CVE List - 2025 / October
Showing 2201 - 2300 of 4280 CVEs for October 2025 (Page 23 of 43)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2025-62379 | 2025-10-15 | Open Redirect in reflex-dev/reflex |
| CVE-2025-58132 | 2025-10-15 | Zoom Clients for Windows - Command Injection |
| CVE-2025-58133 | 2025-10-15 | Zoom Rooms Clients - Authentication Bypass |
| CVE-2025-20329 | 2025-10-15 | Cisco TelePresence Collaboration Endpoint and RoomOS Software Information Disclosure Vulnerability |
| CVE-2025-20350 | 2025-10-15 | Cisco Desk Phone 9800 Series, IP Phone 7800 and 8800 Series, and Video Phone 8875 with SIP Firmware Denial of Service Vulnerability |
| CVE-2025-20351 | 2025-10-15 | Cisco Desk Phone 9800 Series, IP Phone 7800 and 8800 Series, and Video Phone 8875 with SIP Firmware Cross-Site Scripting Vulnerability |
| CVE-2025-20359 | 2025-10-15 | Multiple Cisco Products Snort 3 MIME Information Disclosure or Denial of Service Vulnerability |
| CVE-2025-20360 | 2025-10-15 | Multiple Cisco products are affected by a vulnerability in the Snort 3 HTTP Decoder that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to restart.... |
| CVE-2025-54271 | 2025-10-15 | Creative Cloud Desktop | Time-of-check Time-of-use (TOCTOU) Race Condition (CWE-367) |
| CVE-2025-62380 | 2025-10-15 | Mailgen has HTML Injection and XSS Filter Bypass in Plaintext Emails |
| CVE-2025-10576 | 2025-10-15 | Sound Research SECOMNService Escalation of Privilege |
| CVE-2025-10577 | 2025-10-15 | Sound Research SECOMNService Escalation of Privilege |
| CVE-2025-62378 | 2025-10-15 | CommandKit exposes incorrect command name in context object for message command aliases |
| CVE-2025-62382 | 2025-10-15 | Frigate Vulnerable to Arbitrary File Read via Export Thumbnail "image_path" parameter |
| CVE-2025-62381 | 2025-10-15 | sveltekit-superforms Prototype Pollution in `parseFormData` function of `formData.js` |
| CVE-2025-62410 | 2025-10-15 | --disallow-code-generation-from-strings is not sufficient for isolating untrusted JavaScript in happy-dom |
| CVE-2025-62371 | 2025-10-15 | OpenSearch Data Prepper plugins trusts all SSL certificates by default |
| CVE-2025-11832 | 2025-10-15 | APIs Lack Rate Limiting |
| CVE-2025-62375 | 2025-10-15 | go-witness Improper Verification of AWS EC2 Identity Documents |
| CVE-2025-11568 | 2025-10-15 | Luksmeta: data corruption when handling luks1 partitions with luksmeta |
| CVE-2025-11619 | 2025-10-15 | Improper certificate validation when connecting to gateways in Devolutions Server 2025.3.2 and earlier allows attackers in MitM position to intercept traffic. |
| CVE-2025-43281 | 2025-10-15 | The issue was addressed with improved authentication. This issue is fixed in macOS Sequoia 15.6. A local attacker may be able to elevate their privileges. |
| CVE-2025-43280 | 2025-10-15 | The issue was resolved by not loading remote images This issue is fixed in iOS 18.6 and iPadOS 18.6. Forwarding an email could display remote images in Mail in Lockdown... |
| CVE-2025-43313 | 2025-10-15 | A logic issue was addressed with improved restrictions. This issue is fixed in macOS Ventura 13.7.7, macOS Sonoma 14.7.7, macOS Sequoia 15.6. An app may be able to access sensitive... |
| CVE-2025-43282 | 2025-10-15 | A double free issue was addressed with improved memory management. This issue is fixed in macOS Sequoia 15.6, iOS 18.6 and iPadOS 18.6, watchOS 11.6, tvOS 18.6, visionOS 2.6, macOS... |
| CVE-2025-22381 | 2025-10-16 | Aggie 2.6.1 has a Host Header injection vulnerability in the forgot password functionality, allowing an attacker to reset a user's password. |
| CVE-2025-56699 | 2025-10-16 | SQL injection vulnerability in the cmd component of Base Digitale Group spa product Centrax Open PSIM version 6.1 allows an unauthenticated user to execute arbitrary SQL commands via the sender... |
