CVE List - 2025 / January
Showing 3001 - 3100 of 4277 CVEs for January 2025 (Page 31 of 43)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2024-49744 | 2025-01-21 | In checkKeyIntentParceledCorrectly of AccountManagerService.java, there is a possible way to... |
| CVE-2024-49745 | 2025-01-21 | In growData of Parcel.cpp, there is a possible out of... |
| CVE-2024-49747 | 2025-01-21 | In gatts_process_read_by_type_req of gatt_sr.cc, there is a possible out of... |
| CVE-2024-49748 | 2025-01-21 | In gatts_process_primary_service_req of gatt_sr.cc, there is a possible out of... |
| CVE-2024-49749 | 2025-01-21 | In DGifSlurp of dgif_lib.c, there is a possible out of... |
| CVE-2024-13091 | 2025-01-21 | WPBot Pro Wordpress Chatbot <= 13.5.4 - Unauthenticated Arbitrary File Upload |
| CVE-2023-36998 | 2025-01-22 | The NextEPC MME <= 1.0.1 (fixed in commit a8492c9c5bc0a66c6999cb5a263545b32a4109df) contains... |
| CVE-2023-37002 | 2025-01-22 | Open5GS MME versions <= 2.6.4 contain an assertion that can... |
| CVE-2023-37003 | 2025-01-22 | Open5GS MME versions <= 2.6.4 contain an assertion that can... |
| CVE-2023-37004 | 2025-01-22 | Open5GS MME versions <= 2.6.4 contain an assertion that can... |
| CVE-2023-37005 | 2025-01-22 | Open5GS MME versions <= 2.6.4 contain an assertion that can... |
| CVE-2023-37006 | 2025-01-22 | Open5GS MME versions <= 2.6.4 contain an assertion that can... |
| CVE-2023-37007 | 2025-01-22 | Open5GS MME versions <= 2.6.4 contain an assertion that can... |
| CVE-2023-37008 | 2025-01-22 | Open5GS MME versions <= 2.6.4 contain a buffer overflow in... |
| CVE-2023-37009 | 2025-01-22 | Open5GS MME versions <= 2.6.4 contain an assertion that can... |
| CVE-2023-37010 | 2025-01-22 | Open5GS MME versions <= 2.6.4 contain an assertion that can... |
| CVE-2023-37011 | 2025-01-22 | Open5GS MME versions <= 2.6.4 contain an assertion that can... |
| CVE-2023-37012 | 2025-01-22 | Open5GS MME versions <= 2.6.4 contain an assertion that can... |
| CVE-2023-37013 | 2025-01-22 | Open5GS MME versions <= 2.6.4 contains an assertion that can... |
| CVE-2023-37014 | 2025-01-22 | Open5GS MME versions <= 2.6.4 contains an assertion that can... |
| CVE-2023-37015 | 2025-01-22 | Open5GS MME versions <= 2.6.4 contains an assertion that can... |
| CVE-2023-37016 | 2025-01-22 | Open5GS MME versions <= 2.6.4 contain an assertion that can... |
| CVE-2023-37017 | 2025-01-22 | Open5GS MME versions <= 2.6.4 contain an assertion that can... |
| CVE-2023-37018 | 2025-01-22 | Open5GS MME versions <= 2.6.4 contains an assertion that can... |
| CVE-2023-37019 | 2025-01-22 | Open5GS MME versions <= 2.6.4 contains an assertion that can... |
| CVE-2023-37020 | 2025-01-22 | Open5GS MME versions <= 2.6.4 contain an assertion that can... |
| CVE-2023-37021 | 2025-01-22 | Open5GS MME version <= 2.6.4 contains an assertion that can... |
| CVE-2023-37022 | 2025-01-22 | Open5GS MME versions <= 2.6.4 contain a reachable assertion in... |
| CVE-2023-37023 | 2025-01-22 | Open5GS MME versions <= 2.6.4 contain a reachable assertion in... |
| CVE-2023-37777 | 2025-01-22 | A SQL injection vulnerability exists in Synnefo Internet Management Software... |
| CVE-2024-24429 | 2025-01-22 | A reachable assertion in the nas_eps_send_emm_to_esm function of Open5GS <=... |
| CVE-2024-24430 | 2025-01-22 | A reachable assertion in the mme_ue_find_by_imsi function of Open5GS <=... |
| CVE-2024-24432 | 2025-01-22 | A reachable assertion in the ogs_kdf_hash_mme function of Open5GS <=... |
| CVE-2024-34235 | 2025-01-22 | Open5GS MME versions <= 2.6.4 contains an assertion that can... |
| CVE-2024-42012 | 2025-01-22 | GRAU DATA Blocky before 3.1 stores passwords encrypted rather than... |
| CVE-2024-42013 | 2025-01-22 | In GRAU DATA Blocky before 3.1, Blocky-Gui has a Client-Side... |
