CVE List - 2025 / December
Showing 2701 - 2800 of 3706 CVEs for December 2025 (Page 28 of 38)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2025-10889 | 2025-12-15 | CATPART File Parsing Memory Corruption Vulnerability |
| CVE-2025-10898 | 2025-12-15 | MODEL File Parsing Out-of-Bounds Write Vulnerability |
| CVE-2025-10899 | 2025-12-15 | MODEL File Parsing Out-of-Bounds Write Vulnerability |
| CVE-2025-10900 | 2025-12-15 | MODEL File Parsing Out-of-Bounds Write Vulnerability |
| CVE-2025-29231 | 2025-12-16 | A stored cross-site scripting (XSS) vulnerability in the page_save component of Linksys E5600 V1.1.0.26 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the... |
| CVE-2025-50398 | 2025-12-16 | Mercury D196G d196gv1-cn-up_2020-01-09_11.21.44 is vulnerable to Buffer Overflow in the function sub_404CAEDC via the parameter fac_password. |
| CVE-2025-50401 | 2025-12-16 | Mercury D196G d196gv1-cn-up_2020-01-09_11.21.44 is vulnerable to Buffer Overflow in the function sub_404CAEDC via the parameter password. |
| CVE-2025-52196 | 2025-12-16 | Server-Side Request Forgery (SSRF) vulnerability in Ctera Portal 8.1.x (8.1.1417.24) allows remote attackers to induce the server to make arbitrary HTTP requests via a crafted HTML file containing an iframe. |
| CVE-2025-62862 | 2025-12-16 | Ampere AmpereOne AC03 devices before 3.5.9.3, AmpereOne AC04 devices before 4.4.5.2, and AmpereOne M devices before 5.4.5.1 allow an incorrectly formed SMC call to UEFI-MM Boot Error Record Table driver... |
| CVE-2025-62863 | 2025-12-16 | Ampere AmpereOne AC03 devices before 3.5.9.3, AmpereOne AC04 devices before 4.4.5.2, and AmpereOne M devices before 5.4.5.1 allow an incorrectly formed SMC call to UEFI-MM PCIe driver that could result... |
| CVE-2025-62864 | 2025-12-16 | Ampere AmpereOne AC03 devices before 3.5.9.3, AmpereOne AC04 devices before 4.4.5.2, and AmpereOne M devices before 5.4.5.1 allow an incorrectly formed SMC call to UEFI-MM MMCommunicate service that could result... |
| CVE-2025-63414 | 2025-12-16 | A Path Traversal vulnerability in the Allsky WebUI version v2024.12.06_06 allows an unauthenticated remote attacker to achieve arbitrary command execution. By sending a crafted HTTP request to the /html/execute.php endpoint... |
| CVE-2025-64012 | 2025-12-16 | InvoicePlane commit debb446c is vulnerable to Incorrect Access Control. The invoices/view handler fails to verify ownership before returning invoice data. |
| CVE-2025-65318 | 2025-12-16 | When using the attachment interaction functionality, Canary Mail 5.1.40 and below saves documents to a file system without a Mark-of-the-Web tag, which allows attackers to bypass the built-in file protection... |
| CVE-2025-65319 | 2025-12-16 | When using the attachment interaction functionality, Blue Mail 1.140.103 and below saves documents to a file system without a Mark-of-the-Web tag, which allows attackers to bypass the built-in file protection... |
| CVE-2025-65427 | 2025-12-16 | An issue was discovered in Dbit N300 T1 Pro Easy Setup Wireless Wi-Fi Router on firmware version V1.0.0 does not implement rate limiting to /api/login allowing attackers to brute force... |
| CVE-2025-65581 | 2025-12-16 | An open redirect vulnerability exists in the Account module in Volosoft ABP Framework >= 5.1.0 and < 10.0.0-rc.2. Improper validation of the returnUrl parameter in the register function allows an... |
| CVE-2025-65589 | 2025-12-16 | nopCommerce 4.90.0 is vulnerable to Cross Site Scripting (XSS) via the Attributes functionality. |
