CVE List - 2025 / October
Showing 2301 - 2400 of 4280 CVEs for October 2025 (Page 24 of 43)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2025-11840 | 2025-10-16 | GNU Binutils ldmisc.c vfinfo out-of-bounds |
| CVE-2025-11842 | 2025-10-16 | Shazwazza Smidge Bundle path traversal |
| CVE-2025-62490 | 2025-10-16 | Use-after-free in js_print_object in QuickJS |
| CVE-2025-62491 | 2025-10-16 | Use-after-free in js_std_promise_rejection_check in QuickJS |
| CVE-2025-62492 | 2025-10-16 | Heap out-of-bounds read in js_typed_array_indexOf in QuickJS |
| CVE-2025-62493 | 2025-10-16 | Heap out-of-bounds read in js_bigint_to_string1 in QuickJS |
| CVE-2025-62494 | 2025-10-16 | Type confusion in string addition in QuickJS |
| CVE-2025-62495 | 2025-10-16 | Type confusion in string addition in QuickJS |
| CVE-2025-62496 | 2025-10-16 | Integer overflow in js_bigint_from_string in QuickJS |
| CVE-2025-11851 | 2025-10-16 | Apeman ID71 set_alias.cgi cross site scripting |
| CVE-2024-56143 | 2025-10-16 | Strapi Allows Unauthorized Access to Private Fields via parms.lookup |
| CVE-2025-25298 | 2025-10-16 | Missing Maximum Password Length Validation in Strapi Password Hashing |
| CVE-2025-53092 | 2025-10-16 | Strapi core vulnerable to sensitive data exposure via CORS misconfiguration |
| CVE-2025-58051 | 2025-10-16 | Nextcloud Tables app allowed to include local file via PhpSpreadsheet when importing a table |
| CVE-2025-36128 | 2025-10-16 | IBM MQ denial of service |
| CVE-2025-61789 | 2025-10-16 | Icinga DB Web hidden/protected custom variables are prone to filter enumeration |
| CVE-2025-61907 | 2025-10-16 | Icinga 2 API users could access restricted values in filter expressions |
| CVE-2025-61908 | 2025-10-16 | Icinga 2 Denial of Service (DoS) By Dereferencing Invalid Reference |
| CVE-2025-62586 | 2025-10-16 | OPEXUS FOIAXpress unauthenticated administrator password reset |
| CVE-2025-61909 | 2025-10-16 | Icinga 2 signals sent as root to processes based on PID file written by the Icinga 2 daemon user |
| CVE-2025-61922 | 2025-10-16 | PrestaShop Checkout allows customer account takeover via email |
| CVE-2025-61923 | 2025-10-16 | PrestaShop Checkout Backoffice directory traversal allows arbitrary file disclosure |
| CVE-2025-61924 | 2025-10-16 | PrestaShop Checkout Target PayPal merchant account hijacking from backoffice |
| CVE-2025-62407 | 2025-10-16 | Frappe has an Open Redirect on Login Page |
| CVE-2025-62409 | 2025-10-16 | Envoy allows large requests and responses to cause TCP connection pool crash |
| CVE-2025-62411 | 2025-10-16 | Stored XSS in Alert Transport name field in LibreNMS |
| CVE-2025-34516 | 2025-10-16 | Ilevia EVE X1 Server 4.7.18.0.eden Use of Default Credentials |
| CVE-2025-34513 | 2025-10-16 | Ilevia EVE X1 Server 4.7.18.0.eden Unauthenticated Command Injection |
| CVE-2025-62412 | 2025-10-16 | LibreNMS alert-rules Cross-Site Scripting Vulnerability |
| CVE-2025-34515 | 2025-10-16 | Ilevia EVE X1 Server 4.7.18.0.eden Root Privilege Escalation |
| CVE-2025-34518 | 2025-10-16 | Ilevia EVE X1 Server 4.7.18.0.eden Relative Path Traversal |
| CVE-2025-34512 | 2025-10-16 | Ilevia EVE X1 Server 4.7.18.0.eden Reflected XSS |
| CVE-2025-34519 | 2025-10-16 | Ilevia EVE X1 Server 4.7.18.0.eden Insecure Hashing Algorithm |
| CVE-2025-34514 | 2025-10-16 | Ilevia EVE X1 Server 4.7.18.0.eden Authenticated Command Injection |
