CVE List - 2025 / April
Showing 3101 - 3200 of 4033 CVEs for April 2025 (Page 32 of 41)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2025-31118 | 2025-04-18 | NamelessMC Has Forum Reply Submission Time Limit Bypass |
| CVE-2025-31120 | 2025-04-18 | NamelessMC Vulnerable to Cookie-Based View Count Manipulation |
| CVE-2025-32389 | 2025-04-18 | NamelessMC Vulnerable to SQL Injections in /user/messaging and /panel/users/reports Pages |
| CVE-2025-32442 | 2025-04-18 | Fastify vulnerable to invalid content-type parsing, which could lead to validation bypass |
| CVE-2025-32792 | 2025-04-18 | ses's global contour bindings leak into Compartment lexical scope |
| CVE-2025-32795 | 2025-04-18 | Dify Allows Insecure User Role Access Control for APP Editing |
| CVE-2025-32796 | 2025-04-18 | Dify Allows Unauthorized APP Enable/Disable via API |
| CVE-2025-1697 | 2025-04-18 | HP Touchpoint Analytics Service – Potential Escalation of Privilege |
| CVE-2025-24914 | 2025-04-18 | Local Priviledge Escalation |
| CVE-2025-36625 | 2025-04-18 | Log Poisoning in Nessus |
| CVE-2025-32377 | 2025-04-18 | Rasa Pro Missing Authentication For Voice Connector APIs |
| CVE-2025-3795 | 2025-04-18 | DaiCuo SEO Optimization Settings Section cross site scripting |
| CVE-2025-32953 | 2025-04-18 | z80pack Vulnerable to Exposure of the GITHUB_TOKEN in Workflow Run Artifact |
| CVE-2025-3796 | 2025-04-18 | PHPGurukul Men Salon Management System contact-us.php sql injection |
| CVE-2022-47111 | 2025-04-19 | 7-Zip 22.01 does not report an error for certain invalid xz files, involving block flags and reserved bits. Some later versions are unaffected. |
| CVE-2022-47112 | 2025-04-19 | 7-Zip 22.01 does not report an error for certain invalid xz files, involving stream flags and reserved bits. Some later versions are unaffected. |
| CVE-2023-26819 | 2025-04-19 | cJSON 1.7.15 might allow a denial of service via a crafted JSON document such as {"a": true, "b": [ null,9999999999999999999999999999999999999999999999912345678901234567]}. |
| CVE-2023-30421 | 2025-04-19 | mystrtod in mjson 1.2.7 requires more than a billion iterations during processing of certain digit strings such as 8891110122900e913013935755114. |
| CVE-2025-43917 | 2025-04-19 | In Pritunl Client before 1.3.4220.57, an administrator with access to /Applications can escalate privileges after uninstalling the product. Specifically, an administrator can insert a new file at the pathname of... |
| CVE-2025-43918 | 2025-04-19 | SSL.com before 2025-04-19, when domain validation method 3.2.2.4.14 is used, processes certificate requests such that a trusted TLS certificate may be issued for the domain name of a requester's email... |
| CVE-2025-3284 | 2025-04-19 | User Registration & Membership PRO – Custom Registration Form, Login Form, and User Profile <= 5.1.3 - Cross-Site Request Forgery to User Deletion |
| CVE-2025-3278 | 2025-04-19 | UrbanGo Membership <= 1.0.4 - Unauthenticated Privilege Escalation |
| CVE-2025-2010 | 2025-04-19 | JobWP – Job Board, Job Listing, Career Page and Recruitment Plugin <= 2.3.9 - Unauthenticated SQL Injection |
| CVE-2025-1093 | 2025-04-19 | AIHub <= 1.3.7 - Unauthenticated Arbitrary File Upload in generate_image |
| CVE-2025-3275 | 2025-04-19 | Themesflat Addons For Elementor <= 2.2.5 - Authenticated (Contributor+) Stored Cross-Site Scripting |
| CVE-2025-1457 | 2025-04-19 | Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid, Carousel and Remote Arrows) <= 5.10.28 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting |
| CVE-2025-3103 | 2025-04-19 | CLEVER - HTML5 Radio Player With History - Shoutcast and Icecast - Elementor Widget Addon <= 2.4 - Unauthenticated Arbitrary File Read |
