CVE List - 2025 / December
Showing 701 - 800 of 3706 CVEs for December 2025 (Page 8 of 38)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2025-66557 | 2025-12-05 | Nextcloud Deck app allowed user with "Can share" permission to modify permissions of other non-owners |
| CVE-2025-66514 | 2025-12-05 | Nextcloud Mail stored HTML injection in subject text |
| CVE-2020-36882 | 2025-12-05 | Flexsense DiskBoss Application Crash Denial of Service |
| CVE-2025-66515 | 2025-12-05 | Nextcloud Approval app allows users to request approval for other users file |
| CVE-2025-66545 | 2025-12-05 | Nextcloud Groupfolders users with read-only permissions for team folder can restore deleted files from trash bin |
| CVE-2025-66549 | 2025-12-05 | Nextcloud Desktop discloses information when attempting to lock a file inside a end-to-end encrypted directory |
| CVE-2025-66554 | 2025-12-05 | Nextcloud Contacts vulnerable to Stored XSS in contacts app via organisation and title field |
| CVE-2025-66556 | 2025-12-05 | Nextcloud talk allows participants to blindly delete poll drafts of other users by ID |
| CVE-2025-66558 | 2025-12-05 | Nextcloud Twofactor WebAuthn app was updated based on public key |
| CVE-2025-66562 | 2025-12-05 | TUUI vulnerable to Remote Code Execution (RCE) via XSS in Markdown ECharts Rendering |
| CVE-2025-66566 | 2025-12-05 | yawkat LZ4 Java has a possible information leak in Java safe decompressor |
| CVE-2025-66570 | 2025-12-05 | cpp-httplib Untrusted HTTP Header Handling: Internal Header Shadowing (REMOTE*/LOCAL*) |
| CVE-2025-66577 | 2025-12-05 | cpp-httplib Untrusted HTTP Header Handling: X-Forwarded-For/X-Real-IP Trust |
| CVE-2025-66581 | 2025-12-05 | Frappe LMS is Missing Server-Side Authorization in Business Logic |
| CVE-2025-66623 | 2025-12-05 | Strimzi allows unrestricted access to all Secrets in the same Kubernetes namespace from Kafka Connect and MirrorMaker 2 operands |
| CVE-2025-66624 | 2025-12-05 | BACnet-stack MS/TP reply matcher OOB read |
| CVE-2025-46603 | 2025-12-05 | Dell CloudBoost Virtual Appliance, versions 19.13.0.0 and prior, contains an Improper Restriction of Excessive Authentication Attempts vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to... |
| CVE-2025-8148 | 2025-12-05 | CVE-2025-8148 Improper Access Control in SFTP service of GoAnywhere MFT |
| CVE-2025-14105 | 2025-12-05 | TOZED ZLT M30S/ZLT M30S PRO Web proc_post denial of service |
| CVE-2025-13426 | 2025-12-05 | Improper Sandboxing in Google Apigee's JavaCallout Policy Allows for Remote Code Execution |
| CVE-2025-14106 | 2025-12-05 | ZSPACE Q2C NAS HTTP POST Request close zfilev2_api.CloseSafe command injection |
| CVE-2025-14107 | 2025-12-05 | ZSPACE Q2C NAS HTTP POST Request status zfilev2_api.SafeStatus command injection |
| CVE-2025-14108 | 2025-12-05 | ZSPACE Q2C NAS HTTP POST Request open zfilev2_api.OpenSafe command injection |
| CVE-2025-34291 | 2025-12-05 | Langflow <= 1.6.9 CORS Misconfiguration to Token Hijack & RCE |
| CVE-2025-14111 | 2025-12-05 | Rarlab RAR App com.rarlab.rar path traversal |
| CVE-2025-14116 | 2025-12-05 | xerrors Yuxi-Know embed.py OtherEmbedding.aencode server-side request forgery |
| CVE-2025-66629 | 2025-12-05 | HedgeDoc is missing state parameter in OAuth2 flows could lead to CSRF |
| CVE-2025-12510 | 2025-12-06 | Widgets for Google Reviews <= 13.2.4 - Unauthenticated Stored Cross-Site Scripting via Google Reviews |
| CVE-2025-11263 | 2025-12-06 | Link Whisper Free <= 0.8.8 - Reflected Cross-Site Scripting |
| CVE-2025-12505 | 2025-12-06 | weDocs <= 2.1.14 - Missing Authorization to Settings Update |
| CVE-2025-13922 | 2025-12-06 | Tag, Category, and Taxonomy Manager – AI Autotagger with OpenAI <= 3.40.1 - Authenticated (Contributor+) SQL Injection via ORDER BY Clause |
| CVE-2025-13292 | 2025-12-06 | Improper access control in Google Cloud Apigee-X allows cross-tenant Analytics modification and log data access. |
