CVE List - 2025 / December
Showing 3201 - 3300 of 3706 CVEs for December 2025 (Page 33 of 38)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2025-67875 | 2025-12-17 | ChurchCRM has stored XSS via Person Property Assignment Leading to Admin Session Hijacking |
| CVE-2025-67876 | 2025-12-17 | ChurchCRM has Stored XSS in Group Role Name Leading to Admin Session Hijacking |
| CVE-2025-67877 | 2025-12-17 | ChurchCRM SQL Injection Vulnerability |
| CVE-2025-68109 | 2025-12-17 | ChurchCRM vulnerable to RCE with database restore functionality |
| CVE-2025-68110 | 2025-12-17 | ChurchCRM discloses database information on error message |
| CVE-2025-68111 | 2025-12-17 | ChurchCRM has SQL Injection in eGive Import Feature |
| CVE-2025-68112 | 2025-12-17 | ChurchCRM has SQL injection in EditEventAttendees.php |
| CVE-2025-68399 | 2025-12-17 | ChurchCRM has Stored Cross-Site Scripting (XSS) In GroupEditor.php |
| CVE-2025-68400 | 2025-12-17 | ChurchCRM vulnerable to time-based blind SQL Injection in ConfirmReportEmail.php |
| CVE-2025-68401 | 2025-12-17 | ChurchCRM has Stored Cross-Site Scripting (XSS) vulnerability that leads to session theft and account takeover |
| CVE-2025-68275 | 2025-12-17 | ChurchCRM vulnerable to Stored XSS - Group name > Person Listing |
| CVE-2025-68118 | 2025-12-17 | Potential Heap Out-of-Bounds Read in freerdp_certificate_data_hash_ via Unsafe _snprintf Usage |
| CVE-2025-14832 | 2025-12-17 | itsourcecode Online Cake Ordering System updateproduct.php sql injection |
| CVE-2025-68129 | 2025-12-17 | Auth0-PHP SDK has Improper Audience Validation |
| CVE-2025-68143 | 2025-12-17 | mcp-server-git's unrestricted git_init tool allows repository creation at arbitrary filesystem locations |
| CVE-2025-68144 | 2025-12-17 | mcp-server-git argument injection in git_diff and git_checkout functions allows overwriting local files |
| CVE-2025-68145 | 2025-12-17 | mcp-server-git has missing path validation when using --repository flag |
| CVE-2025-68147 | 2025-12-17 | opensourcepos has a Cross-site Scripting vulnerability |
| CVE-2025-68434 | 2025-12-17 | opensourcepos has Cross-Site Request Forgery vulnerability that leads to Unauthorized Administrator Creation |
| CVE-2025-68429 | 2025-12-17 | Storybook manager bundle may expose environment variables during build |
| CVE-2025-14833 | 2025-12-17 | code-projects Online Appointment Booking System deletemanagerclinic.php sql injection |
| CVE-2025-66029 | 2025-12-17 | Open OnDemand affected by Apache proxy passing sensitive headers |
| CVE-2023-53904 | 2025-12-17 | Xenforo 2.2.13 Authenticated Stored Cross-Site Scripting via Smilie Categories |
| CVE-2023-53905 | 2025-12-17 | ProjectSend r1605 CSV Injection via User Account Export Functionality |
| CVE-2023-53906 | 2025-12-17 | ProjectSend r1605 Stored Cross-Site Scripting via Custom Assets Page |
| CVE-2023-53907 | 2025-12-17 | Bludit 3.13.1 Authenticated Arbitrary File Download via Backup Plugin |
| CVE-2023-53908 | 2025-12-17 | HiSecOS 04.0.01 Privilege Escalation via User Role Modification |
| CVE-2023-53909 | 2025-12-17 | WBCE CMS 1.6.1 SVG File Content Cross-Site Scripting |
| CVE-2023-53910 | 2025-12-17 | WBCE CMS 1.6.1 Stored Cross-Site Scripting via Page Content |
| CVE-2023-53911 | 2025-12-17 | Textpattern CMS 4.8.8 Authenticated Stored Cross-Site Scripting via Article Excerpt |
| CVE-2023-53912 | 2025-12-17 | USB Flash Drives Control 4.1.0.0 Unquoted Service Path Privilege Escalation |
