CVE List - 2025 / December
Showing 1001 - 1100 of 3706 CVEs for December 2025 (Page 11 of 38)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2025-48590 | 2025-12-08 | In verifyAndGetBypass of AppOpsService.java, there is a possible method for a malicious app to prevent dialing emergency services under limited circumstances due to resource exhaustion. This could lead to local... |
| CVE-2025-48591 | 2025-12-08 | In multiple locations, there is a possible way to read files from another user due to a missing permission check. This could lead to local information disclosure with no additional... |
| CVE-2025-48592 | 2025-12-08 | In initDecoder of C2SoftDav1dDec.cpp, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges... |
| CVE-2025-48594 | 2025-12-08 | In onUidImportance of DisassociationProcessor.java, there is a possible way to retain companion application privileges after disassociation due to improper input validation. This could lead to local escalation of privilege with... |
| CVE-2025-48596 | 2025-12-08 | In appendFrom of Parcel.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with no additional execution... |
| CVE-2025-48597 | 2025-12-08 | In multiple locations, there is a possible way to trick a user into accepting a permission due to a tapjacking/overlay attack. This could lead to local escalation of privilege with... |
| CVE-2025-48598 | 2025-12-08 | In multiple locations, there is a possible way to alter the primary user's face unlock settings due to a confused deputy. This could lead to physical escalation of privilege with... |
| CVE-2025-48599 | 2025-12-08 | In multiple functions of WifiScanModeActivity.java, there is a possible way to bypass a device config restriction due to a missing permission check. This could lead to local escalation of privilege... |
| CVE-2025-48600 | 2025-12-08 | In multiple files, there is a possible way to reveal information across users due to a missing permission check. This could lead to local information disclosure with no additional execution... |
| CVE-2025-48601 | 2025-12-08 | In multiple locations, there is a possible permanent denial of service due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed.... |
| CVE-2025-48603 | 2025-12-08 | In InputMethodInfo of InputMethodInfo.java, there is a possible permanent denial of service due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed.... |
| CVE-2025-48604 | 2025-12-08 | In multiple locations, there is a possible way to read files from another user due to a missing permission check. This could lead to local information disclosure with no additional... |
| CVE-2025-48607 | 2025-12-08 | In multiple locations, there is a possible way to create a large amount of app ops due to a logic error in the code. This could lead to local denial... |
| CVE-2025-48610 | 2025-12-08 | In __pkvm_guest_relinquish_to_host of mem_protect.c, there is a possible configuration data leak due to a logic error in the code. This could lead to local information disclosure with no additional execution... |
| CVE-2025-48612 | 2025-12-08 | In multiple locations, there is a possible way for an application on a work profile to set the main user's default NFC payment setting due to improper input validation. This... |
| CVE-2025-48614 | 2025-12-08 | In rebootWipeUserData of RecoverySystem.java, there is a possible way to factory reset the device while in DSU mode due to a missing permission check. This could lead to physical denial... |
| CVE-2025-48615 | 2025-12-08 | In getComponentName of MediaButtonReceiverHolder.java, there is a possible desync in persistence due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User... |
| CVE-2025-48618 | 2025-12-08 | In processLaunchBrowser of CommandParamsFactory.java, there is a possible browser interaction from the lockscreen due to improper locking. This could lead to physical escalation of privilege with no additional execution privileges... |
| CVE-2025-48620 | 2025-12-08 | In onSomePackagesChanged of VoiceInteractionManagerService.java, there is a possible way for a third party application's component name to persist even after uninstalling due to a logic error in the code. This... |
| CVE-2025-48621 | 2025-12-08 | In DefaultTransitionHandler.java, there is a possible way to enable a tapjacking attack due to a insecure default. This could lead to local escalation of privilege with no additional execution privileges... |
