CVE List - 2025 / December
Showing 401 - 500 of 3706 CVEs for December 2025 (Page 5 of 38)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2025-66406 | 2025-12-03 | Improper Authorization Check for SSH Certificate Revocation |
| CVE-2025-66411 | 2025-12-03 | Coder logged sensitive objects unsanitized |
| CVE-2025-66453 | 2025-12-03 | Rhino vulnerable high CPU usage and potential DoS when passing specific numbers to toFixed() function |
| CVE-2025-65027 | 2025-12-03 | RomM Chained XSS and CSRF Vulnerabilities Enable Admin Account Takeover |
| CVE-2025-61727 | 2025-12-03 | Improper application of excluded DNS name constraints when verifying wildcard names in crypto/x509 |
| CVE-2025-12385 | 2025-12-03 | Improper validation of <img> tag size in Text component parser |
| CVE-2025-65096 | 2025-12-03 | RomM Insecure Direct Object Reference (IDOR) Allows Unauthorized Access to Private Collections |
| CVE-2025-65097 | 2025-12-03 | Insecure Direct Object Reference (IDOR) Allows Unauthorized Deletion of User Collections |
| CVE-2025-66489 | 2025-12-03 | Cal.com Authentication Bypass via bad TOTP + password checks |
| CVE-2025-13086 | 2025-12-03 | Improper validation of source IP addresses in OpenVPN version 2.6.0 through 2.6.15 and 2.7_alpha1 through 2.7_rc1 allows an attacker to open a session from a different IP address which did... |
| CVE-2025-66293 | 2025-12-03 | LIBPNG has an out-of-bounds read in png_image_read_composite |
| CVE-2025-66404 | 2025-12-03 | mcp-server-kubernetes potential security issue in exec_in_pod tool |
| CVE-2025-62173 | 2025-12-03 | Authenticated SQL Injection in Endpoint Module Rest API |
| CVE-2025-29268 | 2025-12-04 | ALLNET ALL-RUT22GW v3.3.8 was discovered to store hardcoded credentials in the libicos.so library. |
| CVE-2025-29269 | 2025-12-04 | ALLNET ALL-RUT22GW v3.3.8 was discovered to contain an OS command injection vulnerability via the command parameter in the popen.cgi endpoint. |
| CVE-2025-53963 | 2025-12-04 | An issue was discovered on Thermo Fisher Ion Torrent OneTouch 2 INS1005527 devices. They run an SSH server accessible over the default port 22. The root account has a weak... |
| CVE-2025-54303 | 2025-12-04 | The Thermo Fisher Torrent Suite Django application 5.18.1 has weak default credentials, which are stored as fixtures for the Django ORM API. The ionadmin user account can be used to... |
| CVE-2025-54304 | 2025-12-04 | An issue was discovered on Thermo Fisher Ion Torrent OneTouch 2 INS1005527 devices. When they are powered on, an X11 display server is started. The display server listens on all... |
| CVE-2025-54305 | 2025-12-04 | An issue was discovered in the Thermo Fisher Torrent Suite Django application 5.18.1. One of the middlewares included in this application, LocalhostAuthMiddleware, authenticates users as ionadmin if the REMOTE_ADDR property... |
| CVE-2025-54306 | 2025-12-04 | An issue was discovered in the Thermo Fisher Torrent Suite Django application 5.18.1. A remote code execution vulnerability exists in the network configuration functionality, stemming from insufficient input validation when... |
| CVE-2025-54307 | 2025-12-04 | An issue was discovered in the Thermo Fisher Torrent Suite Django application 5.18.1. The /configure/plugins/plugin/upload/zip/ and /configure/newupdates/offline/bundle/upload/ endpoints allow low-privilege users to upload ZIP files to the server. The plupload_file_upload... |
| CVE-2025-55948 | 2025-12-04 | This vulnerability fundamentally arises from yzcheng90 X-SpringBoot 6.0's implementation of role-based access control (RBAC) through dual dependency on frontend menu systems and backend permission tables, without enforcing atomic synchronization between... |
| CVE-2025-56427 | 2025-12-04 | Directory Traversal vulnerability in ComposioHQ v.0.7.20 allows a remote attacker to obtain sensitive information via the _download_file_or_dir function. |