| CVE-2023-53913 | 2025-12-17 | Rukovoditel 3.3.1 CSV Injection via User Account Export |
| CVE-2023-53914 | 2025-12-17 | UliCMS 2023.1 Authentication Bypass via Mass Assignment Vulnerability |
| CVE-2023-53915 | 2025-12-17 | Zenphoto 1.6 Stored Cross-Site Scripting via Album Description |
| CVE-2023-53916 | 2025-12-17 | Zenphoto 1.6 Stored Cross-Site Scripting via User Postal Code Field |
| CVE-2023-53918 | 2025-12-17 | PodcastGenerator Stored Cross-Site Scripting via Episode Title Field |
| CVE-2023-53919 | 2025-12-17 | PodcastGenerator Stored Cross-Site Scripting via Freebox Content Field |
| CVE-2023-53920 | 2025-12-17 | PodcastGenerator Stored Cross-Site Scripting via Podcast Title Field |
| CVE-2023-53921 | 2025-12-17 | SitemagicCMS 4.4.3 Remote Code Execution via Unrestricted File Upload |
| CVE-2023-53922 | 2025-12-17 | TinyWebGallery v2.5 Remote Code Execution via Unrestricted File Upload |
| CVE-2023-53923 | 2025-12-17 | UliCMS 2023.1 Privilege Escalation via Unauthenticated Admin Account Creation |
| CVE-2023-53924 | 2025-12-17 | UliCMS 2023.1-sniffing-vicuna Remote Code Execution via Avatar Upload |
| CVE-2023-53925 | 2025-12-17 | UliCMS 2023.1 Stored Cross-Site Scripting via SVG File Upload |
| CVE-2023-53926 | 2025-12-17 | PHPJabbers Simple CMS 5.0 SQL Injection via Column Parameter |
| CVE-2023-53927 | 2025-12-17 | PHPJabbers Simple CMS 5.0 Stored Cross-Site Scripting via Section Creation |
| CVE-2023-53928 | 2025-12-17 | PHPFusion 9.10.30 Stored Cross-Site Scripting via File Manager Upload |
| CVE-2023-53929 | 2025-12-17 | phpMyFAQ 3.1.12 CSV Injection via User Profile Export |
| CVE-2023-53930 | 2025-12-17 | ProjectSend r1605 Insecure Direct Object Reference File Download Vulnerability |
| CVE-2023-53931 | 2025-12-17 | Revive Adserver 5.4.1 Cross-Site Scripting via Banner Advanced Settings |
| CVE-2023-53932 | 2025-12-17 | Serendipity 2.4.0 Stored Cross-Site Scripting via Admin Entry Creation |
| CVE-2023-53933 | 2025-12-17 | Serendipity 2.4.0 Authenticated Remote Code Execution via File Upload |
| CVE-2025-68432 | 2025-12-17 | Zed IDE LSP Binary Configuration Arbitrary Code Execution |
| CVE-2023-53917 | 2025-12-17 | Affiliate Me 5.0.1 SQL Injection Vulnerability via Admin Panel |
| CVE-2025-68433 | 2025-12-17 | Zed IDE MCP Context Server Configuration Arbitrary Code Execution |
| CVE-2025-14834 | 2025-12-17 | code-projects Simple Stock System checkuser.php sql injection |
| CVE-2025-14836 | 2025-12-17 | ZZCMS User Data Storage user_save.php cleartext storage in a file or on disk |
| CVE-2025-68435 | 2025-12-17 | Zerobyte has Authentication Bypass by Primary Weakness |
| CVE-2025-14837 | 2025-12-17 | ZZCMS Backend Website Settings siteconfig.php stripfxg code injection |
| CVE-2025-14202 | 2025-12-17 | Cross-Site Request Forgery (CSRF) Leading to Account Takeover via SVG File Upload |
| CVE-2025-56157 | 2025-12-18 | Default credentials in Dify thru 1.5.1. PostgreSQL username and password specified in the docker-compose.yaml file included in its source code. |
| CVE-2025-63386 | 2025-12-18 | A Cross-Origin Resource Sharing (CORS) misconfiguration vulnerability exists in Dify v1.9.1 in the /console/api/setup endpoint. The endpoint implements an insecure CORS policy that reflects any Origin header and enables Access-Control-Allow-Credentials:... |
| CVE-2025-63387 | 2025-12-18 | Dify v1.9.1 is vulnerable to Insecure Permissions. An unauthenticated attacker can directly send HTTP GET requests to the /console/api/system-features endpoint without any authentication credentials or session tokens. The endpoint fails... |