| CVE-2025-65590 | 2025-12-16 | nopCommerce 4.90.0 is vulnerable to Cross Site Scripting (XSS) via the Blog posts functionality in the Content Management area. |
| CVE-2025-65591 | 2025-12-16 | nopCommerce 4.90.0 is vulnerable to Cross Site Scripting (XSS) via the Currencies functionality. |
| CVE-2025-65592 | 2025-12-16 | nopCommerce 4.90.0 is vulnerable to Cross Site Scripting (XSS) in the product management functionality. Malicious payloads inserted into the "Product Name" and "Short Description" fields are stored in the backend... |
| CVE-2025-65593 | 2025-12-16 | nopCommerce 4.90.0 is vulnerable to Cross Site Request Forgery (CSRF) via the Schedule Tasks functionality. |
| CVE-2025-65834 | 2025-12-16 | Meltytech Shotcut 25.10.31 is vulnerable to Buffer Overflow. A memory access violation occurs when processing MLT project files with manipulated width and height parameters. By setting these values to extremely... |
| CVE-2025-67492 | 2025-12-16 | Weblate's over‑permissive webhook endpoint enables mass repository updates and component enumeration |
| CVE-2025-67715 | 2025-12-16 | Weblate has Systematic User and Project Enumeration via Broken Authorization in REST API (IDOR) |
| CVE-2025-66449 | 2025-12-16 | ConvertX has Path Traversal that leads to Arbitrary File Write and Arbitrary Code Execution |
| CVE-2025-67722 | 2025-12-16 | Authenticated amportal search for ‘freepbx_engine’ in non root writeable directories leads to potential privilege escalation |
| CVE-2025-67735 | 2025-12-16 | Netty has a CRLF Injection vulnerability in io.netty.handler.codec.http.HttpRequestEncoder |
| CVE-2025-67736 | 2025-12-16 | Authenticated SQL Injection in FreePBX tts (Text To Speech) module |
| CVE-2025-67747 | 2025-12-16 | Fickling has missing detection for marshal.loads and types.FunctionType in unsafe modules list |
| CVE-2025-14758 | 2025-12-16 | Initialization of a Resource with an Insecure Default in YAOOK |
| CVE-2025-67748 | 2025-12-16 | Fickling has Code Injection vulnerability via pty.spawn() |
| CVE-2025-67744 | 2025-12-16 | Mermaid XSS vulnerability leads to Remote Code Execution |
| CVE-2025-67874 | 2025-12-16 | ChurchCRM has plaintext password return in response |
| CVE-2025-67751 | 2025-12-16 | ChurchCRM has SQL Injection in Event Editor via `EN_tyid` Parameter caused by an Incomplete Fix |
| CVE-2025-68113 | 2025-12-16 | ALTCHA Proof-of-Work Vulnerable to Challenge Splicing and Replay |
| CVE-2025-68115 | 2025-12-16 | Parse Server vulnerable to Cross-Site Scripting (XSS) via Unescaped Mustache Template Variables |
| CVE-2025-14746 | 2025-12-16 | Ningyuanda TC155 RTSP Live Video Stream Endpoint improper authentication |
| CVE-2025-14747 | 2025-12-16 | Ningyuanda TC155 RTSP Service denial of service |
| CVE-2025-62849 | 2025-12-16 | QTS, QuTS hero |
| CVE-2025-62848 | 2025-12-16 | QTS, QuTS hero |
| CVE-2025-62847 | 2025-12-16 | QTS, QuTS hero |
| CVE-2025-59385 | 2025-12-16 | QTS, QuTS hero |
| CVE-2025-14748 | 2025-12-16 | Ningyuanda TC155 ONVIF Device Management Service device_service access control |
| CVE-2025-14749 | 2025-12-16 | Ningyuanda TC155 ONVIF PTZ Control device_service access control |
| CVE-2025-13956 | 2025-12-16 | LearnPress – WordPress LMS Plugin <= 4.3.1 - Missing Authorization to Unauthenticated Orders Statistics Exposure |
| CVE-2025-61976 | 2025-12-16 | CHOCO TEI WATCHER mini (IB-MCT001) contains an issue with improper check for unusual or exceptional conditions. If a remote attacker sends a specially crafted request to the Video Download interface,... |
