CVE List - 2025 / February
Showing 3301 - 3400 of 3678 CVEs for February 2025 (Page 34 of 37)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2024-6810 | 2025-02-26 | Quiz Organizer <= 2.9.1 - Authenticated (Administrator+) Stored Cross-Site Scripting |
| CVE-2022-25773 | 2025-02-26 | Relative Path Traversal in assets file upload |
| CVE-2024-47053 | 2025-02-26 | Improper Authorization in Reporting API |
| CVE-2024-47051 | 2025-02-26 | Remote Code Execution & File Deletion in Asset Uploads |
| CVE-2025-26925 | 2025-02-26 | WordPress Admin Menu Manager plugin <= 1.0.3 - Cross Site Request Forgery (CSRF) vulnerability |
| CVE-2025-0719 | 2025-02-26 | IBM Cloud Pak for Data cross-site scripting |
| CVE-2025-1249 | 2025-02-26 | WordPress Events Manager plugin <= 6.6.4.1 - Broken Access Control vulnerability |
| CVE-2025-1716 | 2025-02-26 | picklescan - Security scanning bypass via 'pip main' |
| CVE-2022-49732 | 2025-02-26 | sock: redo the psock vs ULP protection check |
| CVE-2025-20111 | 2025-02-26 | Cisco Nexus 3000 and 9000 Series Switches Layer 2 Ethernet Denial of Service Vulnerability |
| CVE-2025-20116 | 2025-02-26 | Cisco Application Policy Infrastructure Controller Stored Cross-Site Scripting Vulnerability |
| CVE-2025-20117 | 2025-02-26 | Cisco Application Policy Infrastructure Controller Authenticated Command Injection Vulnerability |
| CVE-2025-20161 | 2025-02-26 | Cisco NX-OS Software Command Injection Vulnerability |
| CVE-2025-20118 | 2025-02-26 | Cisco Application Policy Infrastructure Controller Authenticated Command Injection Due to Sensitive Disclosure Vulnerability |
| CVE-2025-20119 | 2025-02-26 | Cisco Application Policy Infrastructure Controller Authenticated Local Denial of Service Vulnerability |
| CVE-2025-0941 | 2025-02-26 | MET ONE 3400+ Potential Credential Exposure |
| CVE-2025-1634 | 2025-02-26 | Io.quarkus:quarkus-resteasy: memory leak in quarkus resteasy classic when client requests timeout |
| CVE-2025-1726 | 2025-02-26 | [#BUG-000172669 ArcGIS Monitor has a security vulnerability] |
| CVE-2024-36046 | 2025-02-27 | Infoblox NIOS through 8.6.4 executes with more privileges than required. |
| CVE-2024-36047 | 2025-02-27 | Infoblox NIOS through 8.6.4 and 9.x through 9.0.3 has Improper... |
| CVE-2024-37566 | 2025-02-27 | Infoblox NIOS through 8.6.4 has Improper Authentication for Grids. |
| CVE-2024-37567 | 2025-02-27 | Infoblox NIOS through 8.6.4 has Improper Access Control for Grids. |
| CVE-2024-38290 | 2025-02-27 | In XIQ-SE before 24.2.11, a server misconfiguration may allow user... |
| CVE-2024-38291 | 2025-02-27 | In XIQ-SE before 24.2.11, a low-privileged user may be able... |
| CVE-2024-38292 | 2025-02-27 | In Extreme Networks XIQ-SE before 24.2.11, due to a missing... |
| CVE-2024-41334 | 2025-02-27 | Draytek devices Vigor 165/166 prior to v4.2.6 , Vigor 2620/LTE200... |
| CVE-2024-41335 | 2025-02-27 | Draytek devices Vigor 165/166 prior to v4.2.6 , Vigor 2620/LTE200... |
| CVE-2024-41336 | 2025-02-27 | Draytek devices Vigor 165/166 prior to v4.2.6 , Vigor 2620/LTE200... |
| CVE-2024-41338 | 2025-02-27 | A NULL pointer dereference in Draytek devices Vigor 165/166 prior... |
| CVE-2024-41339 | 2025-02-27 | An issue in the CGI endpoint used to upload configurations... |
| CVE-2024-41340 | 2025-02-27 | An issue in Draytek devices Vigor 165/166 prior to v4.2.6... |
