CVE List - 2025 / March
Showing 101 - 200 of 4018 CVEs for March 2025 (Page 2 of 41)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2025-27583 | 2025-03-03 | Incorrect access control in the component /rest/staffResource/findAllUsersAcrossOrg of Serosoft Solutions... |
| CVE-2025-27584 | 2025-03-03 | A stored cross-site scripting (XSS) vulnerability in Serosoft Solutions Pvt... |
| CVE-2025-27585 | 2025-03-03 | A stored cross-site scripting (XSS) vulnerability in Serosoft Solutions Pvt... |
| CVE-2025-27590 | 2025-03-03 | In oxidized-web (aka Oxidized Web) before 0.15.0, the RANCID migration... |
| CVE-2025-1841 | 2025-03-03 | ESAFENET CDG ClientSortLog.jsp sql injection |
| CVE-2025-1842 | 2025-03-03 | FITSTATS Technologies AthleteMonitoring login.php cross site scripting |
| CVE-2025-1843 | 2025-03-03 | Mini-Tmall ProductMapper.java select sql injection |
| CVE-2025-1844 | 2025-03-03 | ESAFENET CDG backupLogDetail.jsp sql injection |
| CVE-2025-1845 | 2025-03-03 | ESAFENET DSM examExportPDF command injection |
| CVE-2025-20644 | 2025-03-03 | In Modem, there is a possible memory corruption due to... |
| CVE-2025-20645 | 2025-03-03 | In KeyInstall, there is a possible out of bounds write... |
| CVE-2025-20646 | 2025-03-03 | In wlan AP FW, there is a possible out of... |
| CVE-2025-20647 | 2025-03-03 | In Modem, there is a possible system crash due to... |
| CVE-2025-20648 | 2025-03-03 | In apu, there is a possible out of bounds read... |
| CVE-2025-20649 | 2025-03-03 | In Bluetooth Stack SW, there is a possible information disclosure... |
| CVE-2025-20650 | 2025-03-03 | In da, there is a possible out of bounds write... |
| CVE-2025-20651 | 2025-03-03 | In da, there is a possible out of bounds read... |
| CVE-2025-20652 | 2025-03-03 | In V5 DA, there is a possible out of bounds... |
| CVE-2025-20653 | 2025-03-03 | In da, there is a possible out of bounds read... |
| CVE-2025-1846 | 2025-03-03 | zj1983 zz File ZfileAction.java deleteLocalFile denial of service |
| CVE-2025-1847 | 2025-03-03 | zj1983 zz improper authorization |
| CVE-2025-1848 | 2025-03-03 | zj1983 zz import_data_check server-side request forgery |
| CVE-2025-1849 | 2025-03-03 | zj1983 zz import_data_todb server-side request forgery |
| CVE-2025-1850 | 2025-03-03 | Codezips College Management System university.php sql injection |
| CVE-2025-1851 | 2025-03-03 | Tenda AC7 SetFirewallCfg formSetFirewallCfg stack-based overflow |
| CVE-2025-1852 | 2025-03-03 | Totolink EX1800T cstecgi.cgi loginAuth buffer overflow |
| CVE-2025-1853 | 2025-03-03 | Tenda AC8 Parameter SetIpMacBind sub_49E098 stack-based overflow |
| CVE-2025-1854 | 2025-03-03 | Codezips Gym Management System del_member.php sql injection |
| CVE-2025-1855 | 2025-03-03 | PHPGurukul Online Shopping Portal product-details.php sql injection |
| CVE-2025-1856 | 2025-03-03 | Codezips Gym Management System gen_invoice.php sql injection |
| CVE-2025-1723 | 2025-03-03 | Account takeover |
| CVE-2025-1857 | 2025-03-03 | PHPGurukul Nipah Virus Testing Management System check_availability.php sql injection |
| CVE-2025-1864 | 2025-03-03 | Buffer Overflow and Potential Code Execution in Radare2 |
| CVE-2025-24846 | 2025-03-03 | Authentication bypass vulnerability exists in FutureNet AS series (Industrial Routers)... |
| CVE-2025-25280 | 2025-03-03 | Buffer overflow vulnerability exists in FutureNet AS series (Industrial Routers)... |
| CVE-2025-1858 | 2025-03-03 | Codezips Online Shopping Website success.php sql injection |
| CVE-2025-1866 | 2025-03-03 | Undefined Behavior Due to Out-of-Bounds Pointer Arithmetic in libwebsockets |
| CVE-2025-1867 | 2025-03-03 | HTTP Response Smuggling Vulnerability in libhv |
| CVE-2025-24654 | 2025-03-03 | WordPress Squirrly SEO plugin <= 12.4.05 - Broken Access Control vulnerability |
| CVE-2025-1859 | 2025-03-03 | PHPGurukul News Portal login.php sql injection |
| CVE-2024-8186 | 2025-03-03 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab |
| CVE-2024-38426 | 2025-03-03 | Improper Authentication in Modem |
| CVE-2024-43051 | 2025-03-03 | Improper Authorization in SPS-HLOS |
| CVE-2024-43055 | 2025-03-03 | Buffer Copy Without Checking Size of Input (`Classic Buffer Overflow`) in Camera_Linux |
| CVE-2024-43056 | 2025-03-03 | Buffer Over-read in Hypervisor |
| CVE-2024-43057 | 2025-03-03 | Use After Free in MProc |
| CVE-2024-43059 | 2025-03-03 | Use After Free in Automotive Multimedia |
| CVE-2024-43060 | 2025-03-03 | Use of Out-of-range Pointer Offset in Automotive Audio |
| CVE-2024-43061 | 2025-03-03 | Use After Free in Audio |
| CVE-2024-43062 | 2025-03-03 | Use After Free in Camera Linux |
| CVE-2024-45580 | 2025-03-03 | Use After Free in DSP Service |
| CVE-2024-49836 | 2025-03-03 | Improper Validation of Array Index in Camera |