| CVE-2024-55488 | 2025-01-22 | A stored cross-site scripting (XSS) vulnerability in Umbraco CMS v14.3.1... |
| CVE-2024-55957 | 2025-01-22 | In Thermo Fisher Scientific Xcalibur before 4.7 SP1 and Thermo... |
| CVE-2024-56914 | 2025-01-22 | D-Link DSL-3782 v1.01 is vulnerable to Buffer Overflow in /New_GUI/ParentalControl.asp. |
| CVE-2024-56923 | 2025-01-22 | Stored Cross-Site Scripting (XSS) Vulnerability in the Categorization Option of... |
| CVE-2024-56924 | 2025-01-22 | A Cross Site Request Forgery (CSRF) vulnerability in Code Astro... |
| CVE-2025-22980 | 2025-01-22 | A SQL Injection vulnerability exists in Senayan Library Management System... |
| CVE-2025-0625 | 2025-01-22 | CampCodes School Management Software Attachment resource injection |
| CVE-2025-23083 | 2025-01-22 | With the aid of the diagnostics_channel utility, an event can... |
| CVE-2025-23090 | 2025-01-22 | With the aid of the diagnostics_channel utility, an event can... |
| CVE-2024-13426 | 2025-01-22 | WP-Polls <= 2.77.2 - Unauthenticated SQL Injection to Stored Cross-Site Scripting |
| CVE-2024-13584 | 2025-01-22 | Picture Gallery – Frontend Image Uploads, AJAX Photo List <= 1.5.19 - Authenticated (Contributor+) Stored Cross-Site Scripting |
| CVE-2024-13590 | 2025-01-22 | Ketchup Shortcodes <= 0.1.2 - Authenticated (Contributor+) Stored Cross-Site Scripting |
| CVE-2024-11218 | 2025-01-22 | Podman: buildah: container breakout by using --jobs=2 and a race condition when building a malicious containerfile |
| CVE-2024-12879 | 2025-01-22 | WPBot Pro Wordpress Chatbot <= 13.5.5 - Missing Authorization to Authenticated (Subscriber+) Simple Text Response Creation |
| CVE-2025-20617 | 2025-01-22 | Improper neutralization of special elements used in an OS command... |
| CVE-2025-22450 | 2025-01-22 | Inclusion of undocumented features issue exists in UD-LT2 firmware Ver.1.00.008_SE... |
| CVE-2025-23237 | 2025-01-22 | Improper neutralization of special elements used in an OS command... |
| CVE-2024-13406 | 2025-01-22 | XML for Google Merchant Center <= 3.0.11 - Reflected Cross-Site Scripting |
| CVE-2024-12857 | 2025-01-22 | AdForest <= 5.1.8 - Authentication Bypass |
| CVE-2024-12117 | 2025-01-22 | Stackable – Page Builder Gutenberg Blocks <= 3.13.11 - Authenticated (Contributor+) Stored Cross-Site Scripting |
| CVE-2024-13361 | 2025-01-22 | AI Power: Complete AI Pack <= 1.8.96 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Shortcode Execution |
| CVE-2024-13360 | 2025-01-22 | AI Power: Complete AI Pack <= 1.8.96 - Authenticated (Subscriber+) Server-Side Request Forgery |
| CVE-2025-0428 | 2025-01-22 | AI Power: Complete AI Pack <= 1.8.96 - Authenticated (Admin+) PHP Object Injection via wpaicg_export_prompts |
| CVE-2024-13319 | 2025-01-22 | Themify Builder <= 7.6.5 - Reflected Cross-Site Scripting |
| CVE-2025-0429 | 2025-01-22 | AI Power: Complete AI Pack <= 1.8.96 - Authenticated (Admin+) PHP Object Injection via wpaicg_export_ai_forms |
| CVE-2022-23439 | 2025-01-22 | A externally controlled reference to a resource in another sphere... |
| CVE-2024-13495 | 2025-01-22 | GamiPress <= 7.2.1 - Unauthenticated Arbitrary Shortcode Execution via gamipress_ajax_get_logs Function |
| CVE-2024-13499 | 2025-01-22 | GamiPress <= 7.2.1 - Unauthenticated Arbitrary Shortcode Execution via gamipress_do_shortcode() Function |
| CVE-2024-13447 | 2025-01-22 | WP Hotel Booking <= 2.1.6 - Missing Authorization to Authenticated (Subscriber+) User Email Retrieval |
| CVE-2024-13496 | 2025-01-22 | GamiPress <= 7.3.1 - Unauthenticated SQL Injection via orderby Parameter |
| CVE-2025-0395 | 2025-01-22 | When the assert() function in the GNU C Library versions... |
| CVE-2025-24027 | 2025-01-22 | ps_contactinfo has potential XSS due to usage of the nofilter tag in template |
