CVE List - 2025 / January
Showing 1701 - 1800 of 4277 CVEs for January 2025 (Page 18 of 43)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2024-39800 | 2025-01-14 | Multiple external config control vulnerabilities exists in the openvpn.cgi openvpn_server_setup()... |
| CVE-2024-39801 | 2025-01-14 | Multiple buffer overflow vulnerabilities exist in the qos.cgi qos_settings() functionality... |
| CVE-2024-39802 | 2025-01-14 | Multiple buffer overflow vulnerabilities exist in the qos.cgi qos_settings() functionality... |
| CVE-2024-39803 | 2025-01-14 | Multiple buffer overflow vulnerabilities exist in the qos.cgi qos_settings() functionality... |
| CVE-2024-39299 | 2025-01-14 | A buffer overflow vulnerability exists in the qos.cgi qos_sta_settings() functionality... |
| CVE-2024-36295 | 2025-01-14 | A command execution vulnerability exists in the qos.cgi qos_sta() functionality... |
| CVE-2024-36258 | 2025-01-14 | A stack-based buffer overflow vulnerability exists in the touchlist_sync.cgi touchlistsync()... |
| CVE-2024-36272 | 2025-01-14 | A buffer overflow vulnerability exists in the usbip.cgi set_info() functionality... |
| CVE-2024-34544 | 2025-01-14 | A command injection vulnerability exists in the wireless.cgi AddMac() functionality... |
| CVE-2024-39757 | 2025-01-14 | A stack-based buffer overflow vulnerability exists in the wireless.cgi AddMac()... |
| CVE-2024-39603 | 2025-01-14 | A stack-based buffer overflow vulnerability exists in the wireless.cgi set_wifi_basic_mesh()... |
| CVE-2024-36493 | 2025-01-14 | A stack-based buffer overflow vulnerability exists in the wireless.cgi set_wifi_basic()... |
| CVE-2024-39359 | 2025-01-14 | A stack-based buffer overflow vulnerability exists in the wireless.cgi DeleteMac()... |
| CVE-2024-39357 | 2025-01-14 | A stack-based buffer overflow vulnerability exists in the wireless.cgi SetName()... |
| CVE-2024-39604 | 2025-01-14 | A command execution vulnerability exists in the update_filter_url.sh functionality of... |
| CVE-2024-39273 | 2025-01-14 | A firmware update vulnerability exists in the fw_check.sh functionality of... |
| CVE-2024-39608 | 2025-01-14 | A firmware update vulnerability exists in the login.cgi functionality of... |
| CVE-2024-39773 | 2025-01-14 | An information disclosure vulnerability exists in the testsave.sh functionality of... |
| CVE-2024-39754 | 2025-01-14 | A static login vulnerability exists in the wctrls functionality of... |
| CVE-2024-39781 | 2025-01-14 | Multiple OS command injection vulnerabilities exist in the adm.cgi sch_reboot()... |
| CVE-2024-39782 | 2025-01-14 | Multiple OS command injection vulnerabilities exist in the adm.cgi sch_reboot()... |
| CVE-2024-39783 | 2025-01-14 | Multiple OS command injection vulnerabilities exist in the adm.cgi sch_reboot()... |
| CVE-2024-37186 | 2025-01-14 | An os command injection vulnerability exists in the adm.cgi set_ledonoff()... |
| CVE-2024-39370 | 2025-01-14 | An arbitrary code execution vulnerability exists in the adm.cgi set_MeshAp()... |
| CVE-2024-39774 | 2025-01-14 | A buffer overflow vulnerability exists in the adm.cgi set_sys_adm() functionality... |
| CVE-2024-37357 | 2025-01-14 | A buffer overflow vulnerability exists in the adm.cgi set_TR069() functionality... |
| CVE-2024-21797 | 2025-01-14 | A command execution vulnerability exists in the adm.cgi set_TR069() functionality... |
| CVE-2024-39358 | 2025-01-14 | A buffer overflow vulnerability exists in the adm.cgi set_wzap() functionality... |
| CVE-2024-39294 | 2025-01-14 | A buffer overflow vulnerability exists in the adm.cgi set_wzdgw4G() functionality... |
