CVE List - 2025 / March
Showing 401 - 500 of 4018 CVEs for March 2025 (Page 5 of 41)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2024-51944 | 2025-03-03 | Stored XSS in Rest Services Directory |
| CVE-2024-51945 | 2025-03-03 | Stored XSS issues in Server Admin API |
| CVE-2024-51946 | 2025-03-03 | Stored XSS in Rest Services Directory under Identify operation |
| CVE-2024-51947 | 2025-03-03 | Stored XSS vulnerability in Rest Services under Layer name |
| CVE-2024-51948 | 2025-03-03 | Stored XSS vulnerability in Rest Services under Job ID |
| CVE-2024-51949 | 2025-03-03 | Stored XSS vulnerability in Rest Services under OGCFeature Service and Map Service |
| CVE-2024-51950 | 2025-03-03 | Stored XSS in Server Admin under Services > lifecycleinfos |
| CVE-2024-51951 | 2025-03-03 | Stored XSS in Server Admin API |
| CVE-2024-51952 | 2025-03-03 | Stored XSS issue in ArcGIS Server |
| CVE-2024-51953 | 2025-03-03 | Stored XSS in ArcGIS Server Rest services |
| CVE-2024-51954 | 2025-03-03 | Unauthorized access to secure services in ArcGIS Server |
| CVE-2024-51956 | 2025-03-03 | Stored XSS vulnerability in ArcGIS Server Administrator Directory |
| CVE-2024-51957 | 2025-03-03 | Stored XSS vulnerability in ArcGIS Rest Services Directory |
| CVE-2024-51958 | 2025-03-03 | Directory traversal vulnerability in the admin api for service thumbnails |
| CVE-2024-51959 | 2025-03-03 | Stored XSS issue in Server Admin API |
| CVE-2024-51960 | 2025-03-03 | Stored XSS in ArcGIS Server Administrator Directory |
| CVE-2024-51961 | 2025-03-03 | Local file inclusion (LFI) vulnerability in ArcGIS Server |
| CVE-2024-51962 | 2025-03-03 | SQL injection vulnerability in ArcGIS Server |
| CVE-2024-51963 | 2025-03-03 | Stored XSS in ArcGIS Server Manager |
| CVE-2024-51966 | 2025-03-03 | Directory traversal vulnerability in ArcGIS Server |
| CVE-2025-1880 | 2025-03-03 | i-Drive i11/i12 Device Pairing authentication bypass |
| CVE-2025-1881 | 2025-03-03 | i-Drive i11/i12 Video Footage/Live Video Stream access control |
| CVE-2025-1882 | 2025-03-03 | i-Drive i11/i12 Device Setting improper access control for register interface |
| CVE-2025-1890 | 2025-03-03 | shishuocms ManageUpLoadAction.java handleRequest unrestricted upload |
| CVE-2025-1891 | 2025-03-03 | shishuocms cross-site request forgery |
| CVE-2020-23438 | 2025-03-04 | Wondershare filmora 9.2.11 is affected by Trojan Dll hijacking leading... |
| CVE-2021-41719 | 2025-03-04 | Maharashtra State Electricity Distribution Company Limited Mahavitran IOS Application 16.1... |
| CVE-2024-48248 | 2025-03-04 | NAKIVO Backup & Replication before 11.0.0.88174 allows absolute path traversal... |
| CVE-2024-50704 | 2025-03-04 | Unauthenticated remote code execution vulnerability in Uniguest Tripleplay before 24.2.1... |
| CVE-2024-50705 | 2025-03-04 | Unauthenticated reflected cross-site scripting (XSS) vulnerability in Uniguest Tripleplay before... |
| CVE-2024-50706 | 2025-03-04 | Unauthenticated SQL injection vulnerability in Uniguest Tripleplay version 23.1+ allows... |
| CVE-2024-50707 | 2025-03-04 | Unauthenticated remote code execution vulnerability in Uniguest Tripleplay before 24.2.1... |
| CVE-2025-25426 | 2025-03-04 | yshopmall <=v1.9.0 is vulnerable to SQL Injection in the image... |
