CVE-2025-8331 – Code-projects Online Farm System SQL Injection Vulnerability

CVE ID : CVE-2025-8331

Published : July 30, 2025, 8:15 p.m. | 3 hours, 29 minutes ago

Description : A vulnerability was found in code-projects Online Farm System 1.0 and classified as critical. This issue affects some unknown processing of the file /forgot_pass.php. The manipulation of the argument email leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

Severity: 7.3 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE-2025-54582 – Netty Deserialization Vulnerability

CVE ID : CVE-2025-54582

Published : July 30, 2025, 8:15 p.m. | 3 hours, 29 minutes ago

Description : Rejected reason: Reason: This candidate was issued in error. Valid Netty requests are issued via https://github.com/netty/netty.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE-2025-54584 – GitProxy Git Packfile Signature Bypass Vulnerability

CVE ID : CVE-2025-54584

Published : July 30, 2025, 8:15 p.m. | 3 hours, 29 minutes ago

Description : GitProxy is an application that stands between developers and a Git remote endpoint (e.g., github.com). In versions 1.19.1 and below, an attacker can craft a malicious Git packfile to exploit the PACK signature detection in the parsePush.ts file. By embedding a misleading PACK signature within commit content and carefully constructing the packet structure, the attacker can trick the parser into treating invalid or unintended data as the packfile. Potentially, this would allow bypassing approval or hiding commits. This issue is fixed in version 1.19.2.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE-2025-8333 – Code-projects Online Farm System SQL Injection Vulnerability

CVE ID : CVE-2025-8333

Published : July 30, 2025, 9:15 p.m. | 2 hours, 29 minutes ago

Description : A vulnerability was found in code-projects Online Farm System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /categoryvalue.php. The manipulation of the argument Value leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

Severity: 7.3 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE-2025-54585 – GitProxy Branch Creation ByPass Vulnerability

CVE ID : CVE-2025-54585

Published : July 30, 2025, 9:15 p.m. | 2 hours, 29 minutes ago

Description : GitProxy is an application that stands between developers and a Git remote endpoint. In versions 1.19.1 and below, attackers can exploit the way GitProxy handles new branch creation to bypass the approval of prior commits on the parent branch. The vulnerability impacts all users or organizations relying on GitProxy to enforce policy and prevent unapproved changes. It requires no elevated privileges beyond regular push access, and no extra user interaction. It does however, require a GitProxy administrator or designated user (canUserApproveRejectPush) to approve pushes to the child branch. This is fixed in version 1.19.2.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE-2025-8332 – Code-projects Online Farm System SQL Injection Vulnerability

CVE ID : CVE-2025-8332

Published : July 30, 2025, 9:15 p.m. | 2 hours, 29 minutes ago

Description : A vulnerability was found in code-projects Online Farm System 1.0. It has been classified as critical. Affected is an unknown function of the file /register.php. The manipulation of the argument Username leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Severity: 7.3 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE-2025-54586 – GitProxy GitHub Commit Exfiltration Vulnerability

CVE ID : CVE-2025-54586

Published : July 30, 2025, 10:15 p.m. | 1 hour, 29 minutes ago

Description : GitProxy is an application that stands between developers and a Git remote endpoint. In versions 1.19.1 and below, attackers can inject extra commits into the pack sent to GitHub, commits that aren’t pointed to by any branch. Although these “hidden” commits never show up in the repository’s visible history, GitHub still serves them at their direct commit URLs. This lets an attacker exfiltrate sensitive data without ever leaving a trace in the branch view. We rate this a High‑impact vulnerability because it completely compromises repository confidentiality. This is fixed in version 1.19.2.

Severity: 7.1 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE-2025-8334 – Campcodes Online Recruitment Management System SQL Injection Vulnerability

CVE ID : CVE-2025-8334

Published : July 30, 2025, 10:15 p.m. | 1 hour, 29 minutes ago

Description : A vulnerability was found in Campcodes Online Recruitment Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/ajax.php?action=delete_recruitment_status. The manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Severity: 7.3 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE-2025-8335 – Simple Car Rental System Cross-Site Request Forgery

CVE ID : CVE-2025-8335

Published : July 30, 2025, 10:15 p.m. | 1 hour, 29 minutes ago

Description : A vulnerability classified as problematic has been found in code-projects Simple Car Rental System 1.0. This affects an unknown part. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

Severity: 4.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE-2025-7356 – CVE-2020-29461: Apache HTTP Server Remote Code Execution

CVE ID : CVE-2025-7356

Published : July 30, 2025, 11:15 p.m. | 29 minutes ago

Description : Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE-2025-8336 – Campcodes Online Recruitment Management System SQL Injection Vulnerability

CVE ID : CVE-2025-8336

Published : July 30, 2025, 11:15 p.m. | 29 minutes ago

Description : A vulnerability classified as critical was found in Campcodes Online Recruitment Management System 1.0. This vulnerability affects unknown code of the file /admin/ajax.php?action=save_user. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

Severity: 7.3 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE-2025-8337 – Simple Car Rental System Cross-Site Scripting (XSS)

CVE ID : CVE-2025-8337

Published : July 30, 2025, 11:15 p.m. | 29 minutes ago

Description : A vulnerability, which was classified as problematic, has been found in code-projects Simple Car Rental System 1.0. This issue affects some unknown processing of the file /admin/add_vehicles.php. The manipulation of the argument car_name leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

Severity: 2.4 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Fizz – TLS 1.3 implementation

Fizz currently supports TLS 1.3 drafts 28, 26 (both wire-compatible with the final specification), and 23. The post Fizz –…