| CVE-2024-37184 | 2025-01-14 | A buffer overflow vulnerability exists in the adm.cgi rep_as_bridge() functionality... |
| CVE-2024-39756 | 2025-01-14 | A buffer overflow vulnerability exists in the adm.cgi rep_as_router() functionality... |
| CVE-2024-39367 | 2025-01-14 | An os command injection vulnerability exists in the firewall.cgi iptablesWebsFilterRun()... |
| CVE-2024-39768 | 2025-01-14 | Multiple buffer overflow vulnerabilities exist in the internet.cgi set_qos() functionality... |
| CVE-2024-39769 | 2025-01-14 | Multiple buffer overflow vulnerabilities exist in the internet.cgi set_qos() functionality... |
| CVE-2024-39770 | 2025-01-14 | Multiple buffer overflow vulnerabilities exist in the internet.cgi set_qos() functionality... |
| CVE-2024-39288 | 2025-01-14 | A buffer overflow vulnerability exists in the internet.cgi set_add_routing() functionality... |
| CVE-2024-39762 | 2025-01-14 | Multiple OS command injection vulnerabilities exist in the internet.cgi set_add_routing()... |
| CVE-2024-39763 | 2025-01-14 | Multiple OS command injection vulnerabilities exist in the internet.cgi set_add_routing()... |
| CVE-2024-39764 | 2025-01-14 | Multiple OS command injection vulnerabilities exist in the internet.cgi set_add_routing()... |
| CVE-2024-39765 | 2025-01-14 | Multiple OS command injection vulnerabilities exist in the internet.cgi set_add_routing()... |
| CVE-2024-36290 | 2025-01-14 | A buffer overflow vulnerability exists in the login.cgi Goto_chidx() functionality... |
| CVE-2024-39759 | 2025-01-14 | Multiple OS command injection vulnerabilities exist in the login.cgi set_sys_init()... |
| CVE-2024-39760 | 2025-01-14 | Multiple OS command injection vulnerabilities exist in the login.cgi set_sys_init()... |
| CVE-2024-39761 | 2025-01-14 | Multiple OS command injection vulnerabilities exist in the login.cgi set_sys_init()... |
| CVE-2024-39363 | 2025-01-14 | A cross-site scripting (xss) vulnerability exists in the login.cgi set_lang_CountryCode()... |
| CVE-2024-34166 | 2025-01-14 | An os command injection vulnerability exists in the touchlist_sync.cgi touchlistsync()... |
| CVE-2024-42444 | 2025-01-14 | TOCTOU Race Condition between DMA and SMM |
| CVE-2025-0458 | 2025-01-14 | Virtual Computer Vysual RH Solution Login Panel index.php cross site scripting |
| CVE-2025-0459 | 2025-01-14 | libretro RetroArch Startup profapi.dll untrusted search path |
| CVE-2024-29979 | 2025-01-14 | Unsafe Handling of Phoenix UEFI Variables |
| CVE-2024-29980 | 2025-01-14 | Unsafe Handling of IHV UEFI Variables |
| CVE-2025-0460 | 2025-01-14 | Blog Botz for Journal Theme blog_add unrestricted upload |
| CVE-2025-0461 | 2025-01-14 | Shanghai Lingdang Information Technology Lingdang CRM index.php path traversal |
| CVE-2024-45627 | 2025-01-14 | Apache Linkis Metadata Query Service JDBC: JDBC Datasource Module with Mysql has file read vulnerability |
| CVE-2025-0462 | 2025-01-14 | Shanghai Lingdang Information Technology Lingdang CRM index.php sql injection |
| CVE-2025-23080 | 2025-01-14 | XSSes in Special:BadgeView |
| CVE-2024-10630 | 2025-01-14 | A race condition in Ivanti Application Control Engine before version... |
| CVE-2024-52898 | 2025-01-14 | IBM MQ information disclosure |
| CVE-2024-13179 | 2025-01-14 | Path Traversal in Ivanti Avalanche before version 6.4.7 allows a... |
| CVE-2024-13180 | 2025-01-14 | Path Traversal in Ivanti Avalanche before version 6.4.7 allows a... |
| CVE-2024-13181 | 2025-01-14 | Path Traversal in Ivanti Avalanche before version 6.4.7 allows a... |
| CVE-2025-23081 | 2025-01-14 | Various security vulnerabilities in Extension:DataTransfer |
| CVE-2024-10811 | 2025-01-14 | Absolute path traversal in Ivanti EPM before the 2024 January-2025... |
