For providers

A SQL Injection was found in /admin/edit_user.php of kashipara E-learning Management System v1.0, which allows remote attackers to execute arbitrary SQL commands to get unauthorized database access...

Kashipara E-learning Management System v1.0 is vulnerable to SQL Injection in /admin/delete_student.php.

Kashipara E-learning Management System v1.0 is vulnerable to SQL Injection in /admin/delete_content.php.

A Stored Cross-Site Scripting (XSS) vulnerability was found in /send_message_teacher_to_student.php of kashipara E-learning Management System v1.0. This vulnerability allows remote attackers to...

AMI (aka American Megatrends) NTFS driver 1.0.0 (fixed in late 2021 or early 2022) has a buffer overflow. This driver is, for example, used in certain ASUS devices.

User credentials (login & password) are inserted into log files when a user tries to authenticate using a version of a Web client that is not compatible with that of the PcVue Web back end. By...

A vulnerability was found in Romain Bourdon Wampserver all versions (discovered in v3.2.3 and v3.2.6) where unauthorized users could access sensitive information due to improper access control...

Serviceware Processes 6.0 through 7.3 allows attackers without valid authentication to send a specially crafted HTTP request to a service endpoint resulting in remote code execution.

eLabFTW is an open source electronic lab notebook for research labs. A vulnerability has been found starting in version 4.6.0 and prior to version 5.1.0 that allows an attacker to bypass...

Tuleap is an open source suite to improve management of software developments and collaboration. In Tuleap Community Edition prior to version 16.1.99.50 and Tuleap Enterprise Edition prior to...