| CVE-2025-14117 | 2025-12-06 | fit2cloud Halo cross-site request forgery |
| CVE-2025-13626 | 2025-12-06 | myLCO <= 0.8.1 - Reflected Cross-Site Scripting via $_SERVER['PHP_SELF'] |
| CVE-2025-13137 | 2025-12-06 | Live Sales Notification for Woocommerce – Woomotiv <= 3.6.3 - Reflected Cross-Site Scripting |
| CVE-2025-13898 | 2025-12-06 | Ultra Skype Button <= 1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'btn_id' Shortcode Attribute |
| CVE-2025-13896 | 2025-12-06 | Social Feed Gallery Portfolio <= 1.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'id' Shortcode Attribute |
| CVE-2025-12721 | 2025-12-06 | g-FFL Cockpit <= 1.7.1 - Missing Authorization to Unauthenticated Information Exposure |
| CVE-2025-12574 | 2025-12-06 | Listar – Directory Listing & Classifieds WordPress Plugin <= 3.0.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Post Deletion |
| CVE-2025-12720 | 2025-12-06 | g-FFL Cockpit <= 1.7.1 - Improper Authorization to Unauthenticated Product Deletion |
| CVE-2025-12673 | 2025-12-06 | Flex QR Code Generator <= 1.2.6 - Unauthenticated Arbitrary File Upload |
| CVE-2025-13629 | 2025-12-06 | WP Landing Page <= 0.9.3 - Cross-Site Request Forgery to Arbitrary Post Meta Update |
| CVE-2025-13666 | 2025-12-06 | Helloprint <= 2.1.2 - Missing Authorization to Unauthenticated Arbitrary Order Status Modification |
| CVE-2025-13308 | 2025-12-06 | Application Passwords <= 0.1.3 - Reflected Cross-Site Scripting via reject_url |
| CVE-2025-13899 | 2025-12-06 | TR Timthumb <= 1.0.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes |
| CVE-2025-13656 | 2025-12-06 | Cute News Ticker <= 1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'color' Shortcode Attribute |
| CVE-2025-12715 | 2025-12-06 | Canadian Nutrition Facts Label <= 3.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Nutrition Label Custom Post Type |
| CVE-2025-12577 | 2025-12-06 | Listar – Directory Listing & Classifieds WordPress Plugin <= 3.0.0 - Missing Authorization to Authenticated (Subscriber+) Listing Update |
| CVE-2025-12717 | 2025-12-06 | List Attachments Shortcode <= 0.4.1a - Authenticated (Author+) Stored Cross-Site Scripting via list-attachments Shortcode |
| CVE-2025-13907 | 2025-12-06 | CSS3 Buttons <= 0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes |
| CVE-2025-13863 | 2025-12-06 | RevInsite <= 1.1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes |
| CVE-2025-13856 | 2025-12-06 | Extra Post Images <= 1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes |
| CVE-2025-13857 | 2025-12-06 | Yet Another WebClap for WordPress <= 0.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes |
| CVE-2025-12091 | 2025-12-06 | Search, Filters & Merchandising for WooCommerce <= 3.0.63 - Missing Authorization to Authenticated (Subscriber+) Plugin Deactivation |
| CVE-2025-13894 | 2025-12-06 | CSV Sumotto <= 1.0 - Reflected Cross-Site Scripting |
| CVE-2025-13309 | 2025-12-06 | Accessiy By CodeConfig Accessibility – Easy One-Click Accessibility Toolbar That Truly Matters <= 1.0.0 - Authenticated (Subscriber+) Missing Authorization to Modify Accessibility Settings |
| CVE-2025-13358 | 2025-12-06 | Accessiy By CodeConfig Accessibility <= 1.0.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Page Creation |
| CVE-2025-13748 | 2025-12-06 | Fluent Forms <= 6.1.7 - Unauthenticated Insecure Direct Object Reference to Payment Status Tampering via submission_id |
| CVE-2025-13377 | 2025-12-06 | 10Web Booster <= 2.32.7 - Authenticated (Subscriber+) Arbitrary Folder Deletion via two_clear_page_cache |
| CVE-2025-12499 | 2025-12-06 | Rich Shortcodes for Google Reviews <= 6.8 - Unauthenticated Stored Cross-Site Scripting via Google Review |
| CVE-2025-12966 | 2025-12-06 | All-in-One Video Gallery 4.5.4 - 4.5.7 – Authenticated (Author+) Arbitrary File Upload via Import ZIP |
