CVE List - 2025 / October
Showing 1 - 100 of 4280 CVEs for October 2025 (Page 1 of 43)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2025-28357 | 2025-10-01 | A CRLF injection vulnerability in Neto CMS v6.313.0 through v6.314.0 allows attackers to execute arbitrary code via supplying a crafted HTTP request. |
| CVE-2025-43718 | 2025-10-01 | Poppler 24.06.1 through 25.x before 25.04.0 allows stack consumption and a SIGSEGV via deeply nested structures within the metadata (such as GTS_PDFEVersion) of a PDF document, e.g., a regular expression... |
| CVE-2025-46205 | 2025-10-01 | A heap-use-after free in the PdfTokenizer::ReadDictionary function of podofo v0.10.0 to v0.10.5 allows attackers to cause a Denial of Service (DoS) by supplying a crafted PDF file. NOTE: this is... |
| CVE-2025-52039 | 2025-10-01 | In Frappe ERPNext 15.57.5, the function get_material_requests_based_on_supplier() at erpnext/stock/doctype/material_request/material_request.py is vulnerable to SQL Injection, which allows an attacker to extract all information from databases by injecting a SQL query into... |
| CVE-2025-52040 | 2025-10-01 | In Frappe ERPNext 15.57.5, the function get_blanket_orders() at erpnext/controllers/queries.py is vulnerable to SQL Injection, which allows an attacker can extract all information from databases by injecting a SQL query into... |
| CVE-2025-52041 | 2025-10-01 | In Frappe ERPNext 15.57.5, the function get_stock_balance_for() at erpnext/stock/doctype/stock_reconciliation/stock_reconciliation.py is vulnerable to SQL Injection, which allows an attacker to extract all information from databases by injecting a SQL query into... |
| CVE-2025-52042 | 2025-10-01 | In Frappe ERPNext 15.57.5, the function get_rfq_containing_supplier() at erpnext/buying/doctype/request_for_quotation/request_for_quotation.py is vulnerable to SQL Injection, which allows an attacker to extract all information from databases by injecting SQL query via the... |
| CVE-2025-56514 | 2025-10-01 | Cross Site Scripting (XSS) vulnerability in Fiora chat application 1.0.0 allows executes arbitrary JavaScript when malicious SVG files are rendered by other users. |
| CVE-2025-56515 | 2025-10-01 | File upload vulnerability in Fiora chat application 1.0.0 through user avatar upload functionality. The application fails to validate SVG file content, allowing malicious SVG files with embedded foreignObject elements containing... |
| CVE-2025-56588 | 2025-10-01 | Dolibarr ERP & CRM v21.0.1 were discovered to contain a remote code execution (RCE) vulnerability in the User module configuration via the computed field parameter. |
| CVE-2025-57275 | 2025-10-01 | Storage Performance Development Kit (SPDK) 25.05 is vulnerable to Buffer Overflow in the NVMe-oF target component in SPDK - lib/nvmf. |
| CVE-2025-57389 | 2025-10-01 | A reflected cross-site scripting (XSS) vulnerability in the /admin/system/packages endpoint of Luci OpenWRT v18.06.2 allows attackers to execute arbitrary Javascript in the context of a user's browser via a crafted... |
| CVE-2025-57393 | 2025-10-01 | A stored cross-site scripting (XSS) in Kissflow Work Platform Kissflow Application Versions 7337 Account v2.0 to v4.2vallows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload. |