| CVE-2025-2111 | 2025-04-19 | WP Headers And Footers <= 3.1.1 - Cross-Site Request Forgery to Arbitrary Options Update |
| CVE-2025-3809 | 2025-04-19 | Debug Log Manager <= 2.3.4 - Unauthenticated Stored Cross-Site Scripting |
| CVE-2024-13926 | 2025-04-19 | WP-Syntax <= 1.2 - Author+ Potential ReDoS |
| CVE-2025-3797 | 2025-04-19 | SeaCMS admin_topic.php sql injection |
| CVE-2021-4455 | 2025-04-19 | Wordpress Plugin Smart Product Review <= 1.0.4 - Unauthenticated Arbitrary File Upload |
| CVE-2025-3404 | 2025-04-19 | Download Manager <= 3.3.12 - Authenticated (Author+) Arbitrary File Deletion |
| CVE-2025-3661 | 2025-04-19 | SB Chart block <= 1.2.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via className Parameter |
| CVE-2025-3798 | 2025-04-19 | WCMS Advertisement Image AdvadminController.php sub unrestricted upload |
| CVE-2025-3799 | 2025-04-19 | WCMS AnonymousController.php sql injection |
| CVE-2025-3800 | 2025-04-19 | WCMS AnonymousController.php sql injection |
| CVE-2025-3801 | 2025-04-19 | songquanpeng one-api System Setting cross site scripting |
| CVE-2025-3802 | 2025-04-19 | Tenda W12/i24 httpd cgiPingSet stack-based overflow |
| CVE-2025-3803 | 2025-04-19 | Tenda W12/i24 httpd cgiSysScheduleRebootSet stack-based overflow |
| CVE-2025-3804 | 2025-04-19 | thautwarm vscode-diana Jinja2 Template Gen.py injection |
| CVE-2025-3805 | 2025-04-19 | sarrionandia tournatrack Jinja2 Template check_id.py injection |
| CVE-2025-3806 | 2025-04-19 | dazhouda lecms Edit Profile admin cross site scripting |
| CVE-2025-3807 | 2025-04-19 | zhenfeng13 My-BBS Endpoint UploadController.java upload unrestricted upload |
| CVE-2025-3808 | 2025-04-19 | zhenfeng13 My-BBS cross-site request forgery |
| CVE-2025-3816 | 2025-04-19 | westboy CicadasCMS Scheduled Task save os command injection |
| CVE-2025-3817 | 2025-04-19 | SourceCodester Online Eyewear Shop Master.php sql injection |
| CVE-2025-3818 | 2025-04-19 | webpy web.py db.py PostgresDB._process_insert_query sql injection |
| CVE-2025-3819 | 2025-04-19 | PHPGurukul Men Salon Management System search-appointment.php sql injection |
| CVE-2025-3820 | 2025-04-19 | Tenda W12/i24 httpd cgiSysUplinkCheckSet stack-based overflow |
| CVE-2020-36844 | 2025-04-20 | The KnowBe4 Security Awareness Training application before 2020-01-10 allows reflected XSS. The response has a SCRIPT element that sets window.location.href to a JavaScript URL. |
| CVE-2020-36845 | 2025-04-20 | The KnowBe4 Security Awareness Training application before 2020-01-10 contains a redirect function that does not validate the destination URL before redirecting. The response has a SCRIPT element that sets window.location.href... |
| CVE-2025-43919 | 2025-04-20 | GNU Mailman 2.1.39, as bundled in cPanel (and WHM), allows unauthenticated attackers to read arbitrary files via ../ directory traversal at /mailman/private/mailman (aka the private archive authentication endpoint) via the... |
| CVE-2025-43920 | 2025-04-20 | GNU Mailman 2.1.39, as bundled in cPanel (and WHM), in certain external archiver configurations, allows unauthenticated attackers to execute arbitrary OS commands via shell metacharacters in an email Subject line.... |
| CVE-2025-43921 | 2025-04-20 | GNU Mailman 2.1.39, as bundled in cPanel (and WHM), allows unauthenticated attackers to create lists via the /mailman/create endpoint. NOTE: multiple third parties report that they are unable to reproduce... |
| CVE-2025-43928 | 2025-04-20 | In Infodraw Media Relay Service (MRS) 7.1.0.0, the MRS web server (on port 12654) allows reading arbitrary files via ../ directory traversal in the username field. Reading ServerParameters.xml may reveal... |
