CVE List - 2025 / April
Showing 3801 - 3900 of 4038 CVEs for April 2025 (Page 39 of 41)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2025-4021 | 2025-04-28 | code-projects Patient Record Management System edit_spatient.php sql injection |
| CVE-2025-4022 | 2025-04-28 | web-arena-x webarena evaluators.py HTMLContentEvaluator code injection |
| CVE-2025-4023 | 2025-04-28 | itsourcecode Placement Management System add_company.php sql injection |
| CVE-2025-23375 | 2025-04-28 | Dell PowerProtect Data Manager Reporting, version(s) 19.17, contain(s) an Incorrect... |
| CVE-2025-4024 | 2025-04-28 | itsourcecode Placement Management System add_drive.php sql injection |
| CVE-2025-23376 | 2025-04-28 | Dell PowerProtect Data Manager Reporting, version(s) 19.16, 19.17, 19.18, contain(s)... |
| CVE-2025-23377 | 2025-04-28 | Dell PowerProtect Data Manager Reporting, version(s) 19.17, 19.18 contain(s) an... |
| CVE-2025-4025 | 2025-04-28 | itsourcecode Placement Management System registration.php sql injection |
| CVE-2025-4026 | 2025-04-28 | PHPGurukul Nipah Virus Testing Management System profile.php sql injection |
| CVE-2025-43854 | 2025-04-28 | DIFY vulnerable to Clickjacking Attack |
| CVE-2025-4027 | 2025-04-28 | PHPGurukul Old Age Home Management System rules.php sql injection |
| CVE-2025-43857 | 2025-04-28 | net-imap rubygem vulnerable to possible DoS by memory exhaustion |
| CVE-2025-4028 | 2025-04-28 | PHPGurukul COVID19 Testing Management System profile.php sql injection |
| CVE-2025-4029 | 2025-04-28 | code-projects Personal Diary Management System New Record addrecord stack-based overflow |
| CVE-2025-4030 | 2025-04-28 | PHPGurukul COVID19 Testing Management System search-report-result.php sql injection |
| CVE-2024-12706 | 2025-04-28 | SQL Injection vulnerability discovered in OpenText™ Digital Asset Management. |
| CVE-2025-4031 | 2025-04-28 | PHPGurukul Pre-School Enrollment System aboutus.php sql injection |
| CVE-2025-4032 | 2025-04-28 | inclusionAI AWorld shell_tool.py subprocess.Popen os command injection |
| CVE-2025-34489 | 2025-04-28 | GFI MailEssentials Local Privilege Escalation |
| CVE-2025-4033 | 2025-04-28 | PHPGurukul Nipah Virus Testing Management System patient-search-report.php sql injection |
| CVE-2025-34490 | 2025-04-28 | GFI MailEssentials XXE Vulnerability |
| CVE-2025-31650 | 2025-04-28 | Apache Tomcat: DoS via malformed HTTP/2 PRIORITY_UPDATE frame |
| CVE-2025-31651 | 2025-04-28 | Apache Tomcat: Bypass of rules in Rewrite Valve |
| CVE-2025-34491 | 2025-04-28 | GFI MailEssentials MultiNode Insecure Deserialization |
| CVE-2025-3224 | 2025-04-28 | Elevation of Privilege in Docker Desktop for Windows during Upgrade due to Insecure Directory Deletion |
| CVE-2025-4034 | 2025-04-28 | projectworlds Online Examination System inser_doc_process.php sql injection |
| CVE-2025-4036 | 2025-04-28 | 201206030 Novel Chapter AuthorController.java updateBookChapter access control |
| CVE-2025-4037 | 2025-04-28 | code-projects ATM Banking moneyWithdraw logic error |
| CVE-2024-10635 | 2025-04-28 | Enterprise Protection S/MIME Opaque Signature Attachment Scanning Bypass |
| CVE-2025-0049 | 2025-04-28 | Disclosure of sensitive information in an error message in GoAnywhere prior to version 7.8.0 |
| CVE-2024-11922 | 2025-04-28 | Input Validation vulnerability in Web Client emails that do not go through Secure Mail |
| CVE-2025-4038 | 2025-04-28 | code-projects Train Ticket Reservation System reservation stack-based overflow |
| CVE-2025-4039 | 2025-04-28 | PHPGurukul Rail Pass Management System search-pass.php sql injection |
| CVE-2025-46326 | 2025-04-28 | Snowflake Connector for .NET has race condition when checking access to Easy Logging configuration file |
| CVE-2025-46327 | 2025-04-28 | Go Snowflake Driver has race condition when checking access to Easy Logging configuration file |
| CVE-2025-46328 | 2025-04-28 | NodeJS Driver for Snowflake has race condition when checking access to Easy Logging configuration file |
| CVE-2024-57698 | 2025-04-29 | An issue in modernwms v.1.0 allows an attacker view the... |
| CVE-2025-25403 | 2025-04-29 | Slims (Senayan Library Management Systems) 9 Bulian V9.6.1 is vulnerable... |
| CVE-2025-25962 | 2025-04-29 | An issue in Coresmartcontracts Uniswap v.3.0 and fixed in v.4.0... |
| CVE-2025-32354 | 2025-04-29 | In Zimbra Collaboration (ZCS) 9.0 through 10.1, a Cross-Site Request... |