| CVE-2024-51138 | 2025-02-27 | Vigor165/166 4.2.7 and earlier; Vigor2620/LTE200 3.9.8.9 and earlier; Vigor2860/2925 3.9.8... |
| CVE-2024-51139 | 2025-02-27 | Buffer Overflow vulnerability in Vigor2620/LTE200 3.9.8.9 and earlier and Vigor2860/2925... |
| CVE-2024-53408 | 2025-02-27 | AVE System Web Client v2.1.131.13992 was discovered to contain a... |
| CVE-2024-53944 | 2025-02-27 | An issue was discovered on Tuoshi/Dionlink LT15D 4G Wi-Fi devices... |
| CVE-2024-54957 | 2025-02-27 | Nagios XI 2024R1.2.2 is vulnerable to an open redirect flaw... |
| CVE-2024-55160 | 2025-02-27 | GFast between v2 to v3.2 was discovered to contain a... |
| CVE-2025-22952 | 2025-02-27 | elestio memos v0.23.0 is vulnerable to Server-Side Request Forgery (SSRF)... |
| CVE-2025-25323 | 2025-02-27 | An issue in Qianjin Network Information Technology (Shanghai) Co., Ltd... |
| CVE-2025-25324 | 2025-02-27 | An issue in Shandong Provincial Big Data Center AiShanDong iOS... |
| CVE-2025-25325 | 2025-02-27 | An issue in Yibin Fengguan Network Technology Co., Ltd YuPao... |
| CVE-2025-25326 | 2025-02-27 | An issue in Merchants Union Consumer Finance Company Limited Merchants... |
| CVE-2025-25329 | 2025-02-27 | An issue in Tencent Technology (Beijing) Company Limited Tencent MicroVision... |
| CVE-2025-25330 | 2025-02-27 | An issue in Boohee Technology Boohee Health iOS 13.0.13 allows... |
| CVE-2025-25331 | 2025-02-27 | An issue in Beitatong Technology LianJia iOS 9.83.50 allows attackers... |
| CVE-2025-25333 | 2025-02-27 | An issue in IKEA CN iOS 4.13.0 allows attackers to... |
| CVE-2025-25334 | 2025-02-27 | An issue in Suning Commerce Group Suning EMall iOS 9.5.198... |
| CVE-2025-25477 | 2025-02-27 | A host header injection vulnerability in SysPass 3.2x allows an... |
| CVE-2025-25570 | 2025-02-27 | Vue Vben Admin 2.10.1 allows unauthorized login to the backend... |
| CVE-2025-25727 | 2025-02-27 | Bosscomm IF740 Firmware versions:11001.7078 & v11001.0000 and System versions: 6.25... |
| CVE-2025-25728 | 2025-02-27 | Bosscomm IF740 Firmware versions:11001.7078 & v11001.0000 and System versions: 6.25... |
| CVE-2025-25729 | 2025-02-27 | An information disclosure vulnerability in Bosscomm IF740 Firmware versions:11001.7078 &... |
| CVE-2025-25730 | 2025-02-27 | An issue in Motorola Mobility Droid Razr HD (Model XT926)... |
| CVE-2025-25759 | 2025-02-27 | An issue in the component admin_template.php of SUCMS v1.0 allows... |
| CVE-2025-25760 | 2025-02-27 | A Server-Side Request Forgery (SSRF) in the component admin_webgather.php of... |
| CVE-2025-25761 | 2025-02-27 | HkCms v2.3.2.240702 was discovered to contain an arbitrary file write... |
| CVE-2025-26264 | 2025-02-27 | GeoVision GV-ASWeb with the version 6.1.2.0 or less (fixed in... |
| CVE-2025-26325 | 2025-02-27 | ShopXO 6.4.0 is vulnerable to File Upload in ThemeDataService.php. |
| CVE-2024-57953 | 2025-02-27 | rtc: tps6594: Fix integer overflow on 32bit systems |
| CVE-2024-57973 | 2025-02-27 | rdma/cxgb4: Prevent potential integer overflow on 32bit |
| CVE-2024-57974 | 2025-02-27 | udp: Deal with race between UDP socket address change and rehash |
| CVE-2024-57975 | 2025-02-27 | btrfs: do proper folio cleanup when run_delalloc_nocow() failed |
| CVE-2024-57976 | 2025-02-27 | btrfs: do proper folio cleanup when cow_file_range() failed |
| CVE-2024-57977 | 2025-02-27 | memcg: fix soft lockup in the OOM process |
