CVE List - 2025 / February
Showing 1201 - 1300 of 3678 CVEs for February 2025 (Page 13 of 37)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2025-26358 | 2025-02-12 | A CWE-20 "Improper Input Validation" in ldbMT.so in Q-Free MaxTime... |
| CVE-2025-26359 | 2025-02-12 | A CWE-306 "Missing Authentication for Critical Function" in maxprofile/accounts/routes.lua in... |
| CVE-2025-26360 | 2025-02-12 | A CWE-306 "Missing Authentication for Critical Function" in maxprofile/persistance/routes.lua in... |
| CVE-2025-26361 | 2025-02-12 | A CWE-306 "Missing Authentication for Critical Function" in maxprofile/setup/routes.lua in... |
| CVE-2025-26362 | 2025-02-12 | A CWE-306 "Missing Authentication for Critical Function" in maxprofile/setup/routes.lua in... |
| CVE-2025-26363 | 2025-02-12 | A CWE-306 "Missing Authentication for Critical Function" in maxprofile/setup/routes.lua in... |
| CVE-2025-26364 | 2025-02-12 | A CWE-306 "Missing Authentication for Critical Function" in maxprofile/setup/routes.lua in... |
| CVE-2025-26365 | 2025-02-12 | A CWE-306 "Missing Authentication for Critical Function" in maxprofile/setup/routes.lua in... |
| CVE-2025-26366 | 2025-02-12 | A CWE-306 "Missing Authentication for Critical Function" in maxprofile/setup/routes.lua in... |
| CVE-2025-26367 | 2025-02-12 | A CWE-862 "Missing Authorization" in maxprofile/user-groups/routes.lua in Q-Free MaxTime less... |
| CVE-2025-26368 | 2025-02-12 | A CWE-862 "Missing Authorization" in maxprofile/user-groups/routes.lua in Q-Free MaxTime less... |
| CVE-2025-26369 | 2025-02-12 | A CWE-862 "Missing Authorization" in maxprofile/user-groups/routes.lua in Q-Free MaxTime less... |
| CVE-2025-26370 | 2025-02-12 | A CWE-862 "Missing Authorization" in maxprofile/user-groups/routes.lua in Q-Free MaxTime less... |
| CVE-2025-26371 | 2025-02-12 | A CWE-862 "Missing Authorization" in maxprofile/user-groups/routes.lua in Q-Free MaxTime less... |
| CVE-2025-26372 | 2025-02-12 | A CWE-862 "Missing Authorization" in maxprofile/user-groups/routes.lua in Q-Free MaxTime less... |
| CVE-2025-26373 | 2025-02-12 | A CWE-862 "Missing Authorization" in maxprofile/users/routes.lua (user endpoint) in Q-Free... |
| CVE-2025-26374 | 2025-02-12 | A CWE-862 "Missing Authorization" in maxprofile/users/routes.lua (users endpoint) in Q-Free... |
| CVE-2025-26375 | 2025-02-12 | A CWE-862 "Missing Authorization" in maxprofile/users/routes.lua in Q-Free MaxTime less... |
| CVE-2025-26376 | 2025-02-12 | A CWE-862 "Missing Authorization" in maxprofile/users/routes.lua in Q-Free MaxTime less... |
| CVE-2025-26377 | 2025-02-12 | A CWE-862 "Missing Authorization" in maxprofile/users/routes.lua in Q-Free MaxTime less... |
| CVE-2025-26378 | 2025-02-12 | A CWE-862 "Missing Authorization" in maxprofile/users/routes.lua in Q-Free MaxTime less... |
| CVE-2025-1200 | 2025-02-12 | SourceCodester Best Church Management Software slider_crud.php sql injection |
| CVE-2024-23563 | 2025-02-12 | HCL Connections Docs is vulnerable to a sensitive information disclosure |
| CVE-2024-57952 | 2025-02-12 | Revert "libfs: fix infinite directory reads for offset dir" |
| CVE-2025-21699 | 2025-02-12 | gfs2: Truncate address space when flipping GFS2_DIF_JDATA flag |
| CVE-2025-1201 | 2025-02-12 | SourceCodester Best Church Management Software profile_crud.php sql injection |
| CVE-2025-1244 | 2025-02-12 | Emacs: shell injection vulnerability in gnu emacs via custom "man" uri scheme |
| CVE-2025-1202 | 2025-02-12 | SourceCodester Best Church Management Software edit_slider.php sql injection |
