CVE List - 2025 / March
Showing 1801 - 1900 of 4018 CVEs for March 2025 (Page 19 of 41)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2025-25650 | 2025-03-17 | An issue in the storage of NFC card data in... |
| CVE-2025-25684 | 2025-03-17 | A lack of validation in the path parameter (/download) of... |
| CVE-2025-25685 | 2025-03-17 | An issue was discovered in GL-INet Beryl AX GL-MT3000 v4.7.0.... |
| CVE-2025-25914 | 2025-03-17 | SQL injection vulnerability in Online Exam Mastering System v.1.0 allows... |
| CVE-2025-26042 | 2025-03-17 | Uptime Kuma >== 1.23.0 has a ReDoS vulnerability, specifically when... |
| CVE-2025-26125 | 2025-03-17 | An exposed ioctl in the IMFForceDelete driver of IObit Malware... |
| CVE-2025-26127 | 2025-03-17 | A stored cross-site scripting (XSS) vulnerability in the Send for... |
| CVE-2025-29425 | 2025-03-17 | Code-projects Online Class and Exam Scheduling System 1.0 is vulnerable... |
| CVE-2025-29426 | 2025-03-17 | Code-projects Online Class and Exam Scheduling System V1.0 is vulnerable... |
| CVE-2025-29427 | 2025-03-17 | Code-projects Online Class and Exam Scheduling System V1.0 is vulnerable... |
| CVE-2025-29429 | 2025-03-17 | Code-projects Online Class and Exam Scheduling System V1.0 is vulnerable... |
| CVE-2025-29430 | 2025-03-17 | Code-projects Online Class and Exam Scheduling System V1.0 is vulnerable... |
| CVE-2025-29431 | 2025-03-17 | Code-projects Online Class and Exam Scheduling System V1.0 is vulnerable... |
| CVE-2025-30143 | 2025-03-17 | Rule 3000216 (before version 2) in Akamai App & API... |
| CVE-2025-2354 | 2025-03-17 | VAM Virtual Airlines Manager index.php cross site scripting |
| CVE-2025-2355 | 2025-03-17 | BlackVue App API Endpoint credentials storage |
| CVE-2025-2356 | 2025-03-17 | BlackVue App API deviceDelete get request method with sensitive query strings |
| CVE-2025-2357 | 2025-03-17 | DCMTK dcmjpls JPEG-LS Decoder memory corruption |
| CVE-2025-2358 | 2025-03-17 | Shenzhen Mingyuan Cloud Technology Mingyuan Real Estate ERP System HTTP Header Service.asmx sql injection |
| CVE-2025-2359 | 2025-03-17 | D-Link DIR-823G DDNS Service HNAP1 SetDDNSSettings improper authorization |
| CVE-2025-2360 | 2025-03-17 | D-Link DIR-823G UPnP Service HNAP1 SetUpnpSettings improper authorization |
| CVE-2025-2361 | 2025-03-17 | Mercurial SCM Web Interface cross site scripting |
| CVE-2025-2362 | 2025-03-17 | PHPGurukul Pre-School Enrollment System contact-us.php sql injection |
| CVE-2025-2363 | 2025-03-17 | lenve VBlog ArticleController.java uploadImg path traversal |
| CVE-2025-2395 | 2025-03-17 | e-Excellence U-Office Force - Improper Authentication |
| CVE-2025-2396 | 2025-03-17 | e-Excellence U-Office Force - Arbitrary File Upload |
| CVE-2025-2364 | 2025-03-17 | lenve VBlog ArticleService.java addNewArticle cross site scripting |
| CVE-2025-2365 | 2025-03-17 | crmeb_java WeChatMessageController.java webHook xml external entity reference |
| CVE-2025-1724 | 2025-03-17 | Account Takeover |
| CVE-2025-2366 | 2025-03-17 | gougucms Add Department Page add cross site scripting |
| CVE-2025-2367 | 2025-03-17 | Oiwtech OIW-2431APGN-HP Personal Script Submenu formScript os command injection |
| CVE-2025-2368 | 2025-03-17 | WebAssembly wabt Malformed File binary-reader-interp.cc OnExport heap-based overflow |
| CVE-2025-2369 | 2025-03-17 | TOTOLINK EX1800T cstecgi.cgi setPasswordCfg stack-based overflow |
| CVE-2025-2370 | 2025-03-17 | TOTOLINK EX1800T cstecgi.cgi setWiFiExtenderConfig stack-based overflow |
| CVE-2024-12971 | 2025-03-17 | QuickShell Authenticated Command Injection |
| CVE-2024-12992 | 2025-03-17 | Remote Code Execution leads to Command Injection |
| CVE-2025-2371 | 2025-03-17 | PHPGurukul Human Metapneumovirus Testing Management System Registered Mobile Number Search registered-user-testing.php cross site scripting |
| CVE-2025-2372 | 2025-03-17 | PHPGurukul Human Metapneumovirus Testing Management System Password Recovery Page password-recovery.php sql injection |