| CVE-2025-63388 | 2025-12-18 | A Cross-Origin Resource Sharing (CORS) misconfiguration vulnerability exists in Dify v1.9.1 in the /console/api/system-features endpoint. The endpoint implements an overly permissive CORS policy that reflects arbitrary Origin headers and sets... |
| CVE-2025-63389 | 2025-12-18 | A critical authentication bypass vulnerability exists in Ollama platform's API endpoints in versions prior to and including v0.12.3. The platform exposes multiple API endpoints without requiring authentication, enabling remote attackers... |
| CVE-2025-63390 | 2025-12-18 | An authentication bypass vulnerability exists in AnythingLLM v1.8.5 in via the /api/workspaces endpoint. The endpoint fails to implement proper authentication checks, allowing unauthenticated remote attackers to enumerate and retrieve detailed... |
| CVE-2025-63391 | 2025-12-18 | An authentication bypass vulnerability exists in Open-WebUI <=0.6.32 in the /api/config endpoint. The endpoint lacks proper authentication and authorization controls, exposing sensitive system configuration data to unauthenticated remote attackers. |
| CVE-2025-63757 | 2025-12-18 | Integer overflow vulnerability in the yuv2ya16_X_c_template function in libswscale/output.c in FFmpeg 8.0. |
| CVE-2025-63947 | 2025-12-18 | A Reflected Cross-Site Scripting (XSS) vulnerability exists in phpMsAdmin version 2.2 in the database_mode.php file. An attacker can execute arbitrary web script or HTML via the dbname parameter after a... |
| CVE-2025-63948 | 2025-12-18 | A SQL Injection vulnerability exists in phpMsAdmin version 2.2 in the database_mode.php file. An attacker can execute arbitrary SQL commands via the dbname parameter, potentially leading to information disclosure or... |
| CVE-2025-63949 | 2025-12-18 | A Reflected Cross-Site Scripting (XSS) vulnerability in yohanawi Hotel Management System (commit 87e004a) allows a remote attacker to execute arbitrary web script via the 'error' parameter in pages/room.php. |
| CVE-2025-63950 | 2025-12-18 | An insecure deserialization vulnerability exists in the download.php script of the to3k Twittodon application through commit b1c58a7d1dc664b38deb486ca290779621342c0b (2023-02-28). The 'obj' parameter receives base64-encoded data that is passed directly to the... |
| CVE-2025-63951 | 2025-12-18 | An insecure deserialization vulnerability exists in the rss-mp3.php script of the MiczFlor RPi-Jukebox-RFID project through commit 4b2334f0ae0e87c0568876fc41c48c38aa9a7014 (2025-10-07). The 'rss' GET parameter receives data that is passed directly to the... |
| CVE-2025-65559 | 2025-12-18 | An issue was discovered in Open5GS 2.7.5-49-g465e90f, when processing a PFCP Session Establishment Request (type=50), the UPF crashes with a reachable assertion in `lib/pfcp/context.c` (`ogs_pfcp_object_teid_hash_set`) if the CreatePDR?PDI?F-TEID has CH=1... |
| CVE-2025-65561 | 2025-12-18 | An issue was discovered in function LocalNode.Sess in free5GC 4.1.0 allowing attackers to cause a denial of service or other unspecified impacts via crafted header Local SEID to the PFCP... |
| CVE-2025-65562 | 2025-12-18 | The free5GC UPF suffers from a lack of bounds checking on the SEID when processing PFCP Session Deletion Requests. An unauthenticated remote attacker can send a request with a very... |
