CVE List - 2025 / March
Showing 501 - 600 of 4018 CVEs for March 2025 (Page 6 of 41)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2024-58047 | 2025-03-04 | Permission verification vulnerability in the media library module Impact: Successful... |
| CVE-2024-58048 | 2025-03-04 | Multi-thread problem vulnerability in the package management module Impact: Successful... |
| CVE-2024-58049 | 2025-03-04 | Permission verification vulnerability in the media library module Impact: Successful... |
| CVE-2024-58050 | 2025-03-04 | Vulnerability of improper access permission in the HDC module Impact:... |
| CVE-2024-13682 | 2025-03-04 | Wallet System for WooCommerce – Wallet, Wallet Cashback, Refunds, Partial Payment, Wallet Restriction <= 2.6.2 - Cross-Site Request Forgery |
| CVE-2025-0512 | 2025-03-04 | Structured Content (JSON-LD) #wpsc <= 1.6.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via sc_fs_local_business Shortcode |
| CVE-2024-9618 | 2025-03-04 | Master Addons <= 2.0.7.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Widgets |
| CVE-2024-13724 | 2025-03-04 | Wallet System for WooCommerce – Wallet, Wallet Cashback, Refunds, Partial Payment, Wallet Restriction <= 2.6.2 - Missing Authorization |
| CVE-2025-0433 | 2025-03-04 | Master Addons <= 2.0.7.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via id Parameter |
| CVE-2025-0958 | 2025-03-04 | Ultimate WordPress Auction Plugin <= 4.2.9 - Missing Authorization to Arbitrary Post Deletion |
| CVE-2025-0370 | 2025-03-04 | WP Shortcodes Plugin — Shortcodes Ultimate <= 7.3.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via src Parameter |
| CVE-2025-22224 | 2025-03-04 | VMware ESXi, and Workstation contain a TOCTOU (Time-of-Check Time-of-Use) vulnerability... |
| CVE-2025-22225 | 2025-03-04 | VMware ESXi contains an arbitrary write vulnerability. A malicious actor... |
| CVE-2025-22226 | 2025-03-04 | VMware ESXi, Workstation, and Fusion contain an information disclosure vulnerability... |
| CVE-2025-1925 | 2025-03-04 | Open5GS AMF nsmf-handler.c amf_nsmf_pdusession_handle_update_sm_context denial of service |
| CVE-2025-1930 | 2025-03-04 | On Windows, a compromised content process could use bad StreamData... |
| CVE-2025-1939 | 2025-03-04 | Android apps can load web pages using the Custom Tabs... |
| CVE-2025-1931 | 2025-03-04 | It was possible to cause a use-after-free in the content... |
| CVE-2025-1932 | 2025-03-04 | An inconsistent comparator in xslt/txNodeSorter could have resulted in potentially... |
| CVE-2025-1933 | 2025-03-04 | On 64-bit CPUs, when the JIT compiles WASM i32 return... |
| CVE-2025-1940 | 2025-03-04 | A select option could partially obscure the confirmation prompt shown... |
| CVE-2025-1934 | 2025-03-04 | It was possible to interrupt the processing of a RegExp... |
| CVE-2025-1941 | 2025-03-04 | Under certain circumstances, a user opt-in setting that Focus should... |
| CVE-2025-1942 | 2025-03-04 | When String.toUpperCase() caused a string to get longer it was... |
| CVE-2025-1935 | 2025-03-04 | A web page could trick a user into setting that... |
| CVE-2025-1936 | 2025-03-04 | jar: URLs retrieve local file content packaged in a ZIP... |
| CVE-2025-1937 | 2025-03-04 | Memory safety bugs present in Firefox 135, Thunderbird 135, Firefox... |
| CVE-2025-1938 | 2025-03-04 | Memory safety bugs present in Firefox 135, Thunderbird 135, Firefox... |
| CVE-2025-1943 | 2025-03-04 | Memory safety bugs present in Firefox 135 and Thunderbird 135.... |
| CVE-2025-27426 | 2025-03-04 | Malicious websites utilizing a server-side redirect to an internal error... |
| CVE-2025-27424 | 2025-03-04 | Websites redirecting to a non-HTTP scheme URL could allow a... |