| CVE-2025-0463 | 2025-01-14 | Shanghai Lingdang Information Technology Lingdang CRM index.php unrestricted upload |
| CVE-2025-0464 | 2025-01-14 | SourceCodester Task Reminder System Maintenance Section cross site scripting |
| CVE-2024-13161 | 2025-01-14 | Absolute path traversal in Ivanti EPM before the 2024 January-2025... |
| CVE-2024-13160 | 2025-01-14 | Absolute path traversal in Ivanti EPM before the 2024 January-2025... |
| CVE-2024-13159 | 2025-01-14 | Absolute path traversal in Ivanti EPM before the 2024 January-2025... |
| CVE-2024-13158 | 2025-01-14 | An unbounded resource search path in Ivanti EPM before the... |
| CVE-2024-13172 | 2025-01-14 | Improper signature verification in Ivanti EPM before the 2024 January-2025... |
| CVE-2024-13171 | 2025-01-14 | Insufficient filename validation in Ivanti EPM before the 2024 January-2025... |
| CVE-2024-13170 | 2025-01-14 | An out-of-bounds write in Ivanti EPM before the 2024 January-2025... |
| CVE-2024-13169 | 2025-01-14 | An out-of-bounds read in Ivanti EPM before the 2024 January-2025... |
| CVE-2024-13168 | 2025-01-14 | An out-of-bounds write in Ivanti EPM before the 2024 January-2025... |
| CVE-2024-13167 | 2025-01-14 | An out-of-bounds write in Ivanti EPM before the 2024 January-2025... |
| CVE-2024-13166 | 2025-01-14 | An out-of-bounds write in Ivanti EPM before the 2024 January-2025... |
| CVE-2024-13165 | 2025-01-14 | An out-of-bounds write in Ivanti EPM before the 2024 January-2025... |
| CVE-2024-13164 | 2025-01-14 | An uninitialized resource in Ivanti EPM before the 2024 January-2025... |
| CVE-2024-13163 | 2025-01-14 | Deserialization of untrusted data in Ivanti EPM before the 2024... |
| CVE-2024-13162 | 2025-01-14 | SQL injection in Ivanti EPM before the 2024 January-2025 Security... |
| CVE-2025-0465 | 2025-01-14 | AquilaCMS categories deserialization |
| CVE-2025-21607 | 2025-01-14 | Success of Certain Precompile Calls not Checked in Vyper |
| CVE-2025-23051 | 2025-01-14 | Authenticated Remote Code Execution in AOS Web-based Management Interface |
| CVE-2024-12085 | 2025-01-14 | Rsync: info leak via uninitialized stack contents |
| CVE-2024-12086 | 2025-01-14 | Rsync: rsync server leaks arbitrary client files |
| CVE-2024-12088 | 2025-01-14 | Rsync: --safe-links option bypass leads to path traversal |
| CVE-2025-23052 | 2025-01-14 | Authenticated Command Injection Vulnerability allows Unauthorized Command Execution in CLI Interface |
| CVE-2024-12747 | 2025-01-14 | Rsync: race condition in rsync handling symbolic links |
| CVE-2025-23366 | 2025-01-14 | Org.jboss.hal:hal-console: wildfly hal console cross-site scripting |
| CVE-2025-23025 | 2025-01-14 | Privilege escalation (PR) through realtime WYSIWYG editing in XWiki |
| CVE-2024-12087 | 2025-01-14 | Rsync: path traversal vulnerability in rsync |
| CVE-2025-21411 | 2025-01-14 | Windows Telephony Service Remote Code Execution Vulnerability |
| CVE-2025-21413 | 2025-01-14 | Windows Telephony Service Remote Code Execution Vulnerability |
| CVE-2025-21171 | 2025-01-14 | .NET Remote Code Execution Vulnerability |
| CVE-2025-21210 | 2025-01-14 | Windows BitLocker Information Disclosure Vulnerability |
| CVE-2025-21214 | 2025-01-14 | Windows BitLocker Information Disclosure Vulnerability |
| CVE-2025-21215 | 2025-01-14 | Secure Boot Security Feature Bypass Vulnerability |
| CVE-2025-21233 | 2025-01-14 | Windows Telephony Service Remote Code Execution Vulnerability |
| CVE-2025-21234 | 2025-01-14 | Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability |
| CVE-2025-21235 | 2025-01-14 | Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability |