CVE List - 2025 / February
Showing 901 - 1000 of 3678 CVEs for February 2025 (Page 10 of 37)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2024-10644 | 2025-02-11 | Code injection in Ivanti Connect Secure before version 22.7R2.4 and... |
| CVE-2024-12058 | 2025-02-11 | External control of a file name in Ivanti Connect Secure... |
| CVE-2024-13830 | 2025-02-11 | Reflected XSS in Ivanti Connect Secure before version 22.7R2.6 and... |
| CVE-2024-13842 | 2025-02-11 | A hardcoded key in Ivanti Connect Secure before version 22.7R2.3... |
| CVE-2024-13843 | 2025-02-11 | Cleartext storage of information in Ivanti Connect Secure before version... |
| CVE-2024-13813 | 2025-02-11 | Insufficient permissions in Ivanti Secure Access Client before version 22.8R1... |
| CVE-2025-24807 | 2025-02-11 | Fast DDS does not verify Permissions CA |
| CVE-2025-24900 | 2025-02-11 | Concorde CSRF vulnerability due to insecure configuration of authentication cookie attributes |
| CVE-2025-24973 | 2025-02-11 | Concorde not removing authentication tokens after logging out |
| CVE-2025-24976 | 2025-02-11 | Distribution's token authentication allows attacker to inject an untrusted signing key in a JWT |
| CVE-2024-12797 | 2025-02-11 | RFC7250 handshakes with unauthenticated servers don't abort as expected |
| CVE-2025-24470 | 2025-02-11 | An Improper Resolution of Path Equivalence vulnerability [CWE-41] in FortiPortal... |
| CVE-2024-50569 | 2025-02-11 | A improper neutralization of special elements used in an os... |
| CVE-2024-52968 | 2025-02-11 | An improper authentication in Fortinet FortiClientMac 7.0.11 through 7.2.4 allows... |
| CVE-2024-52966 | 2025-02-11 | An exposure of sensitive information to an unauthorized actor in... |
| CVE-2024-40591 | 2025-02-11 | An incorrect privilege assignment vulnerability [CWE-266] in Fortinet FortiOS version... |
| CVE-2024-35279 | 2025-02-11 | A stack-based buffer overflow [CWE-121] vulnerability in Fortinet FortiOS version... |
| CVE-2024-33504 | 2025-02-11 | A use of hard-coded cryptographic key to encrypt sensitive data... |
| CVE-2024-50567 | 2025-02-11 | An improper neutralization of special elements used in an os... |
| CVE-2023-40721 | 2025-02-11 | A use of externally-controlled format string vulnerability [CWE-134] in Fortinet... |
| CVE-2024-40586 | 2025-02-11 | An Improper Access Control vulnerability [CWE-284] in FortiClient Windows version... |
| CVE-2024-36508 | 2025-02-11 | An improper limitation of a pathname to a restricted directory... |
| CVE-2024-40584 | 2025-02-11 | An improper neutralization of special elements used in an OS... |
| CVE-2024-27781 | 2025-02-11 | An improper neutralization of input during web page generation ('cross-site... |
| CVE-2024-27780 | 2025-02-11 | Multiple Improper Neutralization of Input During Web Page Generation ('Cross-site... |
| CVE-2025-22399 | 2025-02-11 | Dell UCC Edge, version 2.3.0, contains a Blind SSRF on... |
| CVE-2025-1126 | 2025-02-11 | Lexmark has identified a vulnerability in our Lexmark Print Management Client (LPMC). |
| CVE-2025-24472 | 2025-02-11 | An Authentication Bypass Using an Alternate Path or Channel vulnerability... |
| CVE-2024-12755 | 2025-02-11 | Avaya Spaces XSS Vulnerability |