| CVE-2025-48622 | 2025-12-08 | In ProcessArea of dng_misc_opcodes.cpp, there is a possible out of bounds read due to a buffer overflow. This could lead to local information disclosure with no additional execution privileges needed.... |
| CVE-2025-48623 | 2025-12-08 | In init_pkvm_hyp_vcpu of pkvm.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges... |
| CVE-2025-48624 | 2025-12-08 | In multiple functions of arm-smmu-v3.c, there is a possible out-of-bounds write due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed.... |
| CVE-2025-48626 | 2025-12-08 | In multiple locations, there is a possible way to launch an application from the background due to a precondition check failure. This could lead to remote escalation of privilege with... |
| CVE-2025-48627 | 2025-12-08 | In startNextMatchingActivity of ActivityTaskManagerService.java, there is a possible way to launch an activity from the background due to a logic error in the code. This could lead to local escalation... |
| CVE-2025-48628 | 2025-12-08 | In validateIconUserBoundary of PrintManagerService.java, there is a possible cross-user image leak due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed.... |
| CVE-2025-48629 | 2025-12-08 | In findAvailRecognizer of VoiceInteractionManagerService.java, there is a possible way to become the default speech recognizer app due to an insecure default value. This could lead to local escalation of privilege... |
| CVE-2025-48631 | 2025-12-08 | In onHeaderDecoded of LocalImageResolver.java, there is a possible persistent denial of service due to resource exhaustion. This could lead to remote denial of service with no additional execution privileges needed.... |
| CVE-2025-48632 | 2025-12-08 | In setDisplayName of AssociationRequest.java, there is a possible way to cause CDM associations to persist after the user has disassociated them due to improper input validation. This could lead to... |
| CVE-2025-48633 | 2025-12-08 | In hasAccountsOnAnyUser of DevicePolicyManagerService.java, there is a possible way to add a Device Owner after provisioning due to a logic error in the code. This could lead to local escalation... |
| CVE-2025-48637 | 2025-12-08 | In multiple functions of mem_protect.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution... |
| CVE-2025-48638 | 2025-12-08 | In __pkvm_load_tracing of trace.c, there is a possible out-of-bounds write due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User... |
| CVE-2025-48639 | 2025-12-08 | In DefaultTransitionHandler.java, there is a possible way to unknowingly grant permissions to an app due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional... |
| CVE-2025-14257 | 2025-12-08 | itsourcecode Student Management System newrecord.php sql injection |
| CVE-2025-48569 | 2025-12-08 | In multiple locations, there is a possible permanent denial of service due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User... |
| CVE-2025-48606 | 2025-12-08 | In preparePackage of InstallPackageHelper.java, there is a possible way for an app to appear hidden upon installation without a mechanism to uninstall it due to a logic error in the... |
| CVE-2025-48608 | 2025-12-08 | In isValidMediaUri of SettingsProvider.java, there is a possible cross user media read due to a missing permission check. This could lead to local information disclosure with no additional execution privileges... |
| CVE-2025-48625 | 2025-12-08 | In multiple locations of UsbDataAdvancedProtectionHook.java, there is a possible way to access USB data when the screen is off due to a race condition. This could lead to local escalation... |
| CVE-2025-14258 | 2025-12-08 | itsourcecode Student Management System newsubject.php sql injection |
| CVE-2025-14259 | 2025-12-08 | Jihai Jshop MiniProgram Mall System api.html sql injection |
| CVE-2025-14261 | 2025-12-08 | Lack of entropy allows registered low-privileged users of Litmus to crack valid JWT tokens and gain admin privileges |
| CVE-2025-36015 | 2025-12-08 | IBM Controller Denial of Service |
| CVE-2025-33111 | 2025-12-08 | IBM Controller Information Disclosure |
| CVE-2025-36102 | 2025-12-08 | IBM Controller Validation Bypass |
| CVE-2025-14276 | 2025-12-08 | Ilevia EVE X1 Server leaf_search.php command injection |
