VULNMAP - Security Vulnerabilities

CVE List - 2025 / October

Showing 1801 - 1900 of 4280 CVEs for October 2025 (Page 19 of 43)

CVE ID Date Title
CVE-2025-53845 2025-10-14 An improper authentication vulnerability [CWE-287] in Fortinet FortiAnalyzer version 7.6.0 through 7.6.3 and before 7.4.6 allows an unauthenticated attacker to obtain information pertaining to the device's health and status, or...
CVE-2025-31365 2025-10-14 An Improper Control of Generation of Code ('Code Injection') vulnerability [CWE-94] in FortiClientMac 7.4.0 through 7.4.3, 7.2.1 through 7.2.8 may allow an unauthenticated attacker to execute arbitrary code on the...
CVE-2025-62366 2025-10-14 Mailgen vulnerable to HTML injection and cross-site scripting via plaintext email generation
CVE-2025-54822 2025-10-14 An improper authorization vulnerability [CWE-285] in Fortinet FortiOS version 7.4.0 through 7.4.1 and before 7.2.8 & Fortinet FortiProxy before version 7.4.8 allows an authenticated attacker to access static files of...
CVE-2025-46774 2025-10-14 An Improper Verification of Cryptographic Signature vulnerability [CWE-347] in FortiClient MacOS installer version 7.4.2 and below, version 7.2.9 and below, 7.0 all versions may allow a local user to escalate...
CVE-2025-31514 2025-10-14 An Insertion of Sensitive Information into Log File vulnerability [CWE-532] in FortiOS 7.6.0 through 7.6.3, 7.4 all versions, 7.2 all versions, 7.0 all versions, 6.4 all versions may allow an...
CVE-2025-54893 2025-10-14 A user with elevated privileges can inject XSS in the Hosts templates configuration page
CVE-2025-8429 2025-10-14 A user with elevated privileges can inject XSS in the ACL Action access configuration page
CVE-2025-11577 2025-10-14 Clevo UEFI firmware exposed Boot Guard private keys, enabling potential abuse of the Boot Guard trust chain
CVE-2025-37149 2025-10-14 A potential out-of-bound reads vulnerability in HPE ProLiant RL300 Gen11 Server's UEFI firmware.
CVE-2025-36730 2025-10-14 Windsurf Prompt Injection via Filename
CVE-2025-37146 2025-10-14 Unauthorized Filesystem Operations in System Firmware allow Authenticated Remote Code Execution
CVE-2025-37147 2025-10-14 Secure Boot Bypass allows for Compromise of Hardware Root of Trust
CVE-2025-37148 2025-10-14 Kernel Panic triggered by Modified Ethernet Frames leads to Denial of Service Vulnerability
CVE-2025-11548 2025-10-14 ibi WebFOCUS - Unauthenticated RCE Vulnerability
CVE-2025-37132 2025-10-14 Authenticated Remote Code Execution Vulnerability in AOS-10 GW and AOS-8 Controller/Mobility Conductor Web-Based Management Interface via Arbitrary File Write
CVE-2025-37133 2025-10-14 Authenticated Command Injection Vulnerability in AOS-8 Controller/Mobility Conductor Web-Based Management Interface via the CLI Binaryalong with accounting controls for tracking and logging user activities and resource usage.