| CVE-2025-43929 | 2025-04-20 | open_actions.py in kitty before 0.41.0 does not ask for user confirmation before running a local executable file that may have been linked from an untrusted document (e.g., a document opened... |
| CVE-2025-43954 | 2025-04-20 | QMarkdown (aka quasar-ui-qmarkdown) before 2.0.5 allows XSS via headers even when when no-html is set. |
| CVE-2025-43955 | 2025-04-20 | TwsCachedXPathAPI in Convertigo through 8.3.4 does not restrict the use of commons-jxpath APIs. |
| CVE-2025-43961 | 2025-04-20 | In LibRaw before 0.21.4, metadata/tiff.cpp has an out-of-bounds read in the Fujifilm 0xf00c tag parser. |
| CVE-2025-43962 | 2025-04-20 | In LibRaw before 0.21.4, phase_one_correct in decoders/load_mfbacks.cpp has out-of-bounds reads for tag 0x412 processing, related to large w0 or w1 values or the frac and mult calculations. |
| CVE-2025-43963 | 2025-04-20 | In LibRaw before 0.21.4, phase_one_correct in decoders/load_mfbacks.cpp allows out-of-buffer access because split_col and split_row values are not checked in 0x041f tag processing. |
| CVE-2025-43964 | 2025-04-20 | In LibRaw before 0.21.4, tag 0x412 processing in phase_one_correct in decoders/load_mfbacks.cpp does not enforce minimum w0 and w1 values. |
| CVE-2025-43966 | 2025-04-20 | libheif before 1.19.6 has a NULL pointer dereference in ImageItem_iden in image-items/iden.cc. |
| CVE-2025-43967 | 2025-04-20 | libheif before 1.19.6 has a NULL pointer dereference in ImageItem_Grid::get_decoder in image-items/grid.cc because a grid image can reference a nonexistent image item. |
| CVE-2025-3821 | 2025-04-20 | SourceCodester Web-based Pharmacy Product Management System add-admin.php cross site scripting |
| CVE-2025-3822 | 2025-04-20 | SourceCodester Web-based Pharmacy Product Management System changepassword.php cross site scripting |
| CVE-2025-3823 | 2025-04-20 | SourceCodester Web-based Pharmacy Product Management System add-stock.php cross site scripting |
| CVE-2025-3824 | 2025-04-20 | SourceCodester Web-based Pharmacy Product Management System add-product.php cross site scripting |
| CVE-2025-3825 | 2025-04-20 | SourceCodester Web-based Pharmacy Product Management System add-category.php cross site scripting |
| CVE-2025-3826 | 2025-04-20 | SourceCodester Web-based Pharmacy Product Management System add-supplier.php cross site scripting |
| CVE-2025-3827 | 2025-04-20 | PHPGurukul Men Salon Management System forgot-password.php sql injection |
| CVE-2025-3828 | 2025-04-20 | PHPGurukul Men Salon Management System view-appointment.php sql injection |
| CVE-2025-3829 | 2025-04-20 | PHPGurukul Men Salon Management System sales-reports-detail.php sql injection |
| CVE-2025-3830 | 2025-04-20 | kuangstudy KuangSimpleBBS QuestionController.java fileUpload unrestricted upload |
| CVE-2024-41446 | 2025-04-21 | A stored cross-site scripting (XSS) vulnerability in Alkacon OpenCMS v17.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the image parameter under the... |
| CVE-2024-42699 | 2025-04-21 | Cross Site Scripting vulnerability in Create/Modify article function in Alkacon OpenCMS 17.0 allows remote attacker to inject javascript payload via image title sub-field in the image field |
| CVE-2024-57394 | 2025-04-21 | The quarantine - restore function in Qi-ANXIN Tianqing Endpoint Security Management System v10.0 allows user to restore a malicious file to an arbitrary file path. Attackers can write malicious DLL... |
| CVE-2025-28099 | 2025-04-21 | opencms V2.3 is vulnerable to Arbitrary file read in src/main/webapp/view/admin/document/dataPage.jsp, |
