CVE List - 2025 / February
Showing 501 - 600 of 3678 CVEs for February 2025 (Page 6 of 37)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2024-36555 | 2025-02-06 | Built-in SMS-configuration command in Forever KidsWatch Call Me KW50 R36_YDR_A3PW_GM7S_V1.0_2019_07_15_16.19.24_cob_h... |
| CVE-2024-36556 | 2025-02-06 | Forever KidsWatch Call Me KW50 R36_YDR_A3PW_GM7S_V1.0_2019_07_15_16.19.24_cob_h, and Forever KidsWatch Call... |
| CVE-2024-36557 | 2025-02-06 | The device ID is based on IMEI in Forever KidsWatch... |
| CVE-2024-36558 | 2025-02-06 | Forever KidsWatch Call Me KW-50 R36_YDR_A3PW_GM7S_V1.0_2019_07_15_16.19.24_cob_h suffers from Cleartext Transmission... |
| CVE-2024-39033 | 2025-02-06 | In Newgensoft OmniDocs 11.0_SP1_03_006, Insecure Direct Object Reference (IDOR) in... |
| CVE-2024-48589 | 2025-02-06 | Cross Site Scripting vulnerability in Gilnei Moraes phpABook v.0.9 allows... |
| CVE-2024-53586 | 2025-02-06 | An issue in the relPath parameter of WebFileSys version 2.31.0... |
| CVE-2024-54909 | 2025-02-06 | A vulnerability has been identified in GoldPanKit eva-server v4.1.0. It... |
| CVE-2024-55241 | 2025-02-06 | An issue in deep-diver LLM-As-Chatbot before commit 99c2c03 allows a... |
| CVE-2024-56889 | 2025-02-06 | Incorrect access control in the endpoint /admin/m_delete.php of CodeAstro Complaint... |
| CVE-2024-57392 | 2025-02-06 | Buffer Overflow vulnerability in Proftpd commit 4017eff8 allows a remote... |
| CVE-2024-57426 | 2025-02-06 | NetMod VPN Client 5.3.1 is vulnerable to DLL injection, allowing... |
| CVE-2024-57427 | 2025-02-06 | PHPJabbers Cinema Booking System v2.0 is vulnerable to reflected cross-site... |
| CVE-2024-57428 | 2025-02-06 | A stored cross-site scripting (XSS) vulnerability in PHPJabbers Cinema Booking... |
| CVE-2024-57429 | 2025-02-06 | A cross-site request forgery (CSRF) vulnerability in the pjActionUpdate function... |
| CVE-2024-57430 | 2025-02-06 | An SQL injection vulnerability in the pjActionGetUser function of PHPJabbers... |
| CVE-2024-57523 | 2025-02-06 | Cross Site Request Forgery (CSRF) in Users.php in SourceCodester Packers... |
| CVE-2024-57599 | 2025-02-06 | Cross Site Scripting vulnerability in DouPHP v.1.8 Release 20231203 allows... |
| CVE-2024-57609 | 2025-02-06 | An issue in Kanaries Inc Pygwalker before v.0.4.9.9 allows a... |
| CVE-2024-57610 | 2025-02-06 | A rate limiting issue in Sylius v2.0.2 allows a remote... |
| CVE-2024-57668 | 2025-02-06 | In Code-projects Shopping Portal v1.0, the insert-product.php page has an... |
| CVE-2024-57672 | 2025-02-06 | An issue in floodlight v1.2 allows a local attacker to... |
| CVE-2024-57673 | 2025-02-06 | An issue in floodlight v1.2 allows a local attacker to... |
| CVE-2025-22936 | 2025-02-06 | An issue in Smartcom Bulgaria AD Smartcom Ralink CPE/WiFi router... |
| CVE-2025-22992 | 2025-02-06 | A SQL Injection vulnerability exists in the /feed/insert.json endpoint of... |
| CVE-2025-23093 | 2025-02-06 | The Platform component of Mitel OpenScape 4000 and OpenScape 4000... |
| CVE-2025-23094 | 2025-02-06 | The Platform component of Mitel OpenScape 4000 and OpenScape 4000... |
| CVE-2024-49814 | 2025-02-06 | IBM Security Verify Access Appliance Privilege Escalation |
| CVE-2024-51450 | 2025-02-06 | IBM Security Verify Directory Command Execution |
| CVE-2025-0799 | 2025-02-06 | IBM App Connect Enterprise Arbitrary File Write |
| CVE-2024-51547 | 2025-02-06 | Credentials Disclosure - keys |
| CVE-2025-0522 | 2025-02-06 | LikeBot – Decentralized like-system <= 0.85 - Admin+ Stored XSS via CSRF |