| CVE-2024-12756 | 2025-02-11 | Avaya Spaces HTML injection (HTMLi) Vulnerability |
| CVE-2025-21124 | 2025-02-11 | InDesign Desktop | Out-of-bounds Read (CWE-125) |
| CVE-2025-21121 | 2025-02-11 | InDesign Desktop | Out-of-bounds Write (CWE-787) |
| CVE-2025-21157 | 2025-02-11 | InDesign Desktop | Out-of-bounds Write (CWE-787) |
| CVE-2025-21123 | 2025-02-11 | InDesign Desktop | Heap-based Buffer Overflow (CWE-122) |
| CVE-2025-21125 | 2025-02-11 | InDesign Desktop | NULL Pointer Dereference (CWE-476) |
| CVE-2025-21158 | 2025-02-11 | InDesign Desktop | Integer Underflow (Wrap or Wraparound) (CWE-191) |
| CVE-2025-21126 | 2025-02-11 | InDesign Desktop | Improper Input Validation (CWE-20) |
| CVE-2025-21155 | 2025-02-11 | Substance3D - Stager | NULL Pointer Dereference (CWE-476) |
| CVE-2025-21156 | 2025-02-11 | InCopy | Integer Underflow (Wrap or Wraparound) (CWE-191) |
| CVE-2019-15002 | 2025-02-11 | An exploitable CSRF vulnerability exists in Atlassian Jira, from versions... |
| CVE-2025-21159 | 2025-02-11 | Illustrator | Use After Free (CWE-416) |
| CVE-2025-21163 | 2025-02-11 | Illustrator | Stack-based Buffer Overflow (CWE-121) |
| CVE-2025-21160 | 2025-02-11 | Illustrator | Integer Underflow (Wrap or Wraparound) (CWE-191) |
| CVE-2025-21161 | 2025-02-11 | Substance3D - Designer | Out-of-bounds Write (CWE-787) |
| CVE-2025-26494 | 2025-02-11 | Server Side Request Forgery vulnerability in Tableau Server |
| CVE-2025-21162 | 2025-02-11 | Photoshop Elements | Creation of Temporary File in Directory with Incorrect Permissions (CWE-379) |
| CVE-2025-24435 | 2025-02-11 | Adobe Commerce | Improper Access Control (CWE-284) |
| CVE-2025-24408 | 2025-02-11 | Adobe Commerce | Information Exposure (CWE-200) |
| CVE-2025-24410 | 2025-02-11 | Adobe Commerce | Cross-site Scripting (Stored XSS) (CWE-79) |
| CVE-2025-24428 | 2025-02-11 | Adobe Commerce | Cross-site Scripting (Stored XSS) (CWE-79) |
| CVE-2025-24426 | 2025-02-11 | Adobe Commerce | Improper Access Control (CWE-284) |
| CVE-2025-24427 | 2025-02-11 | Adobe Commerce | Improper Access Control (CWE-284) |
| CVE-2025-24412 | 2025-02-11 | Adobe Commerce | Cross-site Scripting (Stored XSS) (CWE-79) |
| CVE-2025-24421 | 2025-02-11 | Adobe Commerce | Incorrect Authorization (CWE-863) |
| CVE-2025-24425 | 2025-02-11 | Adobe Commerce | Business Logic Errors (CWE-840) |
| CVE-2025-24409 | 2025-02-11 | Adobe Commerce | Incorrect Authorization (CWE-863) |
| CVE-2025-24417 | 2025-02-11 | Adobe Commerce | Cross-site Scripting (Stored XSS) (CWE-79) |
| CVE-2025-24406 | 2025-02-11 | Adobe Commerce | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CWE-22) |
| CVE-2025-24418 | 2025-02-11 | Adobe Commerce | Improper Authorization (CWE-285) |
| CVE-2025-24423 | 2025-02-11 | Adobe Commerce | Improper Access Control (CWE-284) |
| CVE-2025-24438 | 2025-02-11 | Adobe Commerce | Cross-site Scripting (Stored XSS) (CWE-79) |
| CVE-2025-24407 | 2025-02-11 | Adobe Commerce | Incorrect Authorization (CWE-863) |
| CVE-2025-24436 | 2025-02-11 | Adobe Commerce | Incorrect Authorization (CWE-863) |
| CVE-2025-24429 | 2025-02-11 | Adobe Commerce | Improper Access Control (CWE-284) |
| CVE-2025-24430 | 2025-02-11 | Adobe Commerce | Time-of-check Time-of-use (TOCTOU) Race Condition (CWE-367) |
| CVE-2025-24424 | 2025-02-11 | Adobe Commerce | Improper Access Control (CWE-284) |