| CVE-2025-59479 | 2025-12-16 | CHOCO TEI WATCHER mini (IB-MCT001) contains an issue with improper restriction of rendered UI layers or frames. If a user clicks on content on a malicious web page while logged... |
| CVE-2025-66357 | 2025-12-16 | CHOCO TEI WATCHER mini (IB-MCT001) contains an issue with improper check for unusual or exceptional conditions. When the Video Download feature is in a specific communication state, the product's resources... |
| CVE-2025-14777 | 2025-12-16 | Keycloak: keycloak idor in realm client creating/deleting |
| CVE-2025-14252 | 2025-12-16 | An Improper Access Control vulnerability in Advantech SUSI driver (susi.sys) allows attackers to read/write arbitrary memory, I/O ports, and MSRs, resulting in privilege escalation, arbitrary code execution, and information disclosure.... |
| CVE-2025-13794 | 2025-12-16 | Auto Featured Image <= 4.2.1 - Missing Authorization to Authenticated (Contributor+) Post Thumbnail Modification |
| CVE-2025-12809 | 2025-12-16 | dokan pro <= 4.1.3 - Missing Authorization to Unauthenticated Sensitive Information Exposure |
| CVE-2025-62330 | 2025-12-16 | HCL DevOps Deploy is susceptible to a cleartext transmission of sensitive information |
| CVE-2025-66635 | 2025-12-16 | Stack-based buffer overflow vulnerability exists in SEIKO EPSON Web Config. Specially crafted data input by a logged-in user may execute arbitrary code. As for the details of the affected products... |
| CVE-2025-13439 | 2025-12-16 | Fancy Product Designer | WooCommerce WordPress <= 6.4.8 - Unauthenticated Information Disclosure via 'url' Parameter |
| CVE-2025-11991 | 2025-12-16 | JetFormBuilder <= 3.5.3 - Missing Authorization to Unauthenticated Form Generation |
| CVE-2025-49300 | 2025-12-16 | WordPress Traveler Option Tree plugin <= 2.8 - Sensitive Data Exposure vulnerability |
| CVE-2025-54004 | 2025-12-16 | WordPress WCFM – Frontend Manager for WooCommerce plugin <= 6.7.21 - Broken Access Control vulnerability |
| CVE-2025-54005 | 2025-12-16 | WordPress SKT Page Builder plugin <= 4.9 - Broken Access Control vulnerability |
| CVE-2025-54045 | 2025-12-16 | WordPress CM On Demand Search And Replace plugin <= 1.5.4 - Broken Access Control vulnerability |
| CVE-2025-58999 | 2025-12-16 | WordPress WP Attractive Donations System - Easy Stripe & Paypal donations plugin <= 1.25 - Cross Site Request Forgery (CSRF) vulnerability |
| CVE-2025-59001 | 2025-12-16 | WordPress Salient Core plugin <= 3.0.8 - Broken Access Control vulnerability |
| CVE-2025-59009 | 2025-12-16 | WordPress Listify theme <= 3.2.5 - Cross Site Request Forgery (CSRF) vulnerability |
| CVE-2025-64237 | 2025-12-16 | WordPress Quick Interest Slider plugin <= 3.1.5 - Cross Site Request Forgery (CSRF) vulnerability |
| CVE-2025-64238 | 2025-12-16 | WordPress WPS Bidouille plugin <= 1.33.1 - Broken Access Control vulnerability |
| CVE-2025-64239 | 2025-12-16 | WordPress RTL Tester plugin <= 1.2 - Cross Site Request Forgery (CSRF) vulnerability |
| CVE-2025-64240 | 2025-12-16 | WordPress Freshchat plugin <= 2.3.4 - Cross Site Request Forgery (CSRF) vulnerability |
| CVE-2025-64241 | 2025-12-16 | WordPress WP Coupons and Deals plugin <= 3.2.4 - Broken Access Control vulnerability |
| CVE-2025-64242 | 2025-12-16 | WordPress Easy Property Listings plugin <= 3.5.15 - Broken Access Control vulnerability |
| CVE-2025-64243 | 2025-12-16 | WordPress Directory Pro plugin <= 2.5.6 - Broken Access Control vulnerability |