| CVE-2025-2199 | 2025-03-17 | SQL injection vulnerability in the Innovación y Cualificación local administration plugin ajax.php |
| CVE-2025-2200 | 2025-03-17 | SQL injection vulnerability in the Innovación y Cualificación IcProgreso plugin |
| CVE-2025-2201 | 2025-03-17 | Broken access control vulnerability in the Innovación y Cualificación IcProgreso plugin |
| CVE-2025-2202 | 2025-03-17 | Broken access control vulnerability in the Innovación y Cualificación local administration plugin ajax.php |
| CVE-2025-2373 | 2025-03-17 | PHPGurukul Human Metapneumovirus Testing Management System check_availability.php sql injection |
| CVE-2025-2374 | 2025-03-17 | PHPGurukul Human Metapneumovirus Testing Management System profile.php sql injection |
| CVE-2025-2375 | 2025-03-17 | PHPGurukul Human Metapneumovirus Testing Management System Admin Profile Page profile.php cross site scripting |
| CVE-2025-2376 | 2025-03-17 | viames Pair Framework PHP Object UserRemember.php getCookieContent deserialization |
| CVE-2025-2401 | 2025-03-17 | Buffer overflow in Immunity Debugger |
| CVE-2025-2377 | 2025-03-17 | SourceCodester Vehicle Management System confirmbooking.php cross site scripting |
| CVE-2025-2378 | 2025-03-17 | PHPGurukul Medical Card Generation System download-medical-cards.php sql injection |
| CVE-2019-15706 | 2025-03-17 | An improper neutralization of input during web page generation in... |
| CVE-2021-26087 | 2025-03-17 | An improper neutralization of input during web page generation in... |
| CVE-2024-54027 | 2025-03-17 | A Use of Hard-coded Cryptographic Key vulnerability [CWE-321] in FortiSandbox... |
| CVE-2021-32584 | 2025-03-17 | An improper access control (CWE-284) vulnerability in FortiWLC version 8.6.0,... |
| CVE-2021-22126 | 2025-03-17 | A use of hard-coded password vulnerability in FortiWLC version 8.5.2... |
| CVE-2019-17659 | 2025-03-17 | A use of hard-coded cryptographic key vulnerability in FortiSIEM version... |
| CVE-2020-29010 | 2025-03-17 | An exposure of sensitive information to an unauthorized actor vulnerability... |
| CVE-2025-27102 | 2025-03-17 | Agate vulnerable to HTML injection in user signup - Administrator phishing risk |
| CVE-2025-29786 | 2025-03-17 | Memory Exhaustion in Expr Parser with Unrestricted Input |
| CVE-2025-29787 | 2025-03-17 | zip Vulnerable to Incorrect Path Canonicalization During Archive Extraction, Leading to Arbitrary File Write |
| CVE-2025-29788 | 2025-03-17 | Sylius PayPal Plugin Payment Amount Manipulation Vulnerability |
| CVE-2025-2379 | 2025-03-17 | PHPGurukul Apartment Visitors Management System create-pass.php sql injection |
| CVE-2020-9295 | 2025-03-17 | FortiOS 6.2 running AV engine version 6.00142 and below, FortiOS... |
| CVE-2019-6697 | 2025-03-17 | An Improper Neutralization of Input vulnerability affecting FortiGate version 6.2.0... |
| CVE-2024-9055 | 2025-03-17 | DPA Countermeasures need reseeding |
| CVE-2025-0595 | 2025-03-17 | Stored Cross-site Scripting (XSS) vulnerability affecting 3DDashboard in 3DSwymer from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2024x |
| CVE-2025-0596 | 2025-03-17 | Stored Cross-site Scripting (XSS) vulnerability affecting Bookmark Editor in ENOVIA Collaborative Industry Innovator on Release 3DEXPERIENCE R2024x |
| CVE-2025-0598 | 2025-03-17 | Stored Cross-site Scripting (XSS) vulnerability affecting Relations in ENOVIA Collaborative Industry Innovator from Release 3DEXPERIENCE R2023x through Release 3DEXPERIENCE R2024x |
| CVE-2025-0599 | 2025-03-17 | Stored Cross-site Scripting (XSS) vulnerability affecting Document Management in ENOVIA Collaborative Industry Innovator on Release 3DEXPERIENCE R2024x |
| CVE-2025-0600 | 2025-03-17 | Stored Cross-site Scripting (XSS) vulnerability affecting Product Explorer in ENOVIA Collaborative Industry Innovator on Release 3DEXPERIENCE R2024x |
| CVE-2025-0601 | 2025-03-17 | Stored Cross-site Scripting (XSS) vulnerability affecting Issue Management in ENOVIA Collaborative Industry Innovator from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2024x |