| CVE-2025-34517 | 2025-10-16 | Ilevia EVE X1 Server 4.7.18.0.eden Absolute Path Traversal |
| CVE-2025-62413 | 2025-10-16 | MQTTX vulnerable to cross-site scripting via improper message payload rendering |
| CVE-2025-62417 | 2025-10-16 | bagisto - CSV Formula Injection in Create New Product |
| CVE-2025-62416 | 2025-10-16 | bagisto - Server Side Template Injection (SSTI) in Product Description |
| CVE-2025-62414 | 2025-10-16 | bagisto - Cross Site Scripting (XSS) in Create New Customer |
| CVE-2025-62418 | 2025-10-16 | bagisto - Cross Site Scripting (XSS) in TinyMCE Image Upload (SVG) |
| CVE-2025-62415 | 2025-10-16 | bagisto - Cross Site Scripting (XSS) in TinyMCE Image Upload (HTML) |
| CVE-2025-62423 | 2025-10-16 | ClipBucket V5 Blind SQL injection in the Admin Panel |
| CVE-2025-62425 | 2025-10-16 | Matrix Authentication Service account password can be changed using an authenticated session without supplying the current password |
| CVE-2025-62427 | 2025-10-16 | Server-Side Request Forgery (SSRF) in Angular SSR |
| CVE-2025-34254 | 2025-10-16 | D-Link Nuclias Connect <= v1.3.1.4 Login Account Enumeration |
| CVE-2025-34255 | 2025-10-16 | D-Link Nuclias Connect <= v1.3.1.4 Forgot Password Account Enumeration |
| CVE-2025-34253 | 2025-10-16 | D-Link Nuclias Connect <= v1.3.1.4 Stored Cross-Site Scripting (XSS) |
| CVE-2025-62428 | 2025-10-16 | Drawing-Captcha APP Host Header Injection in `/register` and `/confirm-email` Endpoints |
| CVE-2025-11492 | 2025-10-16 | HTTP Configuration and Encryption in Transit |
| CVE-2025-11493 | 2025-10-16 | Self-Update Verification Mechanism Process in ConnectWise Automate |
| CVE-2025-11852 | 2025-10-16 | Apeman ID71 ONVIF Service device_service missing authentication |
| CVE-2025-11853 | 2025-10-16 | Sismics Teedy API Endpoint file access control |
| CVE-2024-42192 | 2025-10-16 | HCL Traveler for Microsoft Outlook (HTMO) is susceptible to a credential leakage |
| CVE-2025-11864 | 2025-10-16 | NucleoidAI Nucleoid Outbound Request cluster.ts extension.apply server-side request forgery |
| CVE-2025-62506 | 2025-10-16 | MinIO vulnerable to privilege escalation via session policy bypass in service accounts and STS |
| CVE-2025-62504 | 2025-10-16 | Envoy Lua filter use-after-free when oversized rewritten response body causes crash |
| CVE-2025-11896 | 2025-10-16 | Stack overflow in Xpdf 4.05 due to object loop in PDF CMap |
| CVE-2024-31573 | 2025-10-17 | XMLUnit for Java before 2.10.0, in the default configuration, might allow code execution via an untrusted stylesheet (used for an XSLT transformation), because XSLT extension functions are enabled. |
| CVE-2025-56218 | 2025-10-17 | An arbitrary file upload vulnerability in SigningHub v8.6.8 allows attackers to execute arbitrary code via uploading a crafted PDF file. |
| CVE-2025-56221 | 2025-10-17 | A lack of rate limiting in the login mechanism of SigningHub v8.6.8 allows attackers to bypass authentication via a brute force attack. |
| CVE-2025-56316 | 2025-10-17 | A SQL injection vulnerability in the content_title parameter of the /cms/content/list endpoint in MCMS 5.5.0 allows remote attackers to execute arbitrary SQL queries via unsanitized input in the FreeMarker template... |
| CVE-2025-56320 | 2025-10-17 | Enterprise Contract Management Portal v.22.4.0 is vulnerable to Stored Cross-Site Scripting (XSS) in its chat box component. This allows a remote attacker to execute arbitrary code |