| CVE-2025-57210 | 2025-12-04 | Incorrect access control in the component ApiPayController.java of platform v1.0.0 allows attackers to access sensitive information via unspecified vectors. |
| CVE-2025-57212 | 2025-12-04 | Incorrect access control in the component ApiOrderService.java of platform v1.0.0 allows attackers to access sensitive information via a crafted request. |
| CVE-2025-57213 | 2025-12-04 | Incorrect access control in the component orderService.queryObject of platform v1.0.0 allows attackers to access sensitive information via a crafted request. |
| CVE-2025-59788 | 2025-12-04 | Cross-site scripting (XSS) vulnerability in a reachable files_pdfviewer example directory in Nextcloud with versions before 22.2.10.33, 23.0.12.29, 24.0.12.28, 25.0.13.23, 26.0.13.20, 27.1.11.20, 28.0.14.11, 29.0.16.8, 30.0.17, 31.0.10, and 32.0.1 allows attackers to... |
| CVE-2025-61148 | 2025-12-04 | An Insecure Direct Object Reference (IDOR) vulnerability in the EduplusCampus 3.0.1 Student Payment API allows authenticated users to access other students personal and financial records by modifying the 'rec_no' parameter... |
| CVE-2025-63361 | 2025-12-04 | Waveshare RS232/485 TO WIFI ETH (B) Serial to Ethernet/Wi-Fi Gateway Firmware V3.1.1.0: HW 4.3.2.1: Webpage V7.04T.07.002880.0301 was discovered to render the Administrator password in plaintext. |
| CVE-2025-63362 | 2025-12-04 | Waveshare RS232/485 TO WIFI ETH (B) Serial to Ethernet/Wi-Fi Gateway Firmware V3.1.1.0: HW 4.3.2.1: Webpage V7.04T.07.002880.0301 allows attackers to set the Administrator password and username as blank values, allowing attackers... |
| CVE-2025-63363 | 2025-12-04 | A lack of Management Frame Protection in Waveshare RS232/485 TO WIFI ETH (B) Serial to Ethernet/Wi-Fi Gateway Firmware V3.1.1.0: HW 4.3.2.1: Webpage V7.04T.07.002880.0301 allows attackers to execute de-authentication attacks, allowing... |
| CVE-2025-63364 | 2025-12-04 | Waveshare RS232/485 TO WIFI ETH (B) Serial to Ethernet/Wi-Fi Gateway Firmware V3.1.1.0: HW 4.3.2.1: Webpage V7.04T.07.002880.0301 was discovered to transmit Administrator credentials in plaintext. |
| CVE-2025-63499 | 2025-12-04 | Alinto Sogo 5.12.3 is vulnerable to Cross Site Scripting (XSS) via the theme parameter. |
| CVE-2025-63681 | 2025-12-04 | open-webui v0.6.33 is vulnerable to Incorrect Access Control. The API /api/tasks/stop/ directly accesses and cancels tasks without verifying user ownership, enabling attackers (a normal user) to stop arbitrary LLM response... |
| CVE-2025-63896 | 2025-12-04 | An issue in the Bluetooth Human Interface Device (HID) of JXL 9 Inch Car Android Double Din Player Android v12.0 allows attackers to inject arbitrary keystrokes via a spoofed Bluetooth... |
| CVE-2025-65346 | 2025-12-04 | alexusmai laravel-file-manager 3.3.1 and below is vulnerable to Directory Traversal. The unzip/extraction functionality improperly allows archive contents to be written to arbitrary locations on the filesystem due to insufficient validation... |
| CVE-2025-65516 | 2025-12-04 | A stored cross-site scripting (XSS) vulnerability was discovered in Seafile Community Edition prior to version 13.0.12. When Seafile is configured with the Golang file server, an attacker can upload a... |
| CVE-2025-65637 | 2025-12-04 | A denial-of-service vulnerability exists in github.com/sirupsen/logrus when using Entry.Writer() to log a single-line payload larger than 64KB without newline characters. Due to limitations in the internal bufio.Scanner, the read fails... |
| CVE-2025-65806 | 2025-12-04 | The E-POINT CMS eagle.gsam-1169.1 file upload feature improperly handles nested archive files. An attacker can upload a nested ZIP (a ZIP containing another ZIP) where the inner archive contains an... |
| CVE-2025-65883 | 2025-12-04 | A vulnerability has been identified in Genexis Platinum P4410 router (Firmware P4410-V2–1.41) that allows a local network attacker to achieve Remote Code Execution (RCE) with root privileges. The issue occurs... |