| CVE-2025-57444 | 2025-10-01 | An authenticated cross-site scripting (XSS) vulnerability in the Administrative interface of Radware AlteonOS Web UI Management v33.0.4.50 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted... |
| CVE-2025-59681 | 2025-10-01 | An issue was discovered in Django 4.2 before 4.2.25, 5.1 before 5.1.13, and 5.2 before 5.2.7. QuerySet.annotate(), QuerySet.alias(), QuerySet.aggregate(), and QuerySet.extra() are subject to SQL injection in column aliases, when... |
| CVE-2025-59682 | 2025-10-01 | An issue was discovered in Django 4.2 before 4.2.25, 5.1 before 5.1.13, and 5.2 before 5.2.7. The django.utils.archive.extract() function, used by the "startapp --template" and "startproject --template" commands, allows partial... |
| CVE-2025-59684 | 2025-10-01 | DigiSign DigiSigner ONE 1.0.4.60 allows DLL Hijacking. |
| CVE-2025-59685 | 2025-10-01 | Kazaar 1.25.12 allows a JWT with none in the alg field. |
| CVE-2025-59686 | 2025-10-01 | Kazaar 1.25.12 allows /api/v1/org-id/orders/order-id/documents calls with a modified order-id. |
| CVE-2025-59687 | 2025-10-01 | IMPAQTR Aurora before 1.36 allows Insecure Direct Object Reference attacks against the users list, organization details, bookmarks, and notifications of an arbitrary organization. |
| CVE-2025-60991 | 2025-10-01 | A reflected cross-site scripted (XSS) vulnerability in Codazon Magento Themes v1.1.0.0 to v2.4.7 allows attackers to execute arbitrary Javascript in the context of a user's browser via a crafted payload... |
| CVE-2025-61044 | 2025-10-01 | TOTOLINK X18 V9.1.0cu.2053_B20230309 was discovered to contain a command injection vulnerability via the agentName parameter in the setEasyMeshAgentCfg function. |
| CVE-2025-61045 | 2025-10-01 | TOTOLINK X18 V9.1.0cu.2053_B20230309 was discovered to contain a command injection vulnerability via the mac parameter in the setEasyMeshAgentCfg function. |
| CVE-2025-61188 | 2025-10-01 | Jeecgboot versions 3.8.2 and earlier are affected by a path traversal vulnerability. This vulnerability allows attackers to upload files with system-whitelisted extensions to the system directory /opt, instead of the... |
| CVE-2025-61189 | 2025-10-01 | Jeecgboot versions 3.8.2 and earlier are affected by a path traversal vulnerability. The endpoint is /sys/comment/addFile. This vulnerability allows attackers to upload files with system-whitelisted extensions to the system directory... |
| CVE-2025-10744 | 2025-10-01 | File Manager, Code editor, backup by Managefy <= 1.6.1 - Unauthenticated Information Exposure |
| CVE-2025-10735 | 2025-10-01 | Block For Mailchimp – Easy Mailchimp Form Integration <= 1.1.12 - Unauthenticated Blind Server-Side Request Forgery |
| CVE-2025-9075 | 2025-10-01 | ZoloBlocks – Gutenberg Block Editor Plugin with Advanced Blocks, Dynamic Content, Templates & Patterns <= 2.3.10 - Authenticated (Contributor+) Stored Cross-Site Scripting |
| CVE-2025-10538 | 2025-10-01 | Authentication Bypass in LG Innotek Camera |
| CVE-2025-9512 | 2025-10-01 | Schema & Structured Data for WP & AMP < 1.50 - Unauthenticated Stored-XSS |
| CVE-2020-36852 | 2025-10-01 | Custom Searchable Data Entry System <= 1.7.1 - Unauthenticated Database Wiping |
| CVE-2025-11226 | 2025-10-01 | Conditional processing of logback.xml configuration file, in conjuction with Spring Framework and Janino |