| CVE-2025-65563 | 2025-12-18 | A denial-of-service vulnerability exists in the omec-project UPF (component upf-epc/pfcpiface) up to at least version upf-epc-pfcpiface:2.1.3-dev. When the UPF receives a PFCP Association Setup Request that is missing the mandatory... |
| CVE-2025-65564 | 2025-12-18 | A denial-of-service vulnerability exists in the omec-upf (upf-epc-pfcpiface) in version upf-epc-pfcpiface:2.1.3-dev. When the UPF receives a PFCP Association Setup Request that is missing the mandatory Recovery Time Stamp Information Element,... |
| CVE-2025-65565 | 2025-12-18 | A denial-of-service vulnerability exists in the omec-project UPF (pfcpiface component) in version upf-epc-pfcpiface:2.1.3-dev. After PFCP association is established, a PFCP Session Establishment Request that is missing the mandatory F-SEID (CPF-SEID)... |
| CVE-2025-65566 | 2025-12-18 | A denial-of-service vulnerability exists in the omec-project UPF (pfcpiface component) in version upf-epc-pfcpiface:2.1.3-dev. When the UPF receives a PFCP Session Report Response that is missing the mandatory Cause Information Element,... |
| CVE-2025-65567 | 2025-12-18 | A denial-of-service vulnerability exists in the omec-project UPF (pfcpiface component) in version upf-epc-pfcpiface:2.1.3-dev. After PFCP association, a specially crafted PFCP Session Establishment Request with a CreatePDR that contains a malformed... |
| CVE-2025-65568 | 2025-12-18 | A denial-of-service vulnerability exists in the omec-project UPF (pfcpiface component) in version upf-epc-pfcpiface:2.1.3-dev. After PFCP association, a PFCP Session Establishment Request that includes a CreateFAR with an empty or truncated... |
| CVE-2025-67163 | 2025-12-18 | A stored cross-site scripting (XSS) vulnerability in Simple Machines Forum v2.1.6 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Forum Name parameter. |
| CVE-2025-14841 | 2025-12-18 | OFFIS DCMTK dcmqrscp dcmqrdbi.cc startMoveRequest null pointer dereference |
| CVE-2025-14856 | 2025-12-18 | y_project RuoYi getnames code injection |
| CVE-2025-12885 | 2025-12-18 | Embed Any Document <= 2.7.10 - Authenticated (Contributor+) Stored Cross-Site Scripting |
| CVE-2025-68460 | 2025-12-18 | Roundcube Webmail before 1.5.12 and 1.6 before 1.6.12 is prone to a information disclosure vulnerability in the HTML style sanitizer. |
| CVE-2025-68461 | 2025-12-18 | Roundcube Webmail before 1.5.12 and 1.6 before 1.6.12 is prone to a Cross-Site-Scripting (XSS) vulnerability via the animate tag in an SVG document. |
| CVE-2025-68462 | 2025-12-18 | Freedombox before 25.17.1 does not set proper permissions for the backups-data directory, allowing the reading of dump files of databases. |
| CVE-2025-27063 | 2025-12-18 | Use After Free in Video |
| CVE-2025-47319 | 2025-12-18 | Exposure of Sensitive System Information to an Unauthorized Control Sphere in HLOS |
| CVE-2025-47320 | 2025-12-18 | Out-of-bounds Write in Audio |
| CVE-2025-47321 | 2025-12-18 | Buffer Copy Without Checking Size of Input in Core Services |
| CVE-2025-47322 | 2025-12-18 | Use After Free in Automotive Linux OS |
| CVE-2025-47323 | 2025-12-18 | Integer Overflow or Wraparound in Audio |
| CVE-2025-47325 | 2025-12-18 | Untrusted Pointer Dereference in TZ Firmware |
| CVE-2025-47350 | 2025-12-18 | Use After Free in DSP Service |
| CVE-2025-47372 | 2025-12-18 | Buffer Copy Without Checking Size of Input in Boot |
| CVE-2025-47382 | 2025-12-18 | Incorrect Authorization in Boot |
| CVE-2025-47387 | 2025-12-18 | Untrusted Pointer Dereference in Camera |
| CVE-2025-68463 | 2025-12-18 | Bio.Entrez in Biopython through 186 allows doctype XXE. |