| CVE-2024-53011 | 2025-03-03 | Permissions, Privileges, and Access Controls in Video Analytics and Processing |
| CVE-2024-53012 | 2025-03-03 | Improper Input Validation in Automotive OS Platform |
| CVE-2024-53014 | 2025-03-03 | Improper Validation of Array Index in Audio |
| CVE-2024-53022 | 2025-03-03 | Improper Input Validation in Automotive OS Platform |
| CVE-2024-53023 | 2025-03-03 | Use After Free in Automotive Android OS |
| CVE-2024-53024 | 2025-03-03 | NULL Pointer Dereference in Display |
| CVE-2024-53025 | 2025-03-03 | Integer Overflow or Wraparound in BT Controller |
| CVE-2024-53027 | 2025-03-03 | Buffer Copy Without Checking Size of Input in WLAN Host |
| CVE-2024-53028 | 2025-03-03 | Time-of-check Time-of-use (TOCTOU) Race Condition in Automotive Vehicle Networks |
| CVE-2024-53029 | 2025-03-03 | Improper Input Validation in Automotive OS Platform |
| CVE-2024-53030 | 2025-03-03 | Improper Input Validation in Automotive OS Platform |
| CVE-2024-53031 | 2025-03-03 | Improper Input Validation in Automotive OS Platform |
| CVE-2024-53032 | 2025-03-03 | Time-of-check Time-of-use (TOCTOU) Race Condition in Automotive OS Platform |
| CVE-2024-53033 | 2025-03-03 | Untrusted Pointer Dereference in DSP_Services |
| CVE-2024-53034 | 2025-03-03 | Untrusted Pointer Dereference in DSP_Services |
| CVE-2025-21424 | 2025-03-03 | Use After Free in NPU |
| CVE-2025-0475 | 2025-03-03 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab |
| CVE-2024-24778 | 2025-03-03 | Apache StreamPipes: Resources Permission Escalation |
| CVE-2025-1868 | 2025-03-03 | Information display on multiple products from Famatech Corp |
| CVE-2024-10925 | 2025-03-03 | Authorization Bypass Through User-Controlled Key in GitLab |
| CVE-2025-1869 | 2025-03-03 | SQL injection vulnerability in 101news |
| CVE-2025-1870 | 2025-03-03 | SQL injection vulnerability in 101news |
| CVE-2025-1871 | 2025-03-03 | SQL injection vulnerability in 101news |
| CVE-2025-1872 | 2025-03-03 | SQL injection vulnerability in 101news |
| CVE-2025-1873 | 2025-03-03 | SQL injection vulnerability in 101news |
| CVE-2025-1874 | 2025-03-03 | SQL injection vulnerability in 101news |
| CVE-2025-1875 | 2025-03-03 | SQL injection vulnerability in 101news |
| CVE-2025-26999 | 2025-03-03 | WordPress ProfileGrid Plugin <= 5.9.4.3 - PHP Object Injection vulnerability |
| CVE-2025-23425 | 2025-03-03 | WordPress Marekkis Watermark plugin <= 0.9.4 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-23433 | 2025-03-03 | WordPress vcOS plugin <=1.4.0 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-23437 | 2025-03-03 | WordPress ntp-header-images plugin <=1.2 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-23439 | 2025-03-03 | WordPress TinyMCE Extended Config plugin <= 0.1.0 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-23440 | 2025-03-03 | WordPress radSLIDE plugin <= 2.1 - Broken Access Control to Stored Cross-Site Scripting vulnerability |
| CVE-2025-23441 | 2025-03-03 | WordPress Attach Gallery Posts plugin <= 1.6 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-23446 | 2025-03-03 | WordPress WP SpaceContent plugin <= 0.4.5 - CSRF to Stored Cross Site Scripting (XSS) vulnerability |
| CVE-2025-23447 | 2025-03-03 | WordPress Smooth Dynamic Slider plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-23450 | 2025-03-03 | WordPress AW WooCommerce Kode Pembayaran plugin <= 1.1.4 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-23451 | 2025-03-03 | WordPress Awesome Twitter Feeds plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-23464 | 2025-03-03 | WordPress Twitter News Feed plugin <= 1.1.1 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-23465 | 2025-03-03 | WordPress Vampire Character Manager plugin <= 2.13 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-23468 | 2025-03-03 | WordPress Essay Wizard (wpCRES) plugin <= 1.0.6.4 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-23472 | 2025-03-03 | WordPress Flexo Slider plugin <= 1.0013 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-23473 | 2025-03-03 | WordPress Killer Theme Options plugin <= 2.0 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-23478 | 2025-03-03 | WordPress Photo Video Store plugin <= 21.07 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-23479 | 2025-03-03 | WordPress melascrivi plugin <= 1.4 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-23480 | 2025-03-03 | WordPress RSVP ME plugin <= 1.9.9 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-23481 | 2025-03-03 | WordPress Ni WooCommerce Sales Report Email plugin <= 3.1.4 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-23482 | 2025-03-03 | WordPress azurecurve Floating Featured Image plugin <= 2.2.0 - Reflected Cross Site Scripting (XSS) vulnerability |