| CVE-2025-13065 | 2025-12-06 | Starter Templates <= 4.4.41 - Authenticated (Author+) Arbitrary File Upload via WXR Upload Bypass |
| CVE-2025-14126 | 2025-12-06 | TOZED ZLT M30S/ZLT M30S PRO Web hard-coded credentials |
| CVE-2025-14133 | 2025-12-06 | Linksys RE6500/RE6250/RE6300/RE6350/RE7000/RE9000 mod_form.so AP_get_wireless_clientlist_setClientsName stack-based overflow |
| CVE-2025-14134 | 2025-12-06 | Linksys RE6500/RE6250/RE6300/RE6350/RE7000/RE9000 mod_form.so stack-based overflow |
| CVE-2025-14135 | 2025-12-06 | Linksys RE6500/RE6250/RE6300/RE6350/RE7000/RE9000 mod_form.so AP_get_wired_clientlist_setClientsName stack-based overflow |
| CVE-2025-14136 | 2025-12-06 | Linksys RE6500/RE6250/RE6300/RE6350/RE7000/RE9000 mod_form.so stack-based overflow |
| CVE-2025-14139 | 2025-12-06 | UTT 进取 520W formConfigDnsFilterGlobal strcpy buffer overflow |
| CVE-2025-14140 | 2025-12-06 | UTT 进取 520W websHostFilter strcpy buffer overflow |
| CVE-2025-14141 | 2025-12-06 | UTT 进取 520W formArpBindConfig strcpy buffer overflow |
| CVE-2025-40267 | 2025-12-06 | io_uring/rw: ensure allocated iovec gets cleared for early failure |
| CVE-2025-40268 | 2025-12-06 | cifs: client: fix memory leak in smb3_fs_context_parse_param |
| CVE-2025-40269 | 2025-12-06 | ALSA: usb-audio: Fix potential overflow of PCM transfer buffer |
| CVE-2025-40270 | 2025-12-06 | mm, swap: fix potential UAF issue for VMA readahead |
| CVE-2025-40271 | 2025-12-06 | fs/proc: fix uaf in proc_readdir_de() |
| CVE-2025-40272 | 2025-12-06 | mm/secretmem: fix use-after-free race in fault handler |
| CVE-2025-40273 | 2025-12-06 | NFSD: free copynotify stateid in nfs4_free_ol_stateid() |
| CVE-2025-40274 | 2025-12-06 | KVM: guest_memfd: Remove bindings on memslot deletion when gmem is dying |
| CVE-2025-40275 | 2025-12-06 | ALSA: usb-audio: Fix NULL pointer dereference in snd_usb_mixer_controls_badd |
| CVE-2025-40276 | 2025-12-06 | drm/panthor: Flush shmem writes before mapping buffers CPU-uncached |
| CVE-2025-40277 | 2025-12-06 | drm/vmwgfx: Validate command header size against SVGA_CMD_MAX_DATASIZE |
| CVE-2025-40278 | 2025-12-06 | net: sched: act_ife: initialize struct tc_ife to fix KMSAN kernel-infoleak |
| CVE-2025-40279 | 2025-12-06 | net: sched: act_connmark: initialize struct tc_ife to fix kernel leak |
| CVE-2025-40280 | 2025-12-06 | tipc: Fix use-after-free in tipc_mon_reinit_self(). |
| CVE-2025-40281 | 2025-12-06 | sctp: prevent possible shift-out-of-bounds in sctp_transport_update_rto |
| CVE-2025-40282 | 2025-12-06 | Bluetooth: 6lowpan: reset link-local header on ipv6 recv path |
| CVE-2025-40283 | 2025-12-06 | Bluetooth: btusb: reorder cleanup in btusb_disconnect to avoid UAF |
| CVE-2025-40284 | 2025-12-06 | Bluetooth: MGMT: cancel mesh send timer when hdev removed |
| CVE-2025-40285 | 2025-12-06 | smb/server: fix possible refcount leak in smb2_sess_setup() |
| CVE-2025-40286 | 2025-12-06 | smb/server: fix possible memory leak in smb2_read() |
| CVE-2025-40287 | 2025-12-06 | exfat: fix improper check of dentry.stream.valid_size |
| CVE-2025-40288 | 2025-12-06 | drm/amdgpu: Fix NULL pointer dereference in VRAM logic for APU devices |
| CVE-2025-40289 | 2025-12-06 | drm/amdgpu: hide VRAM sysfs attributes on GPUs without VRAM |
| CVE-2025-14182 | 2025-12-07 | Sobey Media Convergence System upload path traversal |
| CVE-2025-14183 | 2025-12-07 | SGAI Space1 NAS N1211DS gsaiagent JSONAPI GET_USER_INFO credentials storage |
| CVE-2025-14184 | 2025-12-07 | SGAI Space1 NAS N1211DS gsaiagent JSONAPI NGNIX_UPLOAD command injection |
| CVE-2025-14185 | 2025-12-07 | Yonyou U8 Cloud AppServletService.class sql injection |
| CVE-2025-14186 | 2025-12-07 | Grandstream GXP1625 Network Status api.values.post cross site scripting |
| CVE-2025-14187 | 2025-12-07 | UGREEN DH2100+ nas_svr create handler_file_backup_create buffer overflow |
| CVE-2025-14188 | 2025-12-07 | UGREEN DH2100+ nas_svr create handler_file_backup_create command injection |