| CVE-2025-57164 | 2025-10-17 | Flowise through v3.0.4 is vulnerable to remote code execution via unsanitized evaluation of user input in the "Supabase RPC Filter" field. |
| CVE-2025-57567 | 2025-10-17 | A remote code execution (RCE) vulnerability exists in the PluXml CMS theme editor, specifically in the minify.php file located under the default theme directory (/themes/defaut/css/minify.php). An authenticated administrator user can... |
| CVE-2025-60279 | 2025-10-17 | A server-side request forgery (SSRF) vulnerability in Illia Cloud illia-Builder before v4.8.5 allows authenticated users to send arbitrary requests to internal services via the API. An attacker can leverage this... |
| CVE-2025-60359 | 2025-10-17 | radare2 v5.9.8 and before contains a memory leak in the function r_bin_object_new. |
| CVE-2025-60360 | 2025-10-17 | radare2 v5.9.8 and before contains a memory leak in the function r2r_subprocess_init. |
| CVE-2025-60361 | 2025-10-17 | radare2 v5.9.8 and before contains a memory leak in the function bochs_open. |
| CVE-2025-60514 | 2025-10-17 | Tillywork v0.1.3 and below is vulnerable to SQL Injection in app/common/helpers/query.builder.helper.ts. |
| CVE-2025-62642 | 2025-10-17 | The Restaurant Brands International (RBI) assistant platform through 2025-09-06 has an "Anyone Can Join This Party" signup API that does not verify user account creation, allowing a remote unauthenticated attacker... |
| CVE-2025-62643 | 2025-10-17 | The Restaurant Brands International (RBI) assistant platform through 2025-09-06 transmits passwords of user accounts in cleartext e-mail messages. |
| CVE-2025-62644 | 2025-10-17 | The Restaurant Brands International (RBI) assistant platform through 2025-09-06 has a Global Store Directory that shares personal information among authenticated users. |
| CVE-2025-62645 | 2025-10-17 | The Restaurant Brands International (RBI) assistant platform through 2025-09-06 allows a remote authenticated attacker to obtain a token with administrative privileges for the entire platform via the createToken GraphQL mutation. |
| CVE-2025-62646 | 2025-10-17 | The Restaurant Brands International (RBI) assistant platform through 2025-09-06 allows remote attackers to review the stored audio of conversations between associates and Drive Thru customers. |
| CVE-2025-62647 | 2025-10-17 | The Restaurant Brands International (RBI) assistant platform through 2025-09-06 provides the functionality of returning a JWT that can be used to call an API to return a signed AWS upload... |
| CVE-2025-62648 | 2025-10-17 | The Restaurant Brands International (RBI) assistant platform through 2025-09-06 allows remote attackers to adjust Drive Thru speaker audio volume. |
| CVE-2025-62649 | 2025-10-17 | The Restaurant Brands International (RBI) assistant platform through 2025-09-06 relies on client-side authentication for submission of equipment orders. |
| CVE-2025-62650 | 2025-10-17 | The Restaurant Brands International (RBI) assistant platform through 2025-09-06 relies on client-side authentication for use of the diagnostic screen. |
| CVE-2025-62651 | 2025-10-17 | The Restaurant Brands International (RBI) assistant platform through 2025-09-06 does not implement access control for the bathroom rating interface. |
