbitrary SQL queries via the floorno parameter in /pages/save_room.php, affecting data confidentiality and integrity with limited scope. CVSS score of 2.1 reflects low severity due to authentication requirement and limited impact, though publicly available exploit code exists and EPSS suggests minimal real-world exploitation probability at 0.03%.
A client-side path traversal vulnerability was discovered in the web management interface front-end due to missing validation of an input parameter. An authenticated user with limited privileges can craft a malicious URL which, if visited by an authenticated victim, leads to a Cross-Site Scripting (XSS) attack.
Out-of-bounds read vulnerability in GNU Binutils 2.45 linker allows local authenticated attackers to trigger memory access violations via crafted input to the get_link_hash_entry function in bfd/elflink.c. The vulnerability has low severity (CVSS 1.9) with minimal direct impact but publicly available exploit code exists. Upgrade to version 2.46 resolves the issue.
Out-of-bounds read in GNU Binutils 2.45 linker component affects the bfd_elf_gc_record_vtentry function in bfd/elflink.c, allowing authenticated local attackers to trigger memory access violations. The CVSS score of 1.9 reflects low real-world impact (no confidentiality, integrity, or system-level damage) despite the out-of-bounds read classification, suggesting this is primarily a denial-of-service vector or development/debugging concern rather than a critical exploitation pathway. Publicly available exploit code exists, but EPSS exploitation probability remains very low at 0.03 percentile, indicating minimal real-world adoption despite public disclosure.
Out-of-bounds read in GNU Binutils 2.45 linker function elf_link_add_object_symbols allows local authenticated attackers to trigger memory disclosure or denial of service by providing a malformed ELF object file. Publicly available exploit code exists, though EPSS assessment indicates very low exploitation probability (0.03%) in practice. Patch available in version 2.46.
A denial of service vulnerability (CVSS 5.5). Remediation should follow standard vulnerability management procedures. Vendor patch is available.
A null pointer dereference vulnerability exists in the Linux kernel's block layer (blk-mq) memory allocation path that can be triggered by a local, low-privileged user to cause a denial of service. The vulnerability affects Linux kernel versions including 6.1-rc1 and potentially other versions where a failed memory allocation during block queue tag initialization leaves a dangling pointer that is later dereferenced during cleanup. While the EPSS score is low (0.02%, percentile 4%), the vulnerability is straightforward to trigger under memory pressure conditions, requires only local access with minimal privileges, and has vendor patches available.
A memory corruption vulnerability in the Linux kernel's huge page (THP) split handling causes a soft lockup and denial of service when page->private is incorrectly clobbered during transparent huge page operations. The vulnerability affects Linux kernel versions 5.19 through 6.1-rc1, and while it requires local privilege access to trigger via madvise syscalls, it can reliably cause system hangs under stress conditions such as memory pressure or aggressive swapping scenarios. The EPSS score of 0.02% and lack of widespread active exploitation indicate low real-world risk, though the availability of patches makes remediation straightforward.
A null pointer dereference vulnerability exists in the Linux kernel's AMD display driver (drm/amd/display) within the dm_resume() function, where the aconnector->dc_link pointer is dereferenced without proper null checks. An unprivileged local attacker with user-level access can trigger a kernel panic and cause a denial of service by inducing a display resume operation. While the CVSS score is moderate (5.5) and EPSS exploitation probability is very low (0.01%), this vulnerability is straightforward to trigger given local access and affects all Linux kernel versions with the vulnerable AMD display driver code.
A resource leak vulnerability exists in the Linux kernel's mpt3sas SCSI transport driver where the sas_rphy_add() function can fail without properly freeing allocated resources, leading to a NULL pointer dereference and kernel crash during device removal. This affects Linux kernel implementations across multiple versions that use the mpt3sas driver for SAS (Serial Attached SCSI) HBA management. An unprivileged local attacker with sufficient privileges to trigger transport port operations can cause a denial of service by inducing a kernel panic, though the low EPSS score of 0.01% suggests exploitation is not practically demonstrated in the wild.