| CVE-2025-24432 | 2025-02-11 | Adobe Commerce | Time-of-check Time-of-use (TOCTOU) Race Condition (CWE-367) |
| CVE-2025-24419 | 2025-02-11 | Adobe Commerce | Incorrect Authorization (CWE-863) |
| CVE-2025-24413 | 2025-02-11 | Adobe Commerce | Cross-site Scripting (Stored XSS) (CWE-79) |
| CVE-2025-24420 | 2025-02-11 | Adobe Commerce | Incorrect Authorization (CWE-863) |
| CVE-2025-24416 | 2025-02-11 | Adobe Commerce | Cross-site Scripting (Stored XSS) (CWE-79) |
| CVE-2025-24411 | 2025-02-11 | Adobe Commerce | Improper Access Control (CWE-284) |
| CVE-2025-24415 | 2025-02-11 | Adobe Commerce | Cross-site Scripting (Stored XSS) (CWE-79) |
| CVE-2025-24434 | 2025-02-11 | Adobe Commerce | Incorrect Authorization (CWE-863) |
| CVE-2025-24437 | 2025-02-11 | Adobe Commerce | Incorrect Authorization (CWE-863) |
| CVE-2025-24414 | 2025-02-11 | Adobe Commerce | Cross-site Scripting (Stored XSS) (CWE-79) |
| CVE-2025-24422 | 2025-02-11 | Adobe Commerce | Improper Access Control (CWE-284) |
| CVE-2025-26495 | 2025-02-11 | Sensitive Data Exposure in Tableau Server |
| CVE-2025-21188 | 2025-02-11 | Azure Network Watcher VM Extension Elevation of Privilege Vulnerability |
| CVE-2025-21206 | 2025-02-11 | Visual Studio Installer Elevation of Privilege Vulnerability |
| CVE-2025-21351 | 2025-02-11 | Windows Active Directory Domain Services API Denial of Service Vulnerability |
| CVE-2025-21352 | 2025-02-11 | Internet Connection Sharing (ICS) Denial of Service Vulnerability |
| CVE-2025-21368 | 2025-02-11 | Microsoft Digest Authentication Remote Code Execution Vulnerability |
| CVE-2025-21369 | 2025-02-11 | Microsoft Digest Authentication Remote Code Execution Vulnerability |
| CVE-2025-21375 | 2025-02-11 | Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability |
| CVE-2025-21376 | 2025-02-11 | Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability |
| CVE-2025-21379 | 2025-02-11 | DHCP Client Service Remote Code Execution Vulnerability |
| CVE-2025-21383 | 2025-02-11 | Microsoft Excel Information Disclosure Vulnerability |
| CVE-2025-21182 | 2025-02-11 | Windows Resilient File System (ReFS) Deduplication Service Elevation of Privilege Vulnerability |
| CVE-2025-21183 | 2025-02-11 | Windows Resilient File System (ReFS) Deduplication Service Elevation of Privilege Vulnerability |
| CVE-2025-21391 | 2025-02-11 | Windows Storage Elevation of Privilege Vulnerability |
| CVE-2025-21418 | 2025-02-11 | Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability |
| CVE-2025-21419 | 2025-02-11 | Windows Setup Files Cleanup Elevation of Privilege Vulnerability |
| CVE-2025-21420 | 2025-02-11 | Windows Disk Cleanup Tool Elevation of Privilege Vulnerability |
| CVE-2025-24036 | 2025-02-11 | Microsoft AutoUpdate (MAU) Elevation of Privilege Vulnerability |
| CVE-2025-24039 | 2025-02-11 | Visual Studio Code Elevation of Privilege Vulnerability |
| CVE-2025-21259 | 2025-02-11 | Microsoft Outlook Spoofing Vulnerability |
| CVE-2025-21194 | 2025-02-11 | Microsoft Surface Security Feature Bypass Vulnerability |
| CVE-2025-21208 | 2025-02-11 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability |
| CVE-2025-21406 | 2025-02-11 | Windows Telephony Service Remote Code Execution Vulnerability |