| CVE-2025-27425 | 2025-03-04 | Scanning certain QR codes that included text with a website... |
| CVE-2024-9149 | 2025-03-04 | SQLi in Wind Media's E-Commerce Website Template |
| CVE-2025-23368 | 2025-03-04 | Org.wildfly.core:wildfly-elytron-integration: wildfly elytron brute force attack via cli |
| CVE-2025-1425 | 2025-03-04 | File Read Through Improper Sudo Privilege Management |
| CVE-2025-1424 | 2025-03-04 | Privilege Escalation Through SUID Binary and Developer Mode |
| CVE-2025-27111 | 2025-03-04 | Escape Sequence Injection vulnerability in Rack lead to Possible Log Injection |
| CVE-2024-11957 | 2025-03-04 | Arbitrary Code Execution in WPS Office |
| CVE-2025-27155 | 2025-03-04 | In-memory stored Cross-site scripting (XSS) vulnerability in pineconesim |
| CVE-2025-27507 | 2025-03-04 | IDOR Vulnerabilities in ZITADEL's Admin API that Primarily Impact LDAP Configurations |
| CVE-2025-27150 | 2025-03-04 | Tuleap dumps the Redis password into the generated troubleshooting archives |
| CVE-2025-27156 | 2025-03-04 | Tuleap allows content injection via emails sent by the mass emailing features |
| CVE-2025-27401 | 2025-03-04 | In Tuleap, deleting a report can delete criteria filters in other reports |
| CVE-2025-27402 | 2025-03-04 | Tuleap is missing CSRF protections on tracker fields administrative operations |
| CVE-2024-41147 | 2025-03-04 | An out-of-bounds write vulnerability exists in the ma_dr_flac__decode_samples__lpc functionality of... |
| CVE-2024-10930 | 2025-03-04 | Carrier Block Load Privilege Escalation |
| CVE-2019-1815 | 2025-03-04 | Cisco Meraki MX67 and MX68 Sensitive Information Disclosure Vulnerability |
| CVE-2020-3122 | 2025-03-04 | Cisco Content Security Management Appliance Information Disclosure Vulnerability |
| CVE-2025-1946 | 2025-03-04 | hzmanyun Education and Training System exportPDF command injection |
| CVE-2025-1947 | 2025-03-04 | hzmanyun Education and Training System UploadImageController.java scorm command injection |
| CVE-2025-1969 | 2025-03-04 | Request approval spoofing in Temporary Elevated Access Management (TEAM) for AWS IAM Identity Center |
| CVE-2025-1949 | 2025-03-04 | ZZCMS URL register_nodb.php cross site scripting |
| CVE-2025-1952 | 2025-03-04 | PHPGurukul Restaurant Table Booking System password-recovery.php sql injection |
| CVE-2025-1259 | 2025-03-04 | On affected platforms running Arista EOS with OpenConfig configured, a gNOI request can be run when it should have been rejected. |
| CVE-2025-1260 | 2025-03-04 | On affected platforms running Arista EOS with OpenConfig configured, a gNOI request can be run when it should have been rejected. |
| CVE-2025-1953 | 2025-03-04 | vLLM AIBrix Prefix Caching hash.go random values |
| CVE-2025-1080 | 2025-03-04 | Macro URL arbitrary script execution |
| CVE-2024-9135 | 2025-03-04 | On affected platforms running Arista EOS with BGP Link State configured, BGP peer flap can cause the BGP agent to leak memory. This may result in BGP routing processing being terminated and route flapping. |
| CVE-2024-8000 | 2025-03-04 | On affected platforms running Arista EOS with 802.1X configured, certain conditions may occur where a dynamic ACL is received from the AAA server resulting in only the first line of the ACL being installed after an Accelerated Software Upgrade (ASU) restar |
| CVE-2025-1954 | 2025-03-04 | PHPGurukul Human Metapneumovirus Testing Management System login.php sql injection |
| CVE-2025-1955 | 2025-03-04 | code-projects Online Class and Exam Scheduling System profile.php cross site scripting |
| CVE-2025-1956 | 2025-03-04 | code-projects Shopping Portal Login index.php sql injection |
| CVE-2025-27510 | 2025-03-04 | RCE in the package conda-forge-metadata |
| CVE-2025-1957 | 2025-03-04 | code-projects Blood Bank System o+.php cross site scripting |