CVE-2025-8430 2025-10-14 A user with elevated privileges can inject XSS in the Commands Connectors configuration configuration page
CVE-2025-37134 2025-10-14 Authenticated Command Injection Vulnerability in the Low-Level Interface Library Affecting AOS-10 GW and AOS-8 Controller/Mobility Conductor Web-Based Management Interface
CVE-2025-37135 2025-10-14 Authenticated Arbitrary File Deletion Vulnerabilities in AOS-8 Controller/Mobility Conductor Command Line Interface (CLI)
CVE-2025-37136 2025-10-14 Authenticated Arbitrary File Deletion Vulnerabilities in AOS-8 Controller/Mobility Conductor Command Line Interface (CLI)
CVE-2025-37137 2025-10-14 Authenticated Arbitrary File Deletion Vulnerabilities in AOS-8 Controller/Mobility Conductor Command Line Interface (CLI)
CVE-2025-37138 2025-10-14 Authenticated Command Injection Vulnerability in CLI Binary of AOS-10 GW and AOS-8 Controller/Mobility Conductor Web-Based Management Interface (Physical Access Required)
CVE-2025-37139 2025-10-14 Vulnerability in AOS firmware allows for Authenticated Local malicious actor to Permanently Disable Boot
CVE-2025-37140 2025-10-14 Authenticated Arbitrary File Download Vulnerabilities in CLI Binary of AOS-8 Controller/Mobility Conductor Web-Based Management Interface
CVE-2025-37141 2025-10-14 Authenticated Arbitrary File Download Vulnerabilities in CLI Binary of AOS-8 Controller/Mobility Conductor Web-Based Management Interface
CVE-2025-37142 2025-10-14 Authenticated Arbitrary File Download Vulnerabilities in CLI Binary of AOS-8 Controller/Mobility Conductor Web-Based Management Interface
CVE-2025-47989 2025-10-14 Arc Enabled Servers - Azure Connected Machine Agent Elevation of Privilege Vulnerability
CVE-2025-48004 2025-10-14 Microsoft Brokering File System Elevation of Privilege Vulnerability
CVE-2025-50174 2025-10-14 Windows Device Association Broker Service Elevation of Privilege Vulnerability
CVE-2025-53782 2025-10-14 Microsoft Exchange Server Elevation of Privilege Vulnerability
CVE-2025-55247 2025-10-14 .NET Elevation of Privilege Vulnerability
CVE-2025-55315 2025-10-14 ASP.NET Security Feature Bypass Vulnerability
CVE-2025-24990 2025-10-14 Windows Agere Modem Driver Elevation of Privilege Vulnerability
CVE-2025-24052 2025-10-14 Windows Agere Modem Driver Elevation of Privilege Vulnerability
CVE-2025-55320 2025-10-14 Configuration Manager Elevation of Privilege Vulnerability
CVE-2025-55325 2025-10-14 Windows Storage Management Provider Information Disclosure Vulnerability
CVE-2025-55333 2025-10-14 Windows BitLocker Security Feature Bypass Vulnerability
CVE-2025-55335 2025-10-14 Windows NTFS Elevation of Privilege Vulnerability
CVE-2025-55336 2025-10-14 Windows Cloud Files Mini Filter Driver Information Disclosure Vulnerability
CVE-2025-55338 2025-10-14 Windows BitLocker Security Feature Bypass Vulnerability
CVE-2025-55339 2025-10-14 Windows Network Driver Interface Specification (NDIS) Driver Elevation of Privilege Vulnerability
CVE-2025-55340 2025-10-14 Windows Remote Desktop Protocol Security Feature Bypass
CVE-2025-55676 2025-10-14 Windows USB Video Class System Driver Information Disclosure Vulnerability
CVE-2025-55677 2025-10-14 Windows Device Association Broker Service Elevation of Privilege Vulnerability
CVE-2025-55681 2025-10-14 Desktop Windows Manager Elevation of Privilege Vulnerability
CVE-2025-55685 2025-10-14 Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability
CVE-2025-55686 2025-10-14 Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability
CVE-2025-55687 2025-10-14 Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability
CVE-2025-55689 2025-10-14 Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability
CVE-2025-55700 2025-10-14 Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability
CVE-2025-55701 2025-10-14 Windows Authentication Elevation of Privilege Vulnerability
CVE-2025-58715 2025-10-14 Windows Speech Runtime Elevation of Privilege Vulnerability
CVE-2025-58716 2025-10-14 Windows Speech Runtime Elevation of Privilege Vulnerability