| CVE-2025-28102 | 2025-04-21 | A cross-site scripting (XSS) vulnerability in flaskBlog v2.6.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the postContent parameter at /createpost. |
| CVE-2025-28103 | 2025-04-21 | Incorrect access control in laskBlog v2.6.1 allows attackers to arbitrarily delete user accounts via a crafted request. |
| CVE-2025-28104 | 2025-04-21 | Incorrect access control in laskBlog v2.6.1 allows attackers to access all usernames via a crafted input. |
| CVE-2025-28121 | 2025-04-21 | code-projects Online Exam Mastering System 1.0 is vulnerable to Cross Site Scripting (XSS) in feedback.php via the "q" parameter allowing remote attackers to execute arbitrary code. |
| CVE-2025-28367 | 2025-04-21 | mojoPortal <=2.9.0.1 is vulnerable to Directory Traversal via BetterImageGallery API Controller - ImageHandler Action. An attacker can exploit this vulnerability to access the Web.Config file and obtain the MachineKey. |
| CVE-2025-29287 | 2025-04-21 | An arbitrary file upload vulnerability in the ueditor component of MCMS v5.4.3 allows attackers to execute arbitrary code via uploading a crafted file. |
| CVE-2025-29446 | 2025-04-21 | open-webui v0.5.16 is vulnerable to SSRF in routers/ollama.py in function verify_connection. |
| CVE-2025-29659 | 2025-04-21 | Yi IOT XY-3820 6.0.24.10 is vulnerable to Remote Command Execution via the "cmd_listen" function located in the "cmd" binary. |
| CVE-2025-29660 | 2025-04-21 | A vulnerability exists in the daemon process of the Yi IOT XY-3820 v6.0.24.10, which exposes a TCP service on port 6789. This service lacks proper input validation, allowing attackers to... |
| CVE-2025-32408 | 2025-04-21 | In Soffid Console 3.6.31 before 3.6.32, authorization to use the pam service is mishandled. |
| CVE-2025-43916 | 2025-04-21 | Sonos api.sonos.com through 2025-04-21, when the /login/v3/oauth endpoint is used, accepts a redirect_uri containing userinfo in the authority component, which is not consistent with RFC 6819 section 5.2.3.5. An authorization... |
| CVE-2025-43922 | 2025-04-21 | The FileWave Windows client before 16.0.0, in some non-default configurations, allows an unprivileged local user to escalate privileges to SYSTEM. |
| CVE-2025-43970 | 2025-04-21 | An issue was discovered in GoBGP before 3.35.0. pkg/packet/mrt/mrt.go does not properly check the input length, e.g., by ensuring that there are 12 bytes or 36 bytes (depending on the... |
| CVE-2025-43971 | 2025-04-21 | An issue was discovered in GoBGP before 3.35.0. pkg/packet/bgp/bgp.go allows attackers to cause a panic via a zero value for softwareVersionLen. |
| CVE-2025-43972 | 2025-04-21 | An issue was discovered in GoBGP before 3.35.0. An attacker can cause a crash in the pkg/packet/bgp/bgp.go flowspec parser by sending fewer than 20 bytes in a certain context. |
| CVE-2025-43973 | 2025-04-21 | An issue was discovered in GoBGP before 3.35.0. pkg/packet/rtr/rtr.go does not verify that the input length corresponds to a situation in which all bytes are available for an RTR message. |
| CVE-2025-0632 | 2025-04-21 | Local File Inclusion (LFI) leading to sensitive data exposure |
| CVE-2025-25228 | 2025-04-21 | Extension - virtuemart.net - SQL injection in VirtueMart component 1.0.0 - 4.4.7 for Joomla |
| CVE-2025-3837 | 2025-04-21 | Improper Input Validation vulnerability in the End of Life (EOL) OVA based connect component |
| CVE-2025-3838 | 2025-04-21 | Improper Authorization in the installer for the EOL OVA based connect component |
| CVE-2025-3840 | 2025-04-21 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') |