| CVE-2025-39891 | 2025-10-01 | wifi: mwifiex: Initialize the chan_stats array to zero |
| CVE-2025-39892 | 2025-10-01 | ASoC: soc-core: care NULL dirver name on snd_soc_lookup_component_nolocked() |
| CVE-2025-39893 | 2025-10-01 | spi: spi-qpic-snand: unregister ECC engine on probe error and device remove |
| CVE-2025-39894 | 2025-10-01 | netfilter: br_netfilter: do not check confirmed bit in br_nf_local_in() after confirm |
| CVE-2025-39895 | 2025-10-01 | sched: Fix sched_numa_find_nth_cpu() if mask offline |
| CVE-2025-39896 | 2025-10-01 | accel/ivpu: Prevent recovery work from being queued during device removal |
| CVE-2025-39897 | 2025-10-01 | net: xilinx: axienet: Add error handling for RX metadata pointer retrieval |
| CVE-2025-39899 | 2025-10-01 | mm/userfaultfd: fix kmap_local LIFO ordering for CONFIG_HIGHPTE |
| CVE-2025-39900 | 2025-10-01 | net_sched: gen_estimator: fix est_timer() vs CONFIG_PREEMPT_RT=y |
| CVE-2025-39901 | 2025-10-01 | i40e: remove read access to debugfs files |
| CVE-2025-39902 | 2025-10-01 | mm/slub: avoid accessing metadata when pointer is invalid in object_err() |
| CVE-2025-39903 | 2025-10-01 | of_numa: fix uninitialized memory nodes causing kernel panic |
| CVE-2025-39904 | 2025-10-01 | arm64: kexec: initialize kexec_buf struct in load_other_segments() |
| CVE-2025-39905 | 2025-10-01 | net: phylink: add lock for serializing concurrent pl->phydev writes with resolver |
| CVE-2025-39906 | 2025-10-01 | drm/amd/display: remove oem i2c adapter on finish |
| CVE-2025-39907 | 2025-10-01 | mtd: rawnand: stm32_fmc2: avoid overlapping mappings on ECC buffer |
| CVE-2025-39908 | 2025-10-01 | net: dev_ioctl: take ops lock in hwtstamp lower paths |
| CVE-2025-39909 | 2025-10-01 | mm/damon/lru_sort: avoid divide-by-zero in damon_lru_sort_apply_parameters() |
| CVE-2025-39910 | 2025-10-01 | mm/vmalloc, mm/kasan: respect gfp mask in kasan_populate_vmalloc() |
| CVE-2025-39911 | 2025-10-01 | i40e: fix IRQ freeing in i40e_vsi_request_irq_msix error path |
| CVE-2025-39912 | 2025-10-01 | nfs/localio: restore creds before releasing pageio data |
| CVE-2025-39913 | 2025-10-01 | tcp_bpf: Call sk_msg_free() when tcp_bpf_send_verdict() fails to allocate psock->cork. |
| CVE-2025-39914 | 2025-10-01 | tracing: Silence warning when chunk allocation fails in trace_pid_write |
| CVE-2025-39915 | 2025-10-01 | net: phy: transfer phy_config_inband() locking responsibility to phylink |
| CVE-2025-39916 | 2025-10-01 | mm/damon/reclaim: avoid divide-by-zero in damon_reclaim_apply_parameters() |
| CVE-2025-39917 | 2025-10-01 | bpf: Fix out-of-bounds dynptr write in bpf_crypto_crypt |
| CVE-2025-39918 | 2025-10-01 | wifi: mt76: fix linked list corruption |
| CVE-2025-39919 | 2025-10-01 | wifi: mt76: mt7996: add missing check for rx wcid entries |
| CVE-2025-39920 | 2025-10-01 | pcmcia: Add error handling for add_interval() in do_validate_mem() |
| CVE-2025-39921 | 2025-10-01 | spi: microchip-core-qspi: stop checking viability of op->max_freq in supports_op callback |
| CVE-2025-39922 | 2025-10-01 | ixgbe: fix incorrect map used in eee linkmode |
| CVE-2025-39923 | 2025-10-01 | dmaengine: qcom: bam_dma: Fix DT error handling for num-channels/ees |
| CVE-2025-39924 | 2025-10-01 | erofs: fix invalid algorithm for encoded extents |