CVE-2025-37143 2025-10-14 Authenticated Arbitrary File Download Vulnerability in CLI Binary of AOS-10 GW and AOS-8 Controller/Mobility Conductor Web Interface (Physical Access Required)
CVE-2025-58717 2025-10-14 Windows Routing and Remote Access Service (RRAS) Information Disclosure Vulnerability
CVE-2025-58719 2025-10-14 Windows Connected Devices Platform Service Elevation of Privilege Vulnerability
CVE-2025-58722 2025-10-14 Microsoft DWM Core Library Elevation of Privilege Vulnerability
CVE-2025-58728 2025-10-14 Windows Bluetooth Service Elevation of Privilege Vulnerability
CVE-2025-58732 2025-10-14 Inbox COM Objects (Global Memory) Remote Code Execution Vulnerability
CVE-2025-58735 2025-10-14 Inbox COM Objects (Global Memory) Remote Code Execution Vulnerability
CVE-2025-59185 2025-10-14 NTLM Hash Disclosure Spoofing Vulnerability
CVE-2025-59186 2025-10-14 Windows Kernel Information Disclosure Vulnerability
CVE-2025-59195 2025-10-14 Microsoft Graphics Component Denial of Service Vulnerability
CVE-2025-59196 2025-10-14 Windows Simple Search and Discovery Protocol (SSDP) Service Elevation of Privilege Vulnerability
CVE-2025-59199 2025-10-14 Software Protection Platform (SPP) Elevation of Privilege Vulnerability
CVE-2025-59200 2025-10-14 Data Sharing Service Spoofing Vulnerability
CVE-2025-59201 2025-10-14 Network Connection Status Indicator (NCSI) Elevation of Privilege Vulnerability
CVE-2025-59202 2025-10-14 Windows Remote Desktop Services Elevation of Privilege Vulnerability
CVE-2025-59204 2025-10-14 Windows Management Services Information Disclosure Vulnerability
CVE-2025-59206 2025-10-14 Windows Resilient File System (ReFS) Deduplication Service Elevation of Privilege Vulnerability
CVE-2025-59207 2025-10-14 Windows Kernel Elevation of Privilege Vulnerability
CVE-2025-59211 2025-10-14 Windows Push Notification Information Disclosure Vulnerability
CVE-2025-59228 2025-10-14 Microsoft SharePoint Remote Code Execution Vulnerability
CVE-2025-59231 2025-10-14 Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-59233 2025-10-14 Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-59234 2025-10-14 Microsoft Office Remote Code Execution Vulnerability
CVE-2025-59235 2025-10-14 Microsoft Excel Information Disclosure Vulnerability
CVE-2025-59236 2025-10-14 Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-59237 2025-10-14 Microsoft SharePoint Remote Code Execution Vulnerability
CVE-2025-59242 2025-10-14 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
CVE-2025-49708 2025-10-14 Microsoft Graphics Component Elevation of Privilege Vulnerability
CVE-2025-59243 2025-10-14 Microsoft Excel Remote Code Execution Vulnerability
CVE-2025-59249 2025-10-14 Microsoft Exchange Server Elevation of Privilege Vulnerability
CVE-2025-59250 2025-10-14 JDBC Driver for SQL Server Spoofing Vulnerability
CVE-2025-59254 2025-10-14 Microsoft DWM Core Library Elevation of Privilege Vulnerability
CVE-2025-59255 2025-10-14 Windows DWM Core Library Elevation of Privilege Vulnerability
CVE-2025-59257 2025-10-14 Windows Local Session Manager (LSM) Denial of Service Vulnerability
CVE-2025-59258 2025-10-14 Windows Active Directory Federation Services (ADFS) Information Disclosure Vulnerability
CVE-2025-59259 2025-10-14 Windows Local Session Manager (LSM) Denial of Service Vulnerability
CVE-2025-59277 2025-10-14 Windows Authentication Elevation of Privilege Vulnerability
CVE-2025-59280 2025-10-14 Windows SMB Client Tampering Vulnerability
CVE-2025-47979 2025-10-14 Microsoft Failover Cluster Information Disclosure Vulnerability
CVE-2025-59281 2025-10-14 Xbox Gaming Services Elevation of Privilege Vulnerability
CVE-2025-59282 2025-10-14 Internet Information Services (IIS) Inbox COM Objects (Global Memory) Remote Code Execution Vulnerability
CVE-2025-59284 2025-10-14 Windows NTLM Spoofing Vulnerability
CVE-2025-59288 2025-10-14 Playwright Spoofing Vulnerability
CVE-2025-59290 2025-10-14 Windows Bluetooth Service Elevation of Privilege Vulnerability
CVE-2025-59291 2025-10-14 Confidential Azure Container Instances Elevation of Privilege Vulnerability
CVE-2025-59292 2025-10-14 Azure Compute Gallery Elevation of Privilege Vulnerability