CVE List - 2025 / February

Showing 1601 - 1700 of 3678 CVEs for February 2025 (Page 17 of 37)

CVE ID Date Title
CVE-2024-4282 2025-02-14 Weak TLS Ciphers on Brocade SANnav OVA SSH port 22
CVE-2024-5462 2025-02-14 Brocade Fabric OS may capture SNMP Passwords in clear text
CVE-2025-26793 2025-02-15 The Web GUI configuration panel of Hirsch (formerly Identiv and...
CVE-2024-5461 2025-02-15 Command or parameter injection via unique embedded switch SNMP commands.
CVE-2025-0995 2025-02-15 Use after free in V8 in Google Chrome prior to...
CVE-2025-0996 2025-02-15 Inappropriate implementation in Browser UI in Google Chrome on Android...
CVE-2025-0997 2025-02-15 Use after free in Navigation in Google Chrome prior to...
CVE-2025-1302 2025-02-15 Versions of the package jsonpath-plus before 10.3.0 are vulnerable to...
CVE-2024-13208 2025-02-15 WP Google Map < 1.9.4 - Admin+ Stored XSS
CVE-2024-13306 2025-02-15 WP Google Map < 1.9.4 - Admin+ Stored XSS
CVE-2024-13513 2025-02-15 Oliver POS – A WooCommerce Point of Sale (POS) <= 2.4.2.3 - Sensitive Information Exposure to Privilege Escalation
CVE-2025-22209 2025-02-15 Extension - joomsky.com - SQL injection in JS jobs component version 1.1.5 - 1.4.3 for Joomla
CVE-2025-22208 2025-02-15 Extension - joomsky.com - SQL injection in JS jobs component version 1.1.5 - 1.4.3 for Joomla
CVE-2024-13563 2025-02-15 Front End Users <= 3.2.30 - Authenticated (Contributor+) Stored Cross-Site Scripting via forgot-password Shortcode
CVE-2025-0935 2025-02-15 Media Library Folders <= 8.3.0 - Missing Authorization to Plugin Settings Change
CVE-2024-13525 2025-02-15 Customer Email Verification for WooCommerce <= 2.9.4 - Authenticated (Contributor+) Sensitive Information Exposure
CVE-2025-1005 2025-02-15 ElementsKit Elementor addons <= 3.4.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Image Accordion Widget
CVE-2024-12562 2025-02-15 s2Member Pro <= 241216 - Unauthenticated PHP Object Injection
CVE-2024-13752 2025-02-15 WP Project Manager <= 2.6.17 - Missing Authorization to Authenticated (Subscriber+) Limited Arbitrary Options Update
CVE-2024-10581 2025-02-15 DirectoryPress Frontend <= 2.7.9 - Cross-Site Request Forgery to Listing Status Update
CVE-2024-13439 2025-02-15 Team – Team Members Showcase Plugin <= 4.4.9 - Missing Authorization to Authenticated (Subscriber+) Settings Update
CVE-2024-13500 2025-02-15 WP Project Manager <= 2.6.17 - Authenticated (Subscriber+) SQL Injection via orderby Parameter
CVE-2024-13488 2025-02-15 LTL Freight Quotes – Estes Edition <= 3.3.7 - Unauthenticated SQL Injection
CVE-2025-0822 2025-02-15 Bit Assist <= 1.5.2 - Path Traversal to Authenticated (Subscriber+) Arbitrary File Read via fileID Parameter
CVE-2024-13834 2025-02-15 Responsive Plus – Starter Templates, Advanced Features and Customizer Settings for Responsive Theme <= 3.1.4 - Authenticated (Contributor+) Blind Server-Side Request Forgery via remote_request
CVE-2024-57970 2025-02-16 libarchive through 3.7.7 has a heap-based buffer over-read in header_gnu_longlink...
CVE-2024-57971 2025-02-16 DataSourceResource.java in the SpagoBI API support in Knowage Server in...