| CVE-2025-26091 | 2025-03-04 | A Cross Site Scripting (XSS) vulnerability exists in TeamPasswordManager v12.162.284... |
| CVE-2025-26136 | 2025-03-04 | A SQL injection vulnerability exists in mysiteforme versions prior to... |
| CVE-2025-26182 | 2025-03-04 | An issue in xxyopen novel plus v.4.4.0 and before allows... |
| CVE-2025-26202 | 2025-03-04 | Cross-Site Scripting (XSS) vulnerability exists in the WPA/WAPI Passphrase field... |
| CVE-2025-26318 | 2025-03-04 | hb.exe in TSplus Remote Access before 17.30 2024-10-30 allows remote... |
| CVE-2025-26319 | 2025-03-04 | FlowiseAI Flowise v2.2.6 was discovered to contain an arbitrary file... |
| CVE-2025-26320 | 2025-03-04 | t0mer BroadlinkManager v5.9.1 was discovered to contain an OS command... |
| CVE-2025-26849 | 2025-03-04 | There is a Hard-coded Cryptographic Key in Docusnap 13.0.1440.24261, and... |
| CVE-2025-1892 | 2025-03-04 | shishuocms Directory Deletion Page add.json cross site scripting |
| CVE-2025-1893 | 2025-03-04 | Open5GS AMF gmm-sm.c gmm_state_authentication denial of service |
| CVE-2025-1695 | 2025-03-04 | NGINX Unit Java Vulnerability |
| CVE-2025-1894 | 2025-03-04 | PHPGurukul Restaurant Table Booking System search-result.php sql injection |
| CVE-2025-1895 | 2025-03-04 | Tenda TX3 setMacFilterCfg buffer overflow |
| CVE-2025-1896 | 2025-03-04 | Tenda TX3 SetStaticRouteCfg buffer overflow |
| CVE-2025-1897 | 2025-03-04 | Tenda TX3 SetNetControlList buffer overflow |
| CVE-2025-1898 | 2025-03-04 | Tenda TX3 openSchedWifi buffer overflow |
| CVE-2025-1899 | 2025-03-04 | Tenda TX3 setPptpUserList buffer overflow |
| CVE-2025-1900 | 2025-03-04 | PHPGurukul Restaurant Table Booking System add-table.php sql injection |
| CVE-2025-1901 | 2025-03-04 | PHPGurukul Restaurant Table Booking System check_availability.php sql injection |
| CVE-2024-13686 | 2025-03-04 | VW Storefront <= 0.9.9 - Missing Authorization to Authenticated (Subscriber+) Settings Reset |
| CVE-2025-0912 | 2025-03-04 | GiveWP – Donation Plugin and Fundraising Platform <= 3.19.4 - Unauthenticated PHP Object Injection |
| CVE-2025-1321 | 2025-03-04 | teachPress <= 9.0.7 - Authenticated (Contributor+) SQL Injection |
| CVE-2025-1639 | 2025-03-04 | Animation Addons for Elementor Pro <= 1.6 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin Installation/Activation |
| CVE-2025-0587 | 2025-03-04 | Arkcompiler Ets Runtime has an integer overflow vulnerability |
| CVE-2025-20011 | 2025-03-04 | Communication Dsoftbus has a memory leak vulnerability |
| CVE-2025-20021 | 2025-03-04 | Arkcompiler Ets Runtime has an out-of-bounds read vulnerability |
| CVE-2025-20024 | 2025-03-04 | Arkcompiler Ets Runtime has an integer overflow vulnerability |
| CVE-2025-20042 | 2025-03-04 | Liteos-A has an out of bounds read vulnerability |
| CVE-2025-20081 | 2025-03-04 | Communication Dsoftbus has an UAF vulnerability |
| CVE-2025-20091 | 2025-03-04 | Communication Dsoftbus has an UAF vulnerability |
| CVE-2025-20626 | 2025-03-04 | Arkcompiler Ets Runtime has an UAF vulnerability |
| CVE-2025-21084 | 2025-03-04 | Arkcompiler Ets Runtime has an NULL pointer dereference vulnerability |
| CVE-2025-21089 | 2025-03-04 | Arkcompiler Ets Runtime has an out-of-bounds read vulnerability |
| CVE-2025-21097 | 2025-03-04 | Arkcompiler Ets Runtime has a NULL pointer dereference vulnerability |