| CVE-2025-36017 | 2025-12-08 | IBM Controller Information Disclosure |
| CVE-2025-12832 | 2025-12-08 | IBM InfoSphere Information Server Server-Side Request Forgery |
| CVE-2025-64650 | 2025-12-08 | IBM Storage Defender - Resiliency Service Information Disclosure |
| CVE-2025-12635 | 2025-12-08 | IBM WebSphere Application Server and WebSphere Application Server Liberty Cross-Site Scripting |
| CVE-2025-62408 | 2025-12-08 | c-ares has a Use After Free vulnerability when connection is cleaned up after error |
| CVE-2025-36140 | 2025-12-08 | IBM watsonx.data Denial of Service |
| CVE-2025-64497 | 2025-12-08 | Tuleap exposes releases for all projects to File Release System project administrators |
| CVE-2025-64498 | 2025-12-08 | Tuleap has a Cross-Site Request Forgery (CSRF) vulnerability |
| CVE-2025-64499 | 2025-12-08 | Tuleap is missing CSRF protections for its planning management API |
| CVE-2025-64760 | 2025-12-08 | Tuleap has missing CSRF protections in its tracker trigger management system |
| CVE-2025-65962 | 2025-12-08 | Tuleap has missing CSRF protections its in tracker field dependencies |
| CVE-2025-65964 | 2025-12-08 | n8n Vulnerable to Remote Code Execution via Git Node Custom Pre-Commit Hook |
| CVE-2025-66202 | 2025-12-08 | Astro has an Authentication Bypass via Double URL Encoding, a bypass for CVE-2025-64765 |
| CVE-2025-66204 | 2025-12-08 | WBCE CMS allows brute-force protection bypass using X-Forwarded-For header |
| CVE-2025-66469 | 2025-12-08 | NiceGUI Reflected XSS in ui.add_css, ui.add_scss, and ui.add_sass via Style Injection |
| CVE-2022-50631 | 2025-12-08 | RISC-V: kexec: Fix memory leak of fdt buffer |
| CVE-2022-50632 | 2025-12-08 | drivers: perf: marvell_cn10k: Fix hotplug callback leak in tad_pmu_init() |
| CVE-2025-56704 | 2025-12-09 | LeptonCMS version 7.3.0 contains an arbitrary file upload vulnerability, which is caused by the lack of proper validation for uploaded files. An authenticated attacker can exploit this vulnerability by uploading... |
| CVE-2025-61074 | 2025-12-09 | A stored Cross Site Scripting (XSS) vulnherability in the bulletin board (SchwarzeBrett) in adata Software GmbH Mitarbeiter Portal 2.15.2.0 allows remote authenticated users to execute arbitrary JavaScript code in the... |
| CVE-2025-61075 | 2025-12-09 | Multiple Incorrect Access Control vulnerabilities in adata Software GmbH Mitarbeiterportal 2.15.2.0 allow remote authenticated, low-privileged users to carry out administrative functions and manipulate data of other users via unauthorized API... |
| CVE-2025-61078 | 2025-12-09 | Cross-site scripting (XSS) vulnerability in Request IP form in phpIPAM v1.7.3 allows remote attackers to inject arbitrary web script or HTML via the instructions parameter for the /app/admin/instructions/edit-result.php endpoint. |
| CVE-2025-61258 | 2025-12-09 | An issue was discovered in Outsystems Platform Server 11.18.1.37828 allows attackers to cause a denial of service via crafted content-length value mismatching the body length. |
| CVE-2025-63737 | 2025-12-09 | Cross-site scripting (XSS) vulnerability in function urltestAction in file cliAction.php in Xinhu Rainrock RockOA 2.7.0 allows remote attackers to inject arbitrary web script or HTML via the m parameter to... |
| CVE-2025-63738 | 2025-12-09 | An issue was discovered in file index.php in Xinhu Rainrock RockOA 2.7.0 allowing attackers to gain sensitive information via phpinfo via the a parameter to the index.php. |
| CVE-2025-63739 | 2025-12-09 | An issue was discovered in function phpinisaveAction in file webmain/system/cogini/coginiAction.php in Xinhu Rainrock RockOA 2.7.0 allowing attackers to authenticated users to modify PHP configuration files via the a parameter to... |
| CVE-2025-63740 | 2025-12-09 | SQL Injection vulnerability in function getselectdataAjax in file inputAction.php in Xinhu Rainrock RockOA 2.7.0 allowing attackers gain sensitive information, including administrator accounts, password hashes, database structure, and other critical data... |
| CVE-2025-63742 | 2025-12-09 | SQL Injection vulnerability in function setwxqyAction in file webmain/task/api/loginAction.php in Xinhu Rainrock RockOA 2.7.0 allowing attackers gain sensitive information, including administrator accounts, password hashes, database structure, and other critical data... |