| CVE-2024-13487 | 2025-02-06 | CURCY – Multi Currency for WooCommerce <= 2.2.5 - Unauthenticated Arbitrary Shortcode Execution via get_products_price Function |
| CVE-2025-22890 | 2025-02-06 | Execution with unnecessary privileges issue exists in Defense Platform Home... |
| CVE-2025-22894 | 2025-02-06 | Unprotected Windows messaging channel ('Shatter') issue exists in Defense Platform... |
| CVE-2025-20094 | 2025-02-06 | Unprotected Windows messaging channel ('Shatter') issue exists in Defense Platform... |
| CVE-2025-23236 | 2025-02-06 | Buffer overflow vulnerability exists in Defense Platform Home Edition Ver.3.9.51.x... |
| CVE-2025-24483 | 2025-02-06 | NULL pointer dereference vulnerability exists in Defense Platform Home Edition... |
| CVE-2025-24845 | 2025-02-06 | Improper neutralization of argument delimiters in a command ('Argument Injection')... |
| CVE-2025-0859 | 2025-02-06 | Post and Page Builder by BoldGrid <= 1.27.6 - Path Traversal to Authenticated (Contributor+) Arbitrary File Read via template_via_url Function |
| CVE-2024-45626 | 2025-02-06 | Apache James: denial of service through JMAP HTML to text conversion |
| CVE-2024-37358 | 2025-02-06 | Apache James: denial of service through the use of IMAP literals |
| CVE-2025-0982 | 2025-02-06 | Sandbox Escape in Google Cloud Application Integration's JavaScript Task (Rhino Engine) |
| CVE-2024-57954 | 2025-02-06 | Permission verification vulnerability in the media library module Impact: Successful... |
| CVE-2024-57955 | 2025-02-06 | Arbitrary write vulnerability in the Gallery module Impact: Successful exploitation... |
| CVE-2024-57956 | 2025-02-06 | Out-of-bounds read vulnerability in the interpreter string module Impact: Successful... |
| CVE-2024-57957 | 2025-02-06 | Vulnerability of improper log information control in the UI framework... |
| CVE-2024-12602 | 2025-02-06 | Identity verification vulnerability in the ParamWatcher module Impact: Successful exploitation... |
| CVE-2024-57958 | 2025-02-06 | Out-of-bounds array read vulnerability in the FFRT module Impact: Successful... |
| CVE-2024-57959 | 2025-02-06 | Use-After-Free (UAF) vulnerability in the display module Impact: Successful exploitation... |
| CVE-2024-57960 | 2025-02-06 | Input verification vulnerability in the ExternalStorageProvider module Impact: Successful exploitation... |
| CVE-2024-57961 | 2025-02-06 | Out-of-bounds write vulnerability in the emcom module Impact: Successful exploitation... |
| CVE-2024-57962 | 2025-02-06 | Vulnerability of incomplete verification information in the VPN service module... |
| CVE-2025-1076 | 2025-02-06 | Stored Cross-Site Scripting vulnerability in Holded |
| CVE-2024-24911 | 2025-02-06 | Out of Bounds read in the CPCA process on Check Point Management Server |
| CVE-2025-1074 | 2025-02-06 | Webkul QloApps URL mylogout cross-site request forgery |
| CVE-2023-5878 | 2025-02-06 | OneWireless command injection possible when updating firmware |
| CVE-2022-31764 | 2025-02-06 | Apache ShardingSphere ElasticJob-UI allows RCE via event trace data source JDBC |
| CVE-2025-0994 | 2025-02-06 | Trimble Cityworks versions prior to 15.8.9 and Cityworks with office... |
| CVE-2024-13614 | 2025-02-06 | Kaspersky has fixed a security issue in Kaspersky Anti-Virus SDK... |
| CVE-2024-43779 | 2025-02-06 | An information disclosure vulnerability exists in the Vault API functionality... |
| CVE-2024-39272 | 2025-02-06 | A cross-site scripting (xss) vulnerability exists in the dataset upload... |
| CVE-2025-22866 | 2025-02-06 | Timing sidechannel for P-256 on ppc64le in crypto/internal/nistec |