| CVE-2025-65899 | 2025-12-04 | Kalmia CMS version 0.2.0 contains a user enumeration vulnerability in its authentication mechanism. The application returns different error messages for invalid users (user_not_found) versus valid users with incorrect passwords (invalid_password).... |
| CVE-2025-65900 | 2025-12-04 | Kalmia CMS version 0.2.0 contains an Incorrect Access Control vulnerability in the /kal-api/auth/users API endpoint. Due to insufficient permission validation and excessive data exposure in the backend, an authenticated user... |
| CVE-2025-66373 | 2025-12-04 | Akamai Ghost on Akamai CDN edge servers before 2025-11-17 has a chunked request body processing error that can result in HTTP request smuggling. When Akamai Ghost receives an invalid chunked... |
| CVE-2025-11379 | 2025-12-04 | WebP Express <= 0.25.9 - Unauthenticated Information Exposure |
| CVE-2025-11727 | 2025-12-04 | Omnichannel for WooCommerce: Google, Amazon, eBay & Walmart Integration - Powered by Codisto <= 1.3.65 - Unauthenticated Stored Cross-Site Scripting |
| CVE-2025-13513 | 2025-12-04 | Clik stats <= 0.8 - Reflected Cross-Site Scripting via $_SERVER['PHP_SELF'] |
| CVE-2025-12782 | 2025-12-04 | Beaver Builder – WordPress Page Builder <= 2.9.4 - Missing Authorization to Authenticated (Contributor+) Builder Status Tampering |
| CVE-2025-12826 | 2025-12-04 | Custom Post Type UI <= 1.18.0 - Missing Authorization to Unauthenticated (Previously Administrator+) Custom Post Type Modification |
| CVE-2025-14010 | 2025-12-04 | Ansible-collection-community-general: ansible-collection-community-general: keycloak user module leaks credentials in verbose output |
| CVE-2025-41079 | 2025-12-04 | Multiple vulnerabilities in Seafile |
| CVE-2025-41080 | 2025-12-04 | Multiple vulnerabilities in Seafile |
| CVE-2025-11222 | 2025-12-04 | Central Dogma versions before 0.78.0 contain an Open Redirect vulnerability that allows attackers to redirect users to untrusted sites via specially crafted URLs, potentially facilitating phishing attacks and credential theft. |
| CVE-2025-40214 | 2025-12-04 | af_unix: Initialise scc_index in unix_add_edge(). |
| CVE-2025-40215 | 2025-12-04 | xfrm: delete x->tunnel as we delete x |
| CVE-2025-14004 | 2025-12-04 | dayrui XunRuiCMS Email Setting admind45f74adbd95.php server-side request forgery |
| CVE-2025-14005 | 2025-12-04 | dayrui XunRuiCMS Add Display Name Field admind45f74adbd95.php cross site scripting |
| CVE-2025-40216 | 2025-12-04 | io_uring/rsrc: don't rely on user vaddr alignment |
| CVE-2024-45538 | 2025-12-04 | Cross-Site Request Forgery (CSRF) vulnerability in WebAPI Framework in Synology DiskStation Manager (DSM) before 7.2.1-69057-2 and 7.2.2-72806 and Synology Unified Controller (DSMUC) before 3.1.4-23079 allows remote attackers to execute arbitrary... |
| CVE-2024-45539 | 2025-12-04 | Out-of-bounds write vulnerability in cgi components in Synology DiskStation Manager (DSM) before 7.2.1-69057-2 and 7.2.2-72806 and Synology Unified Controller (DSMUC) before 3.1.4-23079 allows remote attackers to conduct denial-of-service attacks via... |
| CVE-2024-5401 | 2025-12-04 | Improper control of dynamically-managed code resources vulnerability in WebAPI component in Synology DiskStation Manager (DSM) before 7.1.1-42962-8 and 7.2.1-69057-2 and 7.2.2-72806 and Synology Unified Controller (DSMUC) before 3.1.4-23079 allows remote... |
| CVE-2025-14006 | 2025-12-04 | dayrui XunRuiCMS Add Data Validation admind45f74adbd95.php cross site scripting |
| CVE-2025-14007 | 2025-12-04 | dayrui XunRuiCMS Domain Name Binding admin79f2ec220c7e.php cross site scripting |
| CVE-2025-40217 | 2025-12-04 | pidfs: validate extensible ioctls |
| CVE-2025-40218 | 2025-12-04 | mm/damon/vaddr: do not repeat pte_offset_map_lock() until success |
| CVE-2025-40219 | 2025-12-04 | PCI/IOV: Add PCI rescan-remove locking when enabling/disabling SR-IOV |
| CVE-2025-40220 | 2025-12-04 | fuse: fix livelock in synchronous file put from fuseblk workers |