| CVE-2025-64085 | 2025-12-09 | A NULL pointer dereference vulnerability in the importDataObject() function of PDF-XChange Editor v10.7.3.401 allows attackers to cause a Denial of Service (DoS) via a crafted input. |
| CVE-2025-64086 | 2025-12-09 | A NULL pointer dereference vulnerability in the util.readFileIntoStream component of PDF-XChange Editor v10.7.3.401 allows attackers to cause a Denial of Service (DoS) via a crafted input. |
| CVE-2025-65287 | 2025-12-09 | An unauthenticated directory traversal vulnerability in cgi-bin/upload.cgi in SNMP Web Pro 1.1 allows a remote attacker to read arbitrary files. The CGI concatenates the user-supplied params directly onto the base... |
| CVE-2025-65288 | 2025-12-09 | A buffer overflow in the Mercury MR816v2 (081C3114 4.8.7 Build 110427 Rel 36550n) occurs when the device accepts and stores excessively long hostnames from LAN hosts without proper length validation.... |
| CVE-2025-65289 | 2025-12-09 | A stored Cross site scripting (XSS) vulnerability in the Mercury MR816v2 (081C3114 4.8.7 Build 110427 Rel 36550n) router allows a remote attacker on the LAN to inject JavaScript into the... |
| CVE-2025-65300 | 2025-12-09 | A stored Cross-Site Scripting (XSS) vulnerability exists in the Coohom SaaS Platform feVersion=1760060603897 (2025-10-28) in the Account Settings module, where unsanitized user input in Address fields (City, State, Country/Region) is... |
| CVE-2025-65513 | 2025-12-09 | fetch-mcp v1.0.2 and before is vulnerable to Server-Side Request Forgery (SSRF) vulnerability, which allows attackers to bypass private IP validation and access internal network resources. |
| CVE-2025-65572 | 2025-12-09 | Cross Site Scripting (XSS) vulnerability in AllskyTeam AllSky v2024.12.06_06 allows remote attackers to execute arbitrary code via the (1) config, (2) filename, or (3) extratext parameter to allskySettings.php. When the... |
| CVE-2025-65573 | 2025-12-09 | Cross Site Request Forgery (CSRF) vulnerability in AllskyTeam AllSky v2024.12.06_06 allows remote attackers to cause a denial of service via function handle_interface_POST_and_status. |
| CVE-2025-65594 | 2025-12-09 | OpenSIS 9.2 and below is vulnerable to Incorrect Access Control in Student.php, which allows an authenticated low-privilege user to perform unauthorized database write operations relating to the data of other... |
| CVE-2025-65741 | 2025-12-09 | Sublime Text 3 Build 3208 or prior for MacOS is vulnerable to Dylib Injection. An attacker could compile a .dylib file and force the execution of this library in the... |
| CVE-2025-65882 | 2025-12-09 | An issue was discovered in openmptcprouter thru 0.64 in file common/package/utils/sys-upgrade-helper/src/tools/sysupgrade.c in function create_xor_ipad_opad allowing attackers to potentially write arbitrary files or execute arbitrary commands. |
| CVE-2022-50633 | 2025-12-09 | usb: dwc3: qcom: Fix memory leak in dwc3_qcom_interconnect_init |
| CVE-2022-50634 | 2025-12-09 | power: supply: cw2015: Fix potential null-ptr-deref in cw_bat_probe() |
| CVE-2022-50635 | 2025-12-09 | powerpc/kprobes: Fix null pointer reference in arch_prepare_kprobe() |
| CVE-2022-50636 | 2025-12-09 | PCI: Fix pci_device_is_present() for VFs by checking PF |
| CVE-2022-50637 | 2025-12-09 | cpufreq: qcom-hw: Fix memory leak in qcom_cpufreq_hw_read_lut() |
| CVE-2022-50638 | 2025-12-09 | ext4: fix bug_on in __es_tree_search caused by bad boot loader inode |
| CVE-2022-50639 | 2025-12-09 | io-wq: Fix memory leak in worker creation |
| CVE-2022-50640 | 2025-12-09 | mmc: core: Fix kernel panic when remove non-standard SDIO card |
| CVE-2022-50641 | 2025-12-09 | HSI: omap_ssi: Fix refcount leak in ssi_probe |
| CVE-2022-50642 | 2025-12-09 | platform/chrome: cros_ec_typec: zero out stale pointers |
| CVE-2022-50643 | 2025-12-09 | cifs: Fix xid leak in cifs_copy_file_range() |
| CVE-2022-50644 | 2025-12-09 | clk: ti: dra7-atl: Fix reference leak in of_dra7_atl_clk_probe |
| CVE-2022-50645 | 2025-12-09 | EDAC/i10nm: fix refcount leak in pci_get_dev_wrapper() |
| CVE-2022-50646 | 2025-12-09 | scsi: hpsa: Fix possible memory leak in hpsa_init_one() |
| CVE-2022-50647 | 2025-12-09 | RISC-V: Make port I/O string accessors actually work |
| CVE-2022-50648 | 2025-12-09 | ftrace: Fix recursive locking direct_mutex in ftrace_modify_direct_caller |