| CVE-2025-1078 | 2025-02-06 | AppHouseKitchen AlDente Charge Limiter XPC Service com.apphousekitchen.aldente-pro.helper shouldAcceptNewConnection improper authorization |
| CVE-2025-22867 | 2025-02-06 | Arbitrary code execution during build on darwin in cmd/go |
| CVE-2025-24981 | 2025-02-06 | Parsed HTML anchor links in Markdown provided to parseMarkdown can result in XSS in @nuxtjs/mdc |
| CVE-2025-23217 | 2025-02-06 | Mitmweb API Authentication Bypass Using Proxy Server |
| CVE-2025-24787 | 2025-02-06 | Parameter injection in DB connection URIs leading to local file inclusion in WhoDB |
| CVE-2025-24786 | 2025-02-06 | Path traversal opening Sqlite3 database in WhoDB |
| CVE-2024-13416 | 2025-02-06 | Using API in the 2N OS device, authorized user can... |
| CVE-2024-13417 | 2025-02-06 | Specifically crafted payloads sent to the RFID reader could cause... |
| CVE-2024-47256 | 2025-02-06 | Successful exploitation of this vulnerability could allow an attacker (who... |
| CVE-2024-47258 | 2025-02-06 | 2N Access Commander version 2.1 and prior is vulnerable in... |
| CVE-2024-52892 | 2025-02-06 | IBM Jazz for Service Management Cross-Site Scripting |
| CVE-2024-54171 | 2025-02-06 | IBM EntireX XML external entity injection |
| CVE-2024-56467 | 2025-02-06 | IBM EntireX information disclosure |
| CVE-2025-1081 | 2025-02-06 | Bharti Airtel Xstream Fiber WiFi Password weak credentials |
| CVE-2025-0158 | 2025-02-06 | IBM EntireX denial of service |
| CVE-2025-1004 | 2025-02-06 | Certain HP LaserJet Pro Printers – Potential Denial of Service |
| CVE-2025-1082 | 2025-02-06 | Mindskip xzs-mysql 学之思开源考试系统 Exam Edit edit cross site scripting |
| CVE-2025-21404 | 2025-02-06 | Microsoft Edge (Chromium-based) Spoofing Vulnerability |
| CVE-2025-21267 | 2025-02-06 | Microsoft Edge (Chromium-based) Spoofing Vulnerability |
| CVE-2025-21279 | 2025-02-06 | Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability |
| CVE-2025-21177 | 2025-02-06 | Microsoft Dynamics 365 Sales Elevation of Privilege Vulnerability |
| CVE-2025-21253 | 2025-02-06 | Microsoft Edge for IOS and Android Spoofing Vulnerability |
| CVE-2025-21283 | 2025-02-06 | Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability |
| CVE-2025-21408 | 2025-02-06 | Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability |
| CVE-2025-21342 | 2025-02-06 | Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability |
| CVE-2025-1083 | 2025-02-06 | Mindskip xzs-mysql 学之思开源考试系统 CORS cross-domain policy |
| CVE-2025-1084 | 2025-02-06 | Mindskip xzs-mysql 学之思开源考试系统 cross-site request forgery |
| CVE-2025-0674 | 2025-02-06 | Elber Communications Equipment Authentication Bypass Using an Alternate Path or Channel |
| CVE-2025-0675 | 2025-02-06 | Elber Communications Equipment Hidden Functionality |
| CVE-2024-35106 | 2025-02-07 | NEXTU FLETA AX1500 WIFI6 v1.0.3 was discovered to contain a... |
| CVE-2024-48091 | 2025-02-07 | Tally Prime Edit Log v2.1 was discovered to contain a... |
| CVE-2024-52881 | 2025-02-07 | An issue was discovered in AudioCodes One Voice Operations Center... |
| CVE-2024-52882 | 2025-02-07 | An issue was discovered in AudioCodes One Voice Operations Center... |
| CVE-2024-52883 | 2025-02-07 | An issue was discovered in AudioCodes One Voice Operations Center... |
| CVE-2024-52884 | 2025-02-07 | An issue was discovered in AudioCodes Mediant Session Border Controller... |
| CVE-2024-55213 | 2025-02-07 | Directory Traversal vulnerability in dhtmlxFileExplorer v.8.4.6 allows a remote attacker... |
| CVE-2024-55214 | 2025-02-07 | Local File Inclusion vulnerability in dhtmlxFileExplorer v.8.4.6 allows a remote... |