| CVE-2025-23495 | 2025-01-22 | WordPress WooCommerce Order Search plugin <= 1.1.0 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-23498 | 2025-01-22 | WordPress Translation.Pro plugin <= 1.0.0 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-23500 | 2025-01-22 | WordPress Simple Custom post type custom field plugin <= 1.0.3 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-23503 | 2025-01-22 | WordPress Customizable Captcha and Contact us plugin <= 1.0.2 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-23507 | 2025-01-22 | WordPress Blrt WP Embed plugin <= 1.6.9 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-23509 | 2025-01-22 | WordPress HyperComments plugin <= 0.9.6 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-23512 | 2025-01-22 | WordPress Team 118GROUP Agent plugin <= 1.6.0 - Arbitrary Content Deletion vulnerability |
| CVE-2025-23535 | 2025-01-22 | WordPress REAL WordPress Sidebar plugin <= 0.1 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-23548 | 2025-01-22 | WordPress Responsivity plugin <= 0.0.6 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-23562 | 2025-01-22 | WordPress XLSXviewer plugin <= 2.1.1 - Arbitrary File Deletion vulnerability |
| CVE-2025-23578 | 2025-01-22 | WordPress Custom CSS Addons plugin <= 1.9.1 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-23583 | 2025-01-22 | WordPress Explara Membership plugin <= 0.0.7 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-23589 | 2025-01-22 | WordPress ContentOptin Lite plugin <= 1.1 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-23592 | 2025-01-22 | WordPress dForms plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-23597 | 2025-01-22 | WordPress Rio Photo Gallery plugin <= 0.1 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-23601 | 2025-01-22 | WordPress Tab My Content plugin <= 1.0.0 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-23602 | 2025-01-22 | WordPress EELV Newsletter plugin <= 4.8.2 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-23603 | 2025-01-22 | WordPress Group category creator plugin <= 1.3.0.3 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-23604 | 2025-01-22 | WordPress Rezdy Reloaded plugin <= 1.0.1 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-23605 | 2025-01-22 | WordPress Call To Action Popup plugin <= 1.0.2 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-23606 | 2025-01-22 | WordPress Calendi plugin <= 1.1.1 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-23607 | 2025-01-22 | WordPress CAMOO SMS plugin <= 3.0.1 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-23609 | 2025-01-22 | WordPress Tagesteller plugin <= v.1.1 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-23610 | 2025-01-22 | WordPress Ultimate Events plugin <= 1.3.3 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-23611 | 2025-01-22 | WordPress WH Cache & Security plugin <= 1.1.2 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-23625 | 2025-01-22 | WordPress Unique UX plugin <= 0.9.2 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-23630 | 2025-01-22 | WordPress Cyber Slider plugin <= 1.1 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-23631 | 2025-01-22 | WordPress Content Planner plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-23672 | 2025-01-22 | WordPress Instant Appointment plugin <= 1.2 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-23674 | 2025-01-22 | WordPress Bit.ly linker plugin <= 1.1 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-23676 | 2025-01-22 | WordPress LH Email plugin <= 1.12 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-23678 | 2025-01-22 | WordPress LocalGrid plugin <= 1.0.1 - Reflected Cross Site Scripting (XSS) vulnerability |