| CVE-2025-56700 | 2025-10-16 | Boolean SQL injection vulnerability in the web app of Base Digitale Group spa product Centrax Open PSIM version 6.1 allows a low level priviliged user that has access to the... |
| CVE-2025-60358 | 2025-10-16 | radare2 v.5.9.8 and before contains a memory leak in the function _load_relocations. |
| CVE-2025-60639 | 2025-10-16 | Hardcoded credentials in gsigel14 ATLAS-EPIC commit f29312c (2025-05-26). |
| CVE-2025-60641 | 2025-10-16 | The file mexcel.php in the Vfront 0.99.52 codebase contains a vulnerable call to unserialize(base64_decode($_POST['mexcel'])), where $_POST['mexcel'] is user-controlled input. This input is decoded from base64 and deserialized without validation or... |
| CVE-2025-60855 | 2025-10-16 | Reolink Video Doorbell WiFi DB_566128M5MP_W performs insufficient validation of firmware update signatures. This allows attackers to load malicious firmware images, resulting in arbitrary code execution with root privileges. NOTE: this... |
| CVE-2025-61330 | 2025-10-16 | A hard-coded weak password vulnerability has been discovered in all Magic-branded devices from Chinese network equipment manufacturer H3C. The vulnerability stems from the use of a hard-coded weak password for... |
| CVE-2025-61514 | 2025-10-16 | An arbitrary file upload vulnerability in SageMath, Inc CoCalc before commit 0d2ff58 allows attackers to execute arbitrary code via uploading a crafted SVG file. |
| CVE-2025-61536 | 2025-10-16 | FelixRiddle dev-jobs-handlebars 1.0 uses absolute password-reset (magic) links using the untrusted `req.headers.host` header and forces the `http://` scheme. An attacker who can control the `Host` header (or exploit a misconfigured... |
| CVE-2025-61539 | 2025-10-16 | Cross site scripting (XSS) vulnerability in Ultimate PHP Board 2.2.7 via the u_name parameter in lostpassword.php. |
| CVE-2025-61540 | 2025-10-16 | SQL injection vulnerability in Ultimate PHP Board 2.2.7 via the username field in lostpassword.php. |
| CVE-2025-61541 | 2025-10-16 | Webmin 2.510 is vulnerable to a Host Header Injection in the password reset functionality (forgot_send.cgi). The reset link sent to users is constructed using the HTTP Host header via get_webmin_email_url().... |
| CVE-2025-61543 | 2025-10-16 | A Host Header Injection vulnerability exists in the password reset functionality of CraftMyCMS 4.0.2.2. The system uses `$_SERVER['HTTP_HOST']` directly to construct password reset links sent via email. An attacker can... |
| CVE-2025-61553 | 2025-10-16 | An out-of-bounds write in VirtIO network device emulation in BitVisor from commit 108df6 (2020-05-20) to commit 480907 (2025-07-06) allows local attackers to cause a denial of service (host hypervisor crash)... |
| CVE-2025-61554 | 2025-10-16 | A divide-by-zero in VirtIO network device emulation in BitVisor from commit 108df6 (2020-05-20) to commit 480907 (2025-07-06) allows local attackers to cause a denial of service (host hypervisor crash) via... |
| CVE-2025-11683 | 2025-10-16 | YAML::Syck versions before 1.36 for Perl has missing Null-Terminators which causes Out-of-Bounds Read and potential Information Disclosure |
| CVE-2025-62579 | 2025-10-16 | ASDA-Soft Stack-based Buffer Overflow Vulnerability |
| CVE-2025-62580 | 2025-10-16 | ASDA-Soft Stack-based Buffer Overflow Vulnerability |
| CVE-2025-10700 | 2025-10-16 | Ally - Web Accessibility & Usability <= 3.8.0 - Cross-Site Request Forgery to Plugin Settings Update |
| CVE-2025-11814 | 2025-10-16 | Ultimate Addons for WPBakery Page Builder < 3.21.1 - Authenticated (Contributor+) Stored Cross-Site Scripting |