| CVE-2025-1958 | 2025-03-04 | aaluoxiang oa_system address-mapper.xml sql injection |
| CVE-2025-1959 | 2025-03-04 | Codezips Gym Management System change_s_pwd.php sql injection |
| CVE-2025-1961 | 2025-03-04 | SourceCodester Best Church Management Software web_crud.php sql injection |
| CVE-2025-1962 | 2025-03-04 | projectworlds Online Hotel Booking addroom.php sql injection |
| CVE-2025-1316 | 2025-03-04 | Edimax IC-7100 IP Camera OS Command Injection |
| CVE-2025-21092 | 2025-03-04 | GMOD Apollo Incorrect Privilege Assignment |
| CVE-2025-23410 | 2025-03-04 | GMOD Apollo Relative Path Traversal |
| CVE-2024-31525 | 2025-03-05 | Peppermint Ticket Management 0.4.6 is vulnerable to Incorrect Access Control.... |
| CVE-2024-48246 | 2025-03-05 | Vehicle Management System 1.0 contains a Stored Cross-Site Scripting (XSS)... |
| CVE-2024-51144 | 2025-03-05 | Cross Site Request Forgery (CSRF) vulnerability exists in the 'pvmsg.php?action=add_message',... |
| CVE-2024-53458 | 2025-03-05 | Sysax Multi Server 6.99 is vulnerable to a denial of... |
| CVE-2024-57174 | 2025-03-05 | A misconfiguration in Alphion ASEE-1443 Firmware v0.4.H.00.02.15 defines a previously... |
| CVE-2025-25362 | 2025-03-05 | A Server-Side Template Injection (SSTI) vulnerability in Spacy-LLM v0.7.2 allows... |
| CVE-2025-25632 | 2025-03-05 | Tenda AC15 v15.03.05.19 is vulnerable to Command Injection via the... |
| CVE-2025-25634 | 2025-03-05 | A vulnerability has been found in Tenda AC15 15.03.05.19 in... |
| CVE-2025-27637 | 2025-03-05 | Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.1002 Application... |
| CVE-2025-27638 | 2025-03-05 | Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.1002 Application... |
| CVE-2025-27639 | 2025-03-05 | Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.1002 Application... |
| CVE-2025-27640 | 2025-03-05 | Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.1002 Application... |
| CVE-2025-27641 | 2025-03-05 | Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.951 Application... |
| CVE-2025-27642 | 2025-03-05 | Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.933 Application... |
| CVE-2025-27643 | 2025-03-05 | Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.933 Application... |
| CVE-2025-27644 | 2025-03-05 | Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.933 Application... |
| CVE-2025-27645 | 2025-03-05 | Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.933 Application... |
| CVE-2025-27646 | 2025-03-05 | Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.913 Application... |
| CVE-2025-27647 | 2025-03-05 | Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.913 Application... |
| CVE-2025-27648 | 2025-03-05 | Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.913 Application... |
| CVE-2025-27649 | 2025-03-05 | Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.893 Application... |
| CVE-2025-27650 | 2025-03-05 | Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.862 Application... |
| CVE-2025-27651 | 2025-03-05 | Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.862 Application... |
| CVE-2025-27652 | 2025-03-05 | Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.862 Application... |
| CVE-2025-27653 | 2025-03-05 | Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.862 Application... |
| CVE-2025-27654 | 2025-03-05 | Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.862 Application... |
| CVE-2025-27655 | 2025-03-05 | Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.862 Application... |
| CVE-2025-27656 | 2025-03-05 | Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.862 Application... |
| CVE-2025-27657 | 2025-03-05 | Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843 Application... |