| CVE-2025-40221 | 2025-12-04 | media: pci: mg4b: fix uninitialized iio scan data |
| CVE-2025-29843 | 2025-12-04 | A vulnerability in FileStation thumb cgi allows remote authenticated users to read/write image files. |
| CVE-2025-29844 | 2025-12-04 | A vulnerability in FileStation file cgi allows remote authenticated users to read file metadata and path information. |
| CVE-2025-29845 | 2025-12-04 | A vulnerability in VideoPlayer2 subtitle cgi allows remote authenticated users to read .srt files. |
| CVE-2025-29846 | 2025-12-04 | A vulnerability in portenable cgi allows remote authenticated users to get the status of installed packages. |
| CVE-2025-14008 | 2025-12-04 | dayrui XunRuiCMS Project Domain Change Test admin79f2ec220c7e.php server-side request forgery |
| CVE-2025-2848 | 2025-12-04 | A vulnerability in Synology Mail Server allows remote authenticated attackers to read and write non-sensitive settings, and disable some non-critical functions. |
| CVE-2025-54158 | 2025-12-04 | Missing authentication for critical function vulnerability in BeeDrive in Synology BeeDrive for desktop before 1.4.2-13960 allows local users to execute arbitrary code via unspecified vectors. |
| CVE-2025-54159 | 2025-12-04 | Missing authorization vulnerability in BeeDrive in Synology BeeDrive for desktop before 1.4.2-13960 allows remote attackers to delete arbitrary files via unspecified vectors. |
| CVE-2025-54160 | 2025-12-04 | Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in BeeDrive in Synology BeeDrive for desktop before 1.4.2-13960 allows local users to execute arbitrary code via unspecified... |
| CVE-2025-8074 | 2025-12-04 | Origin validation error vulnerability in BeeDrive in Synology BeeDrive for desktop before 1.4.3-13973 allows local users to write arbitrary files with non-sensitive information via unspecified vectors. |
| CVE-2025-40222 | 2025-12-04 | tty: serial: sh-sci: fix RSCI FIFO overrun handling |
| CVE-2025-40223 | 2025-12-04 | most: usb: Fix use-after-free in hdm_disconnect |
| CVE-2025-40224 | 2025-12-04 | hwmon: (cgbc-hwmon) Add missing NULL check after devm_kzalloc() |
| CVE-2025-40225 | 2025-12-04 | drm/panthor: Fix kernel panic on partial unmap of a GPU VA region |
| CVE-2025-40226 | 2025-12-04 | firmware: arm_scmi: Account for failed debug initialization |
| CVE-2025-40227 | 2025-12-04 | mm/damon/sysfs: dealloc commit test ctx always |
| CVE-2025-40228 | 2025-12-04 | mm/damon/sysfs: catch commit test ctx alloc failure |
| CVE-2025-40229 | 2025-12-04 | mm/damon/core: fix potential memory leak by cleaning ops_filter in damon_destroy_scheme |
| CVE-2025-40230 | 2025-12-04 | mm: prevent poison consumption when splitting THP |
| CVE-2025-40231 | 2025-12-04 | vsock: fix lock inversion in vsock_assign_transport() |
| CVE-2025-40232 | 2025-12-04 | rv: Fully convert enabled_monitors to use list_head as iterator |
| CVE-2025-40233 | 2025-12-04 | ocfs2: clear extent cache after moving/defragmenting extents |
| CVE-2025-40234 | 2025-12-04 | platform/x86: alienware-wmi-wmax: Fix NULL pointer dereference in sleep handlers |
| CVE-2025-40235 | 2025-12-04 | btrfs: directly free partially initialized fs_info in btrfs_check_leaked_roots() |
| CVE-2025-40236 | 2025-12-04 | virtio-net: zero unused hash fields |
| CVE-2025-40237 | 2025-12-04 | fs/notify: call exportfs_encode_fid with s_umount |
| CVE-2025-40238 | 2025-12-04 | net/mlx5: Fix IPsec cleanup over MPV device |
| CVE-2025-40239 | 2025-12-04 | net: phy: micrel: always set shared->phydev for LAN8814 |
| CVE-2025-40240 | 2025-12-04 | sctp: avoid NULL dereference when chunk data buffer is missing |
| CVE-2025-40241 | 2025-12-04 | erofs: fix crafted invalid cases for encoded extents |
| CVE-2025-40242 | 2025-12-04 | gfs2: Fix unlikely race in gdlm_put_lock |
| CVE-2025-40243 | 2025-12-04 | hfs: fix KMSAN uninit-value issue in hfs_find_set_zero_bits() |
| CVE-2025-40244 | 2025-12-04 | hfsplus: fix KMSAN uninit-value issue in __hfsplus_ext_cache_extent() |