| CVE-2025-0274 | 2025-10-16 | HCL BigFix Modern Client Management (MCM) 3.3 and earlier is affected by improper access control |
| CVE-2025-0275 | 2025-10-16 | HCL BigFix Mobile 3.3 and earlier is affected by improper access control |
| CVE-2025-58778 | 2025-10-16 | Multiple versions of RG-EST300 provided by Ruijie Networks provide SSH server functionality. It is not documented in the manual, and enabled in the initial configuration. Anyone with the knowledge of... |
| CVE-2025-55084 | 2025-10-16 | Out of bound read in _nx_secure_tls_proc_clienthello_supported_versions_extension() |
| CVE-2025-55089 | 2025-10-16 | Eclipse ThreadX FileX RAM disk driver buffer overflow |
| CVE-2025-55090 | 2025-10-16 | Potential out of bound read issue in _nx_ipv4_packet_receive() in NetX Duo |
| CVE-2025-10706 | 2025-10-16 | Classified Pro <= 1.0.14 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin Installation |
| CVE-2025-10742 | 2025-10-16 | Truelysell Core <= 1.8.6 - Unauthenticated Arbitrary User Password Change |
| CVE-2025-10850 | 2025-10-16 | Felan Framework <= 1.1.4 - Hardcoded Credentials |
| CVE-2025-10849 | 2025-10-16 | Felan Framework <= 1.1.4 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin Activation/Deactivation via process_plugin_actions |
| CVE-2025-62583 | 2025-10-16 | Whale Browser before 4.33.325.17 allows an attacker to escape the iframe sandbox in a dual-tab environment. |
| CVE-2025-62584 | 2025-10-16 | Whale browser before 4.33.325.17 allows an attacker to bypass the Same-Origin Policy in a dual-tab environment. |
| CVE-2025-62585 | 2025-10-16 | Whale browser before 4.33.325.17 allows an attacker to bypass the Content Security Policy via a specific scheme in a dual-tab environment. |
| CVE-2025-41018 | 2025-10-16 | SQL injection vulnerability in Sergestec's Exito |
| CVE-2025-55091 | 2025-10-16 | Potential out of bound read in _nx_ip_packet_receive() |
| CVE-2025-41019 | 2025-10-16 | SQL injection vulnerability in Sergestec's Exito |
| CVE-2025-41020 | 2025-10-16 | Insecure direct object reference (IDOR) vulnerability in Sergestec's Exito |
| CVE-2025-41021 | 2025-10-16 | Stored Cross-Site Scripting (XSS) vulnerability in Sergestec's Exito |
| CVE-2025-41443 | 2025-10-16 | Guest user can discover active public channels |
| CVE-2025-54499 | 2025-10-16 | Insecure string comparison enables timing attacks |
| CVE-2025-58075 | 2025-10-16 | Arbitrary Mattermost Team can be joined by manipulating the SAML RelayState |
| CVE-2025-10545 | 2025-10-16 | Guest user can add unauthorized team users to private channels |
| CVE-2025-0276 | 2025-10-16 | HCL BigFix Modern Client Management (MCM) is affected by an insecure Content Security Policy (CSP) |
| CVE-2025-54539 | 2025-10-16 | Apache ActiveMQ NMS AMQP Client: Deserialization of Untrusted Data |
| CVE-2025-0277 | 2025-10-16 | HCL BigFix Mobile is affected by an insecure Content Security Policy (CSP) |
| CVE-2025-41410 | 2025-10-16 | Slack import bypasses email verification for team access controls |
| CVE-2025-61581 | 2025-10-16 | Apache Traffic Control: ReDoS issue in Traffic Router configuration |
| CVE-2025-58073 | 2025-10-16 | Arbitrary Mattermost Team can be joined by manipulating the OAuth state |
| CVE-2025-53858 | 2025-10-16 | ChatLuck contains a cross-site scripting vulnerability in Chat Rooms. If exploited, an arbitrary script may be executed on the web browser of the user who is accessing the product. |
| CVE-2025-54461 | 2025-10-16 | ChatLuck contains an insufficient granularity of access control vulnerability in Invitation of Guest Users. If exploited, an uninvited guest user may register itself as a guest user. |
| CVE-2025-58115 | 2025-10-16 | ChatLuck contains a cross-site scripting vulnerability in Guest User Sign-up. If exploited, an arbitrary script may be executed on the web browser of the user who is accessing the product. |