| CVE-2025-0826 | 2025-03-17 | Stored Cross-site Scripting (XSS) vulnerability affecting 3D Navigate in ENOVIA Collaborative Industry Innovator from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2024x |
| CVE-2025-0827 | 2025-03-17 | Stored Cross-site Scripting (XSS) vulnerability affecting 3DPlay in 3DSwymer from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2024x |
| CVE-2025-0828 | 2025-03-17 | Stored Cross-site Scripting (XSS) vulnerability affecting Engineering Release in ENOVIA Product Engineering Specialist from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2024x |
| CVE-2025-0829 | 2025-03-17 | Stored Cross-site Scripting (XSS) vulnerability affecting 3D Markup in ENOVIA Collaborative Industry Innovator from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2024x |
| CVE-2025-0830 | 2025-03-17 | Stored Cross-site Scripting (XSS) vulnerability affecting Meeting Management in ENOVIA Change Manager from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2024x |
| CVE-2025-0832 | 2025-03-17 | Stored Cross-site Scripting (XSS) vulnerability affecting Project Gantt in ENOVIA Collaborative Industry Innovator from Release 3DEXPERIENCE R2022x through Release 3DEXPERIENCE R2024x |
| CVE-2025-0833 | 2025-03-17 | Stored Cross-site Scripting (XSS) vulnerability affecting Route Management in ENOVIA Collaborative Industry Innovator from Release 3DEXPERIENCE R2023x through Release 3DEXPERIENCE R2024x |
| CVE-2025-2380 | 2025-03-17 | PHPGurukul Apartment Visitors Management System admin-profile.php sql injection |
| CVE-2025-1398 | 2025-03-17 | macOS TCC Bypass via Code Injection |
| CVE-2025-2381 | 2025-03-17 | PHPGurukul Curfew e-Pass Management System search-pass.php sql injection |
| CVE-2025-27512 | 2025-03-17 | Zincati allows unprivileged access to rpm-ostree D-Bus `Deploy()` and `FinalizeDeployment()` methods |
| CVE-2025-2382 | 2025-03-17 | PHPGurukul Online Banquet Booking System booking-search.php sql injection |
| CVE-2025-1774 | 2025-03-17 | Logs manipulation in BotSense |
| CVE-2025-2383 | 2025-03-17 | PHPGurukul Doctor Appointment Management System search.php sql injection |
| CVE-2025-2384 | 2025-03-17 | code-projects Real Estate Property Management System Parameter InsertCustomer.php sql injection |
| CVE-2025-2241 | 2025-03-17 | Hive: exposure of vcenter credentials via clusterprovision in hive / mce / acm |
| CVE-2025-2385 | 2025-03-17 | code-projects Modern Bag login.php sql injection |
| CVE-2024-48013 | 2025-03-17 | Dell SmartFabric OS10 Software, version(s) 10.5.4.x, 10.5.5.x, 10.5.6.x, 10.6.0.x, contain(s)... |
| CVE-2024-48830 | 2025-03-17 | Dell SmartFabric OS10 Software, version(s) 10.5.4.x, 10.5.5.x, 10.5.6.x, 10.6.0.x, contain(s)... |
| CVE-2025-2386 | 2025-03-17 | PHPGurukul Local Services Search Engine Management System serviceman-search.php sql injection |
| CVE-2025-22474 | 2025-03-17 | Dell SmartFabric OS10 Software, version(s) 10.5.4.x, 10.5.5.x, 10.5.6.x, 10.6.0.x, contain(s)... |
| CVE-2024-48828 | 2025-03-17 | Dell SmartFabric OS10 Software, version(s) 10.5.4.x, 10.5.5.x, 10.5.6.x, 10.6.0.x, contain(s)... |
| CVE-2024-48015 | 2025-03-17 | Dell SmartFabric OS10 Software, version(s) 10.5.4.x, 10.5.5.x, 10.5.6.x, 10.6.0.x, contain(s)... |
| CVE-2024-48017 | 2025-03-17 | Dell SmartFabric OS10 Software, version(s) 10.5.4.x, 10.5.5.x, 10.5.6.x, 10.6.0.x, contain(s)... |
| CVE-2024-49559 | 2025-03-17 | Dell SmartFabric OS10 Software, version(s) 10.5.4.x, 10.5.5.x, 10.5.6.x, 10.6.0.x, contain(s)... |
| CVE-2025-2387 | 2025-03-17 | SourceCodester Online Food Ordering System ajax.php sql injection |
| CVE-2024-49561 | 2025-03-17 | Dell SmartFabric OS10 Software, version(s) 10.5.4.x, 10.5.5.x, 10.5.6.x, 10.6.0.x, contain(s)... |
| CVE-2025-22473 | 2025-03-17 | Dell SmartFabric OS10 Software, version(s) 10.5.4.x, 10.5.5.x, 10.5.6.x, 10.6.0.x, contain(s)... |
| CVE-2025-22472 | 2025-03-17 | Dell SmartFabric OS10 Software, version(s) 10.5.4.x, 10.5.5.x, 10.5.6.x, 10.6.0.x, contain(s)... |
| CVE-2025-2388 | 2025-03-17 | Keytop 路内停车收费系统 API getParks improper authentication |