| CVE-2024-57978 | 2025-02-27 | media: imx-jpeg: Fix potential error pointer dereference in detach_pm() |
| CVE-2024-57979 | 2025-02-27 | pps: Fix a use-after-free |
| CVE-2024-57980 | 2025-02-27 | media: uvcvideo: Fix double free in error path |
| CVE-2024-57981 | 2025-02-27 | usb: xhci: Fix NULL pointer dereference on certain command aborts |
| CVE-2024-57982 | 2025-02-27 | xfrm: state: fix out-of-bounds read during lookup |
| CVE-2024-57983 | 2025-02-27 | mailbox: th1520: Fix memory corruption due to incorrect array size |
| CVE-2024-57984 | 2025-02-27 | i3c: dw: Fix use-after-free in dw_i3c_master driver due to race condition |
| CVE-2024-57985 | 2025-02-27 | firmware: qcom: scm: Cleanup global '__scm' on probe failures |
| CVE-2024-57986 | 2025-02-27 | HID: core: Fix assumption that Resolution Multipliers must be in Logical Collections |
| CVE-2024-57987 | 2025-02-27 | Bluetooth: btrtl: check for NULL in btrtl_setup_realtek() |
| CVE-2024-57988 | 2025-02-27 | Bluetooth: btbcm: Fix NULL deref in btbcm_get_board_name() |
| CVE-2024-57989 | 2025-02-27 | wifi: mt76: mt7925: fix NULL deref check in mt7925_change_vif_links |
| CVE-2024-57990 | 2025-02-27 | wifi: mt76: mt7925: fix off by one in mt7925_load_clc() |
| CVE-2024-57991 | 2025-02-27 | wifi: rtw89: chan: fix soft lockup in rtw89_entity_recalc_mgnt_roles() |
| CVE-2024-57992 | 2025-02-27 | wifi: wilc1000: unregister wiphy only if it has been registered |
| CVE-2024-57993 | 2025-02-27 | HID: hid-thrustmaster: Fix warning in thrustmaster_probe by adding endpoint check |
| CVE-2024-57994 | 2025-02-27 | ptr_ring: do not block hard interrupts in ptr_ring_resize_multiple() |
| CVE-2024-57995 | 2025-02-27 | wifi: ath12k: fix read pointer after free in ath12k_mac_assign_vif_to_vdev() |
| CVE-2024-57996 | 2025-02-27 | net_sched: sch_sfq: don't allow 1 packet limit |
| CVE-2024-57997 | 2025-02-27 | wifi: wcn36xx: fix channel survey memory allocation size |
| CVE-2024-57998 | 2025-02-27 | OPP: add index check to assert to avoid buffer overflow in _read_freq() |
| CVE-2024-57999 | 2025-02-27 | powerpc/pseries/iommu: IOMMU incorrectly marks MMIO range in DDW |
| CVE-2024-58000 | 2025-02-27 | io_uring: prevent reg-wait speculations |
| CVE-2025-21705 | 2025-02-27 | mptcp: handle fastopen disconnect correctly |
| CVE-2025-21706 | 2025-02-27 | mptcp: pm: only set fullmesh for subflow endp |
| CVE-2025-21707 | 2025-02-27 | mptcp: consolidate suboption status |
| CVE-2025-21708 | 2025-02-27 | net: usb: rtl8150: enable basic endpoint checking |
| CVE-2025-21709 | 2025-02-27 | kernel: be more careful about dup_mmap() failures and uprobe registering |
| CVE-2025-21710 | 2025-02-27 | tcp: correct handling of extreme memory squeeze |
| CVE-2025-21711 | 2025-02-27 | net/rose: prevent integer overflows in rose_setsockopt() |
| CVE-2025-21712 | 2025-02-27 | md/md-bitmap: Synchronize bitmap_get_stats() with bitmap lifetime |
| CVE-2025-21713 | 2025-02-27 | powerpc/pseries/iommu: Don't unset window if it was never set |
| CVE-2025-21714 | 2025-02-27 | RDMA/mlx5: Fix implicit ODP use after free |
| CVE-2025-21715 | 2025-02-27 | net: davicom: fix UAF in dm9000_drv_remove |
| CVE-2025-21716 | 2025-02-27 | vxlan: Fix uninit-value in vxlan_vnifilter_dump() |
| CVE-2025-21717 | 2025-02-27 | net/mlx5e: add missing cpu_to_node to kvzalloc_node in mlx5e_open_xdpredirect_sq |