A memory leak vulnerability exists in the Linux kernel's test_firmware module initialization function (test_firmware_init) where allocated memory for test_fw_config->name is not properly freed when misc_register() fails. This affects all versions of the Linux kernel with the test_firmware module compiled, allowing local authenticated attackers to exhaust kernel memory and cause a denial of service. The vulnerability has a patch available from the Linux kernel maintainers, with an EPSS score of 0.01% indicating very low real-world exploitation probability despite the moderate CVSS score.
A memory leakage and potential segmentation fault vulnerability exists in the Linux kernel's AMD KFD (Kernel Fusion Driver) GPU memory management subsystem, specifically in the _gpuvm_import_dmabuf() function. The vulnerability affects Linux kernel versions across multiple branches and can be exploited by local users with low privilege levels to cause denial of service through memory corruption. Patches are available from the Linux kernel stable branches, and while the EPSS score is very low (0.01%, percentile 3%), the vulnerability has moderate CVSS severity (5.5) due to its ability to cause system availability impact.
A memory leak vulnerability exists in the Linux kernel's mxm-wmi (MXM WMI) platform driver where the ACPI buffer returned by wmi_evaluate_method() is not properly freed after invocation, leading to kernel memory exhaustion and potential denial of service. The vulnerability affects all versions of the Linux kernel with the mxm-wmi driver enabled, particularly systems with NVIDIA/AMD discrete GPU switching support. A local attacker with standard user privileges can repeatedly trigger the affected code path to exhaust kernel memory and crash the system, though the extremely low EPSS score (0.01th percentile) suggests exploitation is not actively observed in the wild.
A memory leak vulnerability exists in the Linux kernel's AMD GPU (amdgpu) driver within the hpd_rx_irq_create_workqueue() function, where allocated memory for work queue structures fails to be properly freed if workqueue construction fails partway through initialization. This affects all Linux kernel versions with the vulnerable amdgpu driver code and requires local access with low privileges to trigger. An attacker can repeatedly trigger this condition to exhaust kernel memory and cause a denial of service, though the EPSS score of 0.01% indicates this is rarely exploited in practice. Patches are available from the Linux kernel stable branches.
A reference count leak exists in the Linux kernel's USB HID gadget driver (f_hid module) where the opts->refcnt is incremented but not properly decremented when report_desc allocation fails, leaving the options structure permanently locked and causing a denial of service condition. This affects all Linux kernel versions running the vulnerable USB gadget code path and requires local privilege to trigger. While the CVSS score is 5.5 (medium) and EPSS is extremely low at 0.01th percentile, patches are available from multiple stable kernel branches, indicating this is a real but low-priority issue with no known active exploitation.
A memory leak vulnerability exists in the Linux kernel's rtl8723bs WiFi driver initialization function rtw_init_cmd_priv(), where failure to allocate the response command buffer leaves the command buffer allocation unreleased. This affects all Linux kernel versions containing the vulnerable staging driver code and can be exploited by local attackers with low privileges to cause a denial of service through memory exhaustion. The vulnerability has a vendor-provided patch available across multiple stable kernel branches, and the EPSS score of 0.01% indicates minimal real-world exploitation probability despite the moderate CVSS 5.5 rating.
A memory leak vulnerability exists in the Linux kernel's ext4 fast commit (fc) implementation within the ext4_fc_record_regions() function. The vulnerability occurs when krealloc() fails and returns NULL, causing the function to improperly handle the state->fc_regions pointer, leaving allocated memory unreferenced and unable to be freed. This affects all Linux kernel versions with the vulnerable code path, allowing local attackers with unprivileged user access to exhaust kernel memory and trigger denial of service conditions. While the EPSS score of 0.01% indicates low real-world exploitation probability and no active exploitation is tracked in KEV data, the availability impact is high (CVSS score 5.5), and patches have been made available across multiple stable kernel branches.
This vulnerability is an undefined behavior issue in the Linux kernel's font handling code where a signed 32-bit left shift by 31 bits violates C language semantics, detected by UBSAN (Undefined Behavior Sanitizer). The vulnerability affects multiple Linux kernel versions starting from 2.6.23 and can be triggered by local users with low privileges during framebuffer console initialization, leading to denial of service through undefined behavior exploitation. While the EPSS score is extremely low at 0.01% (percentile 3%), patches are available from the kernel vendor and the issue has been resolved in stable releases.