| CVE-2025-39925 | 2025-10-01 | can: j1939: implement NETDEV_UNREGISTER notification handler |
| CVE-2025-39926 | 2025-10-01 | genetlink: fix genl_bind() invoking bind() after -EPERM |
| CVE-2025-39927 | 2025-10-01 | ceph: fix race condition validating r_parent before applying state |
| CVE-2025-39928 | 2025-10-01 | i2c: rtl9300: ensure data length is within supported range |
| CVE-2025-61622 | 2025-10-01 | Apache Fory, Apache Fory: Python RCE via unguarded pickle fallback serializer in pyfory |
| CVE-2025-10847 | 2025-10-01 | DX UIM Probe Improper ACL Handling RCE |
| CVE-2022-50420 | 2025-10-01 | crypto: hisilicon/hpre - fix resource leak in remove process |
| CVE-2022-50421 | 2025-10-01 | rpmsg: char: Avoid double destroy of default endpoint |
| CVE-2022-50422 | 2025-10-01 | scsi: libsas: Fix use-after-free bug in smp_execute_task_sg() |
| CVE-2022-50423 | 2025-10-01 | ACPICA: Fix use-after-free in acpi_ut_copy_ipackage_to_ipackage() |
| CVE-2022-50424 | 2025-10-01 | wifi: mt76: mt7921: resource leaks at mt7921_check_offload_capability() |
| CVE-2022-50425 | 2025-10-01 | x86/fpu: Fix copy_xstate_to_uabi() to copy init states correctly |
| CVE-2022-50426 | 2025-10-01 | remoteproc: imx_dsp_rproc: Add mutex protection for workqueue |
| CVE-2022-50427 | 2025-10-01 | ALSA: ac97: fix possible memory leak in snd_ac97_dev_register() |
| CVE-2022-50428 | 2025-10-01 | ext4: fix off-by-one errors in fast-commit block filling |
| CVE-2022-50429 | 2025-10-01 | memory: of: Fix refcount leak bug in of_lpddr3_get_ddr_timings() |
| CVE-2022-50430 | 2025-10-01 | mmc: vub300: fix warning - do not call blocking ops when !TASK_RUNNING |
| CVE-2022-50431 | 2025-10-01 | ALSA: aoa: i2sbus: fix possible memory leak in i2sbus_add_dev() |
| CVE-2022-50432 | 2025-10-01 | kernfs: fix use-after-free in __kernfs_remove |
| CVE-2022-50433 | 2025-10-01 | efi: ssdt: Don't free memory if ACPI table was loaded successfully |
| CVE-2022-50434 | 2025-10-01 | blk-mq: fix possible memleak when register 'hctx' failed |
| CVE-2022-50435 | 2025-10-01 | ext4: avoid crash when inline data creation follows DIO write |
| CVE-2022-50436 | 2025-10-01 | ext4: don't set up encryption key during jbd2 transaction |
| CVE-2022-50437 | 2025-10-01 | drm/msm/hdmi: fix memory corruption with too many bridges |
| CVE-2022-50438 | 2025-10-01 | net: hinic: fix memory leak when reading function table |
| CVE-2022-50439 | 2025-10-01 | ASoC: mediatek: mt8173: Enable IRQ when pdata is ready |
| CVE-2022-50440 | 2025-10-01 | drm/vmwgfx: Validate the box size for the snooped cursor |
| CVE-2022-50441 | 2025-10-01 | net/mlx5: Lag, fix failure to cancel delayed bond work |
| CVE-2022-50442 | 2025-10-01 | fs/ntfs3: Validate buffer length while parsing index |
| CVE-2022-50443 | 2025-10-01 | drm/rockchip: lvds: fix PM usage counter unbalance in poweron |
| CVE-2022-50444 | 2025-10-01 | clk: tegra20: Fix refcount leak in tegra20_clock_init |
| CVE-2023-53448 | 2025-10-01 | fbdev: imxfb: Removed unneeded release_mem_region |
| CVE-2023-53449 | 2025-10-01 | s390/dasd: Fix potential memleak in dasd_eckd_init() |
| CVE-2023-53450 | 2025-10-01 | ext4: remove a BUG_ON in ext4_mb_release_group_pa() |
| CVE-2023-53451 | 2025-10-01 | scsi: qla2xxx: Fix potential NULL pointer dereference |