| CVE-2025-1206 | 2025-02-12 | Codezips Gym Management System viewdetailroutine.php sql injection |
| CVE-2025-1042 | 2025-02-12 | Files or Directories Accessible to External Parties in GitLab |
| CVE-2025-1212 | 2025-02-12 | Exposure of Sensitive System Information to an Unauthorized Control Sphere in GitLab |
| CVE-2025-0376 | 2025-02-12 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab |
| CVE-2024-12379 | 2025-02-12 | Allocation of Resources Without Limits or Throttling in GitLab |
| CVE-2024-12251 | 2025-02-12 | Improper neutralization special element in hyperlinks |
| CVE-2025-0556 | 2025-02-12 | Telerik Report Server Clear Text Transmission of Agent Commands |
| CVE-2025-0332 | 2025-02-12 | Progress UI for WinForms decompression path traversal vulnerability |
| CVE-2025-0516 | 2025-02-12 | Incorrect Authorization in GitLab |
| CVE-2024-9870 | 2025-02-12 | Unintended Proxy or Intermediary ('Confused Deputy') in GitLab |
| CVE-2025-1207 | 2025-02-12 | phjounin TFTPD64 DNS denial of service |
| CVE-2024-12629 | 2025-02-12 | Prototype Pollution in Progress® Telerik® KendoReact |
| CVE-2024-11343 | 2025-02-12 | Telerik Document Processing Path Traversal |
| CVE-2025-1208 | 2025-02-12 | code-projects Wazifa System Profile.php cross site scripting |
| CVE-2025-25182 | 2025-02-12 | Stroom Authentication/Authorization Bypass when using AWS ALB |
| CVE-2024-11628 | 2025-02-12 | Prototype Pollution in Progress® Telerik® Kendo UI for Vue |
| CVE-2025-25184 | 2025-02-12 | Possible Log Injection in Rack::CommonLogger |
| CVE-2024-11629 | 2025-02-12 | Telerik Document Processing RTF Export of Arbitrary File Path |
| CVE-2025-1209 | 2025-02-12 | code-projects Wazifa System search_resualts.php searchuser cross site scripting |
| CVE-2025-1210 | 2025-02-12 | code-projects Wazifa System control.php sql injection |
| CVE-2025-1213 | 2025-02-12 | pihome-shc PiHome index.php cross site scripting |
| CVE-2024-6097 | 2025-02-12 | Absolute Path Traversal Vulnerability |
| CVE-2025-25198 | 2025-02-12 | mailcow: dockerized vulnerable to password reset poisoning |
| CVE-2025-25199 | 2025-02-12 | BCryptGenerateSymmetricKey memory leak |
| CVE-2025-25200 | 2025-02-12 | Koa has Inefficient Regular Expression Complexity |
| CVE-2025-1214 | 2025-02-12 | pihome-shc PiHome Role-Based Access Control user_accounts.php authorization |
| CVE-2025-25201 | 2025-02-12 | Improper Validation of Admin Key in PIV Smartcard |
| CVE-2025-25205 | 2025-02-12 | Remote Authentication-Bypass can lead to server crash or limited information disclosure due to faulty pattern matching |
| CVE-2025-25283 | 2025-02-12 | parse-duraton vulnerable to Regex Denial of Service that results in event loop delay and out of memory |
| CVE-2025-1146 | 2025-02-12 | CrowdStrike Falcon Sensor for Linux TLS Issue |
| CVE-2025-1215 | 2025-02-12 | vim main.c memory corruption |
| CVE-2025-0937 | 2025-02-12 | Nomad Vulnerable To Event Stream Namespace ACL Policy Bypass Through Wildcard Namespace |
| CVE-2025-1216 | 2025-02-12 | ywoa OaNoticeMapper.xml selectNoticeList sql injection |
| CVE-2025-1224 | 2025-02-12 | ywoa UserMapper.xml listNameBySql sql injection |
| CVE-2025-1225 | 2025-02-12 | ywoa WXCallBack Interface XMLParse.java extract xml external entity reference |
| CVE-2025-1226 | 2025-02-12 | ywoa setup.jsp improper authorization |
| CVE-2024-12673 | 2025-02-12 | An improper privilege vulnerability was reported in a BIOS customization... |
| CVE-2025-0108 | 2025-02-12 | PAN-OS: Authentication Bypass in the Management Web Interface |
| CVE-2025-0109 | 2025-02-12 | PAN-OS: Unauthenticated File Deletion Vulnerability on the Management Web Interface |