| CVE-2025-6892 | 2025-10-17 | An Incorrect Authorization vulnerability has been identified in Moxa’s network security appliances and routers. A flaw in the API authentication mechanism allows unauthorized access to protected API endpoints, including those... |
| CVE-2025-6893 | 2025-10-17 | An Execution with Unnecessary Privileges vulnerability has been identified in Moxa’s network security appliances and routers. A flaw in broken access control has been identified in the /api/v1/setting/data endpoint of... |
| CVE-2025-6894 | 2025-10-17 | An Execution with Unnecessary Privileges vulnerability has been identified in Moxa’s network security appliances and routers. A flaw in the API authorization logic of the affected device allows an authenticated,... |
| CVE-2025-6949 | 2025-10-17 | An Execution with Unnecessary Privileges vulnerability has been identified in Moxa’s network security appliances and routers. A critical authorization flaw in the API allows an authenticated, low-privileged user to create... |
| CVE-2025-6950 | 2025-10-17 | An Use of Hard-coded Credentials vulnerability has been identified in Moxa’s network security appliances and routers. The system employs a hard-coded secret key to sign JSON Web Tokens (JWT) used... |
| CVE-2025-11898 | 2025-10-17 | Flowring Technology|Agentflow - Arbitrary File Reading through Path Traversal |
| CVE-2025-11899 | 2025-10-17 | Flowring Technology|Agentflow - Use of Hard-coded Cryptographic Key |
| CVE-2025-11900 | 2025-10-17 | HGiga|iSherlock - OS Command Injection |
| CVE-2025-11849 | 2025-10-17 | Versions of the package mammoth from 0.3.25 and before 1.11.0; versions of the package mammoth from 0.3.25 and before 1.11.0; versions of the package mammoth before 1.11.0; versions of the... |
| CVE-2025-55092 | 2025-10-17 | Potential out of bound read in _nx_ipv4_option_process() |
| CVE-2025-55093 | 2025-10-17 | Out of bound read and write in _nx_ipv4_packet_receive() when handling unicast DHCP messages |
| CVE-2025-55094 | 2025-10-17 | Potential out-of-bounds read in _nx_icmpv6_validate_options() |
| CVE-2025-55096 | 2025-10-17 | Inadequate bounds check and potential underflow in _ux_host_class_hid_report_descriptor_get() |
| CVE-2025-55097 | 2025-10-17 | Potential out-of-bounds read in _ux_host_class_audio_streaming_sampling_get() |
| CVE-2025-55098 | 2025-10-17 | Potential out-of-bounds read in _ux_host_class_audio_device_type_get() |
| CVE-2025-55099 | 2025-10-17 | Potential out-of-bounds read in _ux_host_class_audio_alternate_setting_locate() |
| CVE-2025-55100 | 2025-10-17 | Potential out-of-bounds read in _ux_host_class_audio10_sam_parse_func() |
| CVE-2025-55087 | 2025-10-17 | In NextX Duo's snmp addon versions before 6.4.4, a part of the Eclipse Foundation ThreadX, an attacker could cause an out-of-bound read by a crafted SNMPv3 security parameters. |
| CVE-2025-11895 | 2025-10-17 | Binary MLM Plan <= 3.0 - Authenticated (Subscriber+) Insecure Direct Object Reference |
| CVE-2023-28814 | 2025-10-17 | Some versions of Hikvision's iSecure Center Product have an improper file upload control vulnerability. Due to the improper verification of file to be uploaded, attackers may upload malicious files to... |
| CVE-2023-28815 | 2025-10-17 | Some versions of Hikvision's iSecure Center Product contain insufficient parameter validation, resulting in a command injection vulnerability. Attackers may exploit this to gain platform privileges and execute arbitrary commands on... |