| CVE-2025-64244 | 2025-12-16 | WordPress Restrict Elementor Widgets, Columns and Sections plugin <= 1.12 - Broken Access Control vulnerability |
| CVE-2025-64245 | 2025-12-16 | WordPress Import external attachments plugin <= 1.5.12 - Broken Access Control vulnerability |
| CVE-2025-64246 | 2025-12-16 | WordPress Accessibility by AudioEye plugin <= 1.0.49 - Broken Access Control vulnerability |
| CVE-2025-64247 | 2025-12-16 | WordPress Read More & Accordion plugin <= 3.5.4.1 - Broken Access Control vulnerability |
| CVE-2025-64248 | 2025-12-16 | WordPress Request a Quote plugin <= 2.5.3 - Broken Access Control vulnerability |
| CVE-2025-64249 | 2025-12-16 | WordPress Protect WP Admin plugin <= 4.1 - Broken Access Control vulnerability |
| CVE-2025-64250 | 2025-12-16 | WordPress Directorist plugin <= 8.5.6 - Open Redirection vulnerability |
| CVE-2025-64251 | 2025-12-16 | WordPress Ultimate Learning Pro plugin <= 3.9.3 - Arbitrary Content Deletion vulnerability |
| CVE-2025-64253 | 2025-12-16 | WordPress Health Check & Troubleshooting plugin <= 1.7.1 - Path Traversal vulnerability |
| CVE-2025-64630 | 2025-12-16 | WordPress Business Directory plugin <= 6.4.19 - Broken Access Control vulnerability |
| CVE-2025-64631 | 2025-12-16 | WordPress WCFM Marketplace plugin <= 3.6.15 - Broken Access Control vulnerability |
| CVE-2025-64632 | 2025-12-16 | WordPress Google XML Sitemaps plugin <= 4.1.21 - Broken Access Control vulnerability |
| CVE-2025-64633 | 2025-12-16 | WordPress Norebro Extra plugin <= 1.6.8 - Content Injection vulnerability |
| CVE-2025-64634 | 2025-12-16 | WordPress Avada theme <= 7.13.1 - Broken Access Control vulnerability |
| CVE-2025-64635 | 2025-12-16 | WordPress Feeds for YouTube plugin <= 2.4.0 - Broken Access Control vulnerability |
| CVE-2025-64638 | 2025-12-16 | WordPress OnPay.io for WooCommerce plugin <= 1.0.47 - Broken Access Control vulnerability |
| CVE-2025-64639 | 2025-12-16 | WordPress WP Compress for MainWP plugin <= 6.50.07 - Broken Access Control vulnerability |
| CVE-2025-66120 | 2025-12-16 | WordPress CatFolders plugin <= 2.5.3 - Broken Access Control vulnerability |
| CVE-2025-66121 | 2025-12-16 | WordPress SiteGround Security plugin <= 1.5.8 - Broken Access Control vulnerability |
| CVE-2025-66122 | 2025-12-16 | WordPress Stylish Price List plugin <= 7.2.2 - Broken Access Control vulnerability |
| CVE-2025-66124 | 2025-12-16 | WordPress Leaky Paywall plugin <= 4.22.5 - Broken Access Control vulnerability |
| CVE-2025-66125 | 2025-12-16 | WordPress Ultimate Auction plugin <= 4.3.2 - Sensitive Data Exposure vulnerability |
| CVE-2025-66126 | 2025-12-16 | WordPress Fix Media Library plugin <= 2.0 - Sensitive Data Exposure vulnerability |
| CVE-2025-66127 | 2025-12-16 | WordPress Essential Real Estate plugin <= 5.2.2 - Broken Access Control vulnerability |
| CVE-2025-66128 | 2025-12-16 | WordPress Sendinblue for WooCommerce plugin <= 4.0.49 - Broken Access Control vulnerability |
| CVE-2025-66129 | 2025-12-16 | WordPress Pochipp plugin <= 1.18.0 - Broken Access Control vulnerability |
| CVE-2025-66130 | 2025-12-16 | WordPress WP Views Counter plugin <= 2.1.2 - Broken Access Control vulnerability |
| CVE-2025-66131 | 2025-12-16 | WordPress Yaad Sarig Payment Gateway For WC plugin <= 2.2.10 - Broken Access Control vulnerability |
| CVE-2025-66132 | 2025-12-16 | WordPress FAPI Member plugin <= 2.2.26 - Insecure Direct Object References (IDOR) vulnerability |