| CVE-2025-0111 | 2025-02-12 | PAN-OS: Authenticated File Read Vulnerability in the Management Web Interface |
| CVE-2025-1227 | 2025-02-12 | ywoa AddressDao.xml selectList sql injection |
| CVE-2025-0110 | 2025-02-12 | PAN-OS OpenConfig Plugin: Command Injection Vulnerability in OpenConfig Plugin |
| CVE-2025-0113 | 2025-02-12 | Cortex XDR Broker VM: Unauthorized Access to Broker VM Docker Containers |
| CVE-2024-31858 | 2025-02-12 | Out-of-bounds write for some Intel(R) QuickAssist Technology software before version... |
| CVE-2024-29223 | 2025-02-12 | Uncontrolled search path for some Intel(R) QuickAssist Technology software before... |
| CVE-2023-32277 | 2025-02-12 | Untrusted Pointer Dereference in I/O subsystem for some Intel(R) QAT... |
| CVE-2024-31153 | 2025-02-12 | Improper input validation for some Intel(R) QuickAssist Technology software before... |
| CVE-2024-37355 | 2025-02-12 | Improper access control in some Intel(R) Graphics software may allow... |
| CVE-2024-38310 | 2025-02-12 | Improper access control in some Intel(R) Graphics Driver software installers... |
| CVE-2024-42410 | 2025-02-12 | Improper input validation in some Intel(R) Graphics Drivers may allow... |
| CVE-2024-42419 | 2025-02-12 | Incorrect default permissions for some Intel(R) GPA and Intel(R) GPA... |
| CVE-2024-41934 | 2025-02-12 | Improper access control in some Intel(R) GPA software before version... |
| CVE-2024-21830 | 2025-02-12 | Uncontrolled search path in some Intel(R) VPL software before version... |
| CVE-2024-42492 | 2025-02-12 | Uncontrolled search path element in some BIOS and System Firmware... |
| CVE-2024-39286 | 2025-02-12 | Incorrect execution-assigned permissions in the Linux kernel mode driver for... |
| CVE-2024-41917 | 2025-02-12 | Time-of-check time-of-use race condition for some Intel(R) Battery Life Diagnostic... |
| CVE-2024-39813 | 2025-02-12 | Uncontrolled search path for some EPCT software before version 1.42.8.0... |
| CVE-2024-39284 | 2025-02-12 | Uncontrolled search path for some Intel(R) Advisor software before version... |
| CVE-2024-32938 | 2025-02-12 | Uncontrolled search path for some Intel(R) MPI Library for Windows... |
| CVE-2024-36291 | 2025-02-12 | Uncontrolled search path for some Intel(R) Chipset Software Installation Utility... |
| CVE-2024-24852 | 2025-02-12 | Uncontrolled search path in some Intel(R) Ethernet Adapter Complete Driver... |
| CVE-2024-36274 | 2025-02-12 | Out-of-bounds write in the Intel(R) 800 Series Ethernet Driver for... |
| CVE-2024-39797 | 2025-02-12 | Improper access control in some drivers for Intel(R) Ethernet Connection... |
| CVE-2024-39779 | 2025-02-12 | Stack-based buffer overflow in some drivers for Intel(R) Ethernet Connection... |
| CVE-2024-31155 | 2025-02-12 | Improper buffer restrictions in the UEFI firmware for some Intel(R)... |
| CVE-2024-21859 | 2025-02-12 | Improper buffer restrictions in the UEFI firmware for some Intel(R)... |
| CVE-2024-38307 | 2025-02-12 | Improper input validation in the firmware for some Intel(R) AMT... |
| CVE-2024-30211 | 2025-02-12 | Improper access control in some Intel(R) ME driver pack installer... |
| CVE-2024-26021 | 2025-02-12 | Improper initialization in the firmware for some Intel(R) AMT and... |
| CVE-2023-43758 | 2025-02-12 | Improper input validation in UEFI firmware for some Intel(R) processors... |
| CVE-2023-34440 | 2025-02-12 | Improper input validation in UEFI firmware for some Intel(R) Processors... |
| CVE-2024-24582 | 2025-02-12 | Improper input validation in XmlCli feature for UEFI firmware for... |