CVE-2025-1332 2025-02-16 FastCMS Template Menu menu cross site scripting
CVE-2025-1335 2025-02-16 CmsEasy file_admin.php deleteimg_action path traversal
CVE-2025-1336 2025-02-16 CmsEasy image_admin.php deleteimg_action path traversal
CVE-2025-1337 2025-02-16 Eastnets PaymentSafe BIC Search cross site scripting
CVE-2025-1338 2025-02-16 NUUO Camera handle_config.php print_file command injection
CVE-2025-1339 2025-02-16 TOTOLINK X18 cstecgi.cgi setL2tpdConfig os command injection
CVE-2025-1340 2025-02-16 TOTOLINK X18 cstecgi.cgi setPasswordCfg stack-based overflow
CVE-2025-1341 2025-02-16 PMWeb Setting weak password
CVE-2025-1352 2025-02-16 GNU elfutils eu-readelf libdw_alloc.c __libdw_thread_tail memory corruption
CVE-2025-1353 2025-02-16 Kong Insomnia profapi.dll untrusted search path
CVE-2025-1354 2025-02-16 A cross-site scripting (XSS) vulnerability in the RT-N10E/ RT-N12E 2.0.0.x...
CVE-2025-1355 2025-02-16 needyamin Library Card System Add Picture signup.php unrestricted upload
CVE-2025-1356 2025-02-16 needyamin Library Card System card.php sql injection
CVE-2025-1357 2025-02-16 Seventh D-Guard HTTP GET Request path traversal
CVE-2025-1358 2025-02-16 Pix Software Vivaz cross-site request forgery
CVE-2025-1359 2025-02-16 SIAM Industria de Automação e Monitoramento qrcode.jsp cross site scripting
CVE-2025-1360 2025-02-16 Internet Web Solutions Sublime CRM HTTP POST Request inicio.php cross site scripting
CVE-2024-44044 2025-02-16 WordPress Oshine Modules plugin < 3.3.8 - Reflected Cross Site Scripting (XSS) vulnerability
CVE-2025-22284 2025-02-16 WordPress LTL Freight Quotes – Unishippers Edition plugin <= 2.5.8 - Reflected Cross Site Scripting (XSS) vulnerability
CVE-2025-22286 2025-02-16 WordPress LTL Freight Quotes – Worldwide Express Edition plugin <= 5.0.21 - Reflected Cross Site Scripting (XSS) vulnerability
CVE-2025-22289 2025-02-16 WordPress LTL Freight Quotes – Unishippers Edition plugin <= 2.5.8 - Broken Access Control vulnerability
CVE-2025-22290 2025-02-16 WordPress LTL Freight Quotes – FreightQuote Edition Plugin <= 2.3.11 - SQL Injection vulnerability
CVE-2025-22291 2025-02-16 WordPress LTL Freight Quotes – Worldwide Express Edition plugin <= 5.0.20 - Arbitrary Content Deletion vulnerability
CVE-2025-22676 2025-02-16 WordPress Upcasted S3 Offload plugin <= 3.0.3 - Cross Site Scripting (XSS) vulnerability
CVE-2025-22680 2025-02-16 WordPress Ad Inserter Pro plugin <= 2.7.39 - Reflected Cross Site Scripting (XSS) vulnerability
CVE-2025-22689 2025-02-16 WordPress Forex Calculators plugin <= 1.3.6 - Cross Site Scripting (XSS) vulnerability
CVE-2025-23975 2025-02-16 WordPress Botnet Attack Blocker plugin <= 2.0.0 - Cross Site Scripting (XSS) vulnerability
CVE-2025-26755 2025-02-16 WordPress WP Airbnb Review Slider Plugin <= 3.9 - SQL Injection vulnerability
CVE-2025-26759 2025-02-16 WordPress Content Snippet Manager plugin <= 1.1.5 - CSRF to Stored XSS vulnerability
CVE-2025-26761 2025-02-16 WordPress Easy Elementor Addons plugin <= 2.1.5 - Cross Site Scripting (XSS) vulnerability
CVE-2025-26765 2025-02-16 WordPress Distance Based Shipping Calculator plugin <= 2.0.22 - Broken Access Control vulnerability
CVE-2025-26766 2025-02-16 WordPress Leyka plugin <= 3.31.8 - Cross Site Scripting (XSS) vulnerability
CVE-2025-26767 2025-02-16 WordPress Qubely – Advanced Gutenberg Blocks plugin <= 1.8.12 - Cross Site Scripting (XSS) vulnerability
CVE-2025-26768 2025-02-16 WordPress what3words Address Field plugin <= 4.0.15 - CSRF to Stored XSS vulnerability
CVE-2025-26779 2025-02-16 WordPress Keep Backup Daily plugin <= 2.1.0 - Arbitrary File Download vulnerability
CVE-2025-1364 2025-02-16 MicroWord eScan Antivirus USB Protection Service passPrompt stack-based overflow
CVE-2025-1365 2025-02-16 GNU elfutils eu-readelf readelf.c process_symtab buffer overflow
CVE-2025-0591 2025-02-16 Out-of-bounds Read vulnerability in CX-Programmer
CVE-2024-25066 2025-02-17 RSA Authentication Manager before 8.7 SP2 Patch 1 allows XML...