| CVE-2025-21098 | 2025-03-04 | Liteos-A has an insecure storage of sensitive information vulnerability |
| CVE-2025-22443 | 2025-03-04 | Arkcompiler Ets Runtime has an out-of-bounds read vulnerability |
| CVE-2025-22835 | 2025-03-04 | Arkcompiler Ets Runtime has an out-of-bounds write vulnerability |
| CVE-2025-22837 | 2025-03-04 | Arkcompiler Ets Runtime has a NULL pointer dereference vulnerability |
| CVE-2025-22841 | 2025-03-04 | Arkcompiler Ets Runtime has an out-of-bounds read vulnerability |
| CVE-2025-22847 | 2025-03-04 | Arkcompiler Ets Runtime has an out-of-bounds read vulnerability |
| CVE-2025-22897 | 2025-03-04 | Arkcompiler Ets Runtime has a buffer overflow vulnerability |
| CVE-2025-23234 | 2025-03-04 | Arkcompiler Ets Runtime has a buffer overflow vulnerability |
| CVE-2025-23240 | 2025-03-04 | Arkcompiler Ets Runtime has an out-of-bounds write vulnerability |
| CVE-2025-23409 | 2025-03-04 | Communication Dsoftbus has an UAF vulnerability |
| CVE-2025-23414 | 2025-03-04 | Arkcompiler Ets Runtime has an UAF vulnerability |
| CVE-2025-23418 | 2025-03-04 | Arkcompiler Ets Runtime has an out-of-bounds read vulnerability |
| CVE-2025-23420 | 2025-03-04 | Arkcompiler Ets Runtime has an out-of-bounds write vulnerability |
| CVE-2025-24301 | 2025-03-04 | Arkcompiler Ets Runtime has an UAF vulnerability |
| CVE-2025-24309 | 2025-03-04 | Arkcompiler Ets Runtime has an out-of-bounds write vulnerability |
| CVE-2025-1902 | 2025-03-04 | PHPGurukul Student Record System password-recovery.php sql injection |
| CVE-2025-1903 | 2025-03-04 | Codezips Online Shopping Website cart_add.php sql injection |
| CVE-2025-1306 | 2025-03-04 | Newscrunch <= 1.8.4 - Cross-Site Request Forgery to Arbitrary File Upload |
| CVE-2025-1307 | 2025-03-04 | Newscrunch <= 1.8.4 - Authenticated (Subscriber+) Arbitrary File Upload |
| CVE-2025-1904 | 2025-03-04 | code-projects Blood Bank System A+.php cross site scripting |
| CVE-2025-1905 | 2025-03-04 | SourceCodester Employee Management System employee.php cross site scripting |
| CVE-2025-1906 | 2025-03-04 | PHPGurukul Restaurant Table Booking System profile.php sql injection |
| CVE-2024-47259 | 2025-03-04 | Girishunawane, member of the AXIS OS Bug Bounty Program, has... |
| CVE-2024-47260 | 2025-03-04 | 51l3nc3, member of the AXIS OS Bug Bounty Program, has... |
| CVE-2024-47262 | 2025-03-04 | Dzmitry Lukyanenka, member of the AXIS OS Bug Bounty Program,... |
| CVE-2025-0359 | 2025-03-04 | During an annual penetration test conducted on behalf of Axis... |
| CVE-2025-0360 | 2025-03-04 | During an annual penetration test conducted on behalf of Axis... |
| CVE-2024-13685 | 2025-03-04 | Admin and Site Enhancements (ASE) < 7.6.10 - Limit Login Attempt Bypass via IP Spoofing |
| CVE-2024-58043 | 2025-03-04 | Permission bypass vulnerability in the window module Impact: Successful exploitation... |
| CVE-2024-58044 | 2025-03-04 | Permission verification bypass vulnerability in the notification module Impact: Successful... |
| CVE-2025-27521 | 2025-03-04 | Vulnerability of improper access permission in the process management module... |
| CVE-2024-58045 | 2025-03-04 | Multi-concurrency vulnerability in the media digital copyright protection module Impact:... |
| CVE-2024-58046 | 2025-03-04 | Permission management vulnerability in the lock screen module Impact: Successful... |