| CVE-2025-6338 | 2025-10-16 | Possible denial of service with multiple incoming connections to a Schannel based server with a TLS backend |
| CVE-2025-24833 | 2025-10-16 | Stored cross-site scripting (XSS) vulnerability in desknet's NEO versions V4.0R1.0–V9.0R2.0 allow execution of arbitrary JavaScript in a user’s web browser. |
| CVE-2025-52583 | 2025-10-16 | Reflected cross-site scripting (XSS) vulnerability in desknet's Web Server allows execution of arbitrary JavaScript in a user’s web browser. |
| CVE-2025-54760 | 2025-10-16 | Stored cross-site scripting (XSS) vulnerability in desknet's NEO V9.0R2.0 and earlier allow execution of arbitrary JavaScript in a user’s web browser. |
| CVE-2025-54859 | 2025-10-16 | Stored cross-site scripting (XSS) vulnerability in desknet's NEO V9.0R2.0 and earlier allow execution of arbitrary JavaScript in a user’s web browser. |
| CVE-2025-55072 | 2025-10-16 | Stored cross-site scripting (XSS) vulnerability in desknet's NEO V2.0R1.0 to V9.0R2.0 allow execution of arbitrary JavaScript in a user’s web browser. |
| CVE-2025-58079 | 2025-10-16 | Improper Protection of Alternate Path (CWE-424) in the AppSuite of desknet's NEO V4.0R1.0 to V9.0R2.0 allows an attacker to create malicious AppSuite applications. |
| CVE-2025-58426 | 2025-10-16 | desknet's NEO V4.0R1.0 to V9.0R2.0 contains a hard-coded cryptographic key, which allows an attacker to create malicious AppSuite applications. |
| CVE-2025-3930 | 2025-10-16 | Lack of JWT Expiration after Log Out in Strapi |
| CVE-2025-10611 | 2025-10-16 | Potential Broken Access Control in Multiple WSO2 Products via System REST APIs |
| CVE-2025-9955 | 2025-10-16 | Improper Access Control in WSO2 Enterprise Integrator Product via SOAP Admin Services for Logs and User-Store Configuration |
| CVE-2025-9804 | 2025-10-16 | Improper Access Control in Multiple WSO2 Products via Internal SOAP Admin Services and System REST APIs |
| CVE-2025-9152 | 2025-10-16 | Improper Privilege Management in Multiple WSO2 API Manager via keymanager-operations DCR Endpoint |
| CVE-2025-54658 | 2025-10-16 | An Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability [CWE-22] in Fortinet FortiDLP Agent's Outlookproxy plugin for MacOS 11.5.1 and 11.4.2 through 11.4.6 and 11.3.2 through... |
| CVE-2025-53951 | 2025-10-16 | An Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability [CWE-22] in Fortinet FortiDLP Agent's Outlookproxy plugin for Windows 11.5.1 and 11.4.2 through 11.4.6 and 11.3.2 through... |
| CVE-2025-53950 | 2025-10-16 | An Exposure of Private Personal Information ('Privacy Violation') vulnerability [CWE-359] in Fortinet FortiDLP Agent's Outlookproxy plugin for MacOS and Windows 11.5.1 and 11.4.2 through 11.4.6 and 11.3.2 through 11.3.4 and... |
| CVE-2025-46752 | 2025-10-16 | A insertion of sensitive information into log file in Fortinet FortiDLP 12.0.0 through 12.0.5, 11.5.1, 11.4.6, 11.4.5 allows attacker to information disclosure via re-using the enrollment code. |
| CVE-2025-11839 | 2025-10-16 | GNU Binutils prdbg.c tg_tag_type return value |
| CVE-2025-41253 | 2025-10-16 | Spring Cloud Gateway Webflux SpEL Injection Vulnerability Allowing Exposure of Environment Variables |
| CVE-2025-41254 | 2025-10-16 | Spring Framework STOMP CSRF Vulnerability |
| CVE-2025-36002 | 2025-10-16 | IBM Sterling B2B Integrator information disclosure |
| CVE-2025-55035 | 2025-10-16 | Mattermost Desktop DoS when user has basic authentication server configured |
| CVE-2025-9559 | 2025-10-16 | Pega Platform versions 8.7.5 to Infinity 24.2.2 are affected by a Insecure Direct Object Reference issue in a user interface component that can only be used to read data |