CVE-2025-1366 2025-02-17 MicroWord eScan Antivirus VirusPopUp strcpy stack-based overflow
CVE-2025-1367 2025-02-17 MicroWord eScan Antivirus USB Password sprintf buffer overflow
CVE-2025-1368 2025-02-17 MicroWord eScan Antivirus mwav.conf ReadConfiguration buffer overflow
CVE-2025-1369 2025-02-17 MicroWord eScan Antivirus USB Password os command injection
CVE-2025-1370 2025-02-17 MicroWorld eScan Antivirus Autoscan USB epsdaemon sprintf os command injection
CVE-2025-1371 2025-02-17 GNU elfutils eu-read readelf.c handle_dynamic_symtab null pointer dereference
CVE-2025-26700 2025-02-17 Authentication bypass using an alternate path or channel issue exists...
CVE-2025-1372 2025-02-17 GNU elfutils eu-readelf readelf.c print_string_section buffer overflow
CVE-2025-1373 2025-02-17 FFmpeg MOV Parser mov.c mov_read_trak null pointer dereference
CVE-2025-1387 2025-02-17 Learning Digital Orca HCM - Improper Authentication
CVE-2025-1388 2025-02-17 Learning Digital Orca HCM - Arbitrary File Upload
CVE-2025-1374 2025-02-17 code-projects Real Estate Property Management System search.php sql injection
CVE-2025-1389 2025-02-17 Learning Digital Orca HCM - SQL Injection
CVE-2025-0924 2025-02-17 WP Activity Log <= 5.2.2 - Unauthenticated Stored Cross-Site Scripting
CVE-2025-1376 2025-02-17 GNU elfutils eu-strip elf_strptr.c elf_strptr denial of service
CVE-2025-1377 2025-02-17 GNU elfutils eu-strip strip.c gelf_getsymshndx denial of service
CVE-2024-13603 2025-02-17 Wise Forms <= 1.2.0 - Unauthenticated Stored XSS
CVE-2024-13608 2025-02-17 Track Logins <= 1.0 - Admin+ SQL Injection
CVE-2024-13625 2025-02-17 Tube Video Ads Lite <= 1.5.7 - Reflected XSS
CVE-2024-13626 2025-02-17 VR Frases <= 3.0.1 - Reflected XSS
CVE-2024-13627 2025-02-17 WP Touch Slider <= 2.2 - Reflected XSS
CVE-2025-1378 2025-02-17 radare2 rasm2 rasm2.c memory corruption
CVE-2024-13726 2025-02-17 Themes Coder <= 1.3.4 - Unauthenticated SQLi
CVE-2024-47935 2025-02-17 TXOne Networks StellarProtect (Legacy Mode), StellarEnforce, and Safe Lock Improper Validation of Integrity Check Value Vulnerability
CVE-2025-1379 2025-02-17 code-projects Real Estate Property Management System CustomerReport.php sql injection
CVE-2025-1380 2025-02-17 Codezips Gym Management System del_plan.php sql injection
CVE-2025-1381 2025-02-17 code-projects Real Estate Property Management System ajax_city.php sql injection
CVE-2025-0001 2025-02-17 authenticated arbitrary file read vulnerability
CVE-2025-26754 2025-02-17 WordPress Timeline Block plugin <= 1.1.1 - Cross Site Scripting (XSS) vulnerability
CVE-2025-26758 2025-02-17 WordPress Spotlight Social Feeds plugin <= 1.7.1 - Sensitive Data Exposure vulnerability
CVE-2025-26769 2025-02-17 WordPress Vertex Addons for Elementor plugin <= 1.2.0 - Cross Site Scripting (XSS) vulnerability
CVE-2025-26770 2025-02-17 WordPress Waymark plugin <= 1.5.0 - Cross Site Scripting (XSS) vulnerability
CVE-2025-26771 2025-02-17 WordPress SKT Blocks plugin <= 1.7 - Cross Site Scripting (XSS) vulnerability
CVE-2025-26772 2025-02-17 WordPress DethemeKit For Elementor plugin <= 2.1.8 - Cross Site Scripting (XSS) vulnerability