| CVE-2025-45956 | 2025-04-29 | A SQL injection vulnerability in manage_damage.php in Sourcecodester Computer Laboratory... |
| CVE-2025-30445 | 2025-04-29 | A type confusion issue was addressed with improved checks. This... |
| CVE-2025-31203 | 2025-04-29 | An integer overflow was addressed with improved input validation. This... |
| CVE-2025-31202 | 2025-04-29 | A null pointer dereference was addressed with improved input validation.... |
| CVE-2025-24251 | 2025-04-29 | The issue was addressed with improved checks. This issue is... |
| CVE-2025-24206 | 2025-04-29 | An authentication issue was addressed with improved state management. This... |
| CVE-2025-24271 | 2025-04-29 | An access issue was addressed with improved access restrictions. This... |
| CVE-2025-24270 | 2025-04-29 | This issue was addressed by removing the vulnerable code. This... |
| CVE-2025-24179 | 2025-04-29 | A null pointer dereference was addressed with improved input validation.... |
| CVE-2025-31197 | 2025-04-29 | The issue was addressed with improved checks. This issue is... |
| CVE-2025-24252 | 2025-04-29 | A use-after-free issue was addressed with improved memory management. This... |
| CVE-2025-46330 | 2025-04-29 | Snowflake Connector for C/C++ retries malformed requests |
| CVE-2025-46338 | 2025-04-29 | Audiobookshelf Vulnerable to Cross-Site-Scripting Reflected via POST Request in /api/upload |
| CVE-2025-46343 | 2025-04-29 | n8n Vulnerable to Stored XSS through Attachments View Endpoint |
| CVE-2025-46329 | 2025-04-29 | Snowflake Connector for C/C++ inserts client-side encryption key in DEBUG logs |
| CVE-2024-12273 | 2025-04-29 | Calculated Fields Form < 5.2.62 - Admin+ Stored XSS |
| CVE-2025-2893 | 2025-04-29 | Gutenverse <= 2.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via countdown Block |
| CVE-2025-3452 | 2025-04-29 | SecuPress Free <= 2.3.9 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin Installation |
| CVE-2025-30194 | 2025-04-29 | Denial of service via crafted DoH exchange |
| CVE-2025-1194 | 2025-04-29 | Regular Expression Denial of Service (ReDoS) in huggingface/transformers |
| CVE-2025-4058 | 2025-04-29 | Projectworlds Online Examination System Bloodgroop_process.php sql injection |
| CVE-2025-3929 | 2025-04-29 | Stored XSS vulnerability in MDaemon Email Server |
| CVE-2024-58099 | 2025-04-29 | vmxnet3: Fix packet corruption in vmxnet3_xdp_xmit_frame |
| CVE-2025-3891 | 2025-04-29 | Mod_auth_openidc: dos via empty post in mod_auth_openidc with oidcpreservepost enabled |
| CVE-2025-4059 | 2025-04-29 | code-projects Prison Management System Prison_Mgmt_Sys addrecord stack-based overflow |
| CVE-2025-4060 | 2025-04-29 | PHPGurukul Notice Board System category.php sql injection |
| CVE-2025-4035 | 2025-04-29 | Libsoup: cookie domain validation bypass via uppercase characters in libsoup |
| CVE-2025-4061 | 2025-04-29 | code-projects Clothing Store Management System add_item stack-based overflow |
| CVE-2025-2817 | 2025-04-29 | Thunderbird's update mechanism allowed a medium-integrity user process to interfere... |
| CVE-2025-4082 | 2025-04-29 | Modification of specific WebGL shader attributes could trigger an out-of-bounds... |
| CVE-2025-4083 | 2025-04-29 | A process isolation vulnerability in Thunderbird stemmed from improper handling... |
| CVE-2025-4084 | 2025-04-29 | Due to insufficient escaping of the special characters in the... |
| CVE-2025-4085 | 2025-04-29 | An attacker with control over a content process could potentially... |
| CVE-2025-4086 | 2025-04-29 | A specially crafted filename containing a large number of encoded... |
| CVE-2025-4087 | 2025-04-29 | A vulnerability was identified in Thunderbird where XPath parsing could... |
| CVE-2025-4088 | 2025-04-29 | A security vulnerability in Thunderbird allowed malicious sites to use... |
| CVE-2025-4089 | 2025-04-29 | Due to insufficient escaping of special characters in the "copy... |
| CVE-2025-4090 | 2025-04-29 | A vulnerability existed in Thunderbird for Android where potentially sensitive... |
| CVE-2025-4091 | 2025-04-29 | Memory safety bugs present in Firefox 137, Thunderbird 137, Firefox... |
| CVE-2025-4092 | 2025-04-29 | Memory safety bugs present in Firefox 137 and Thunderbird 137.... |
| CVE-2025-4093 | 2025-04-29 | Memory safety bug present in Firefox ESR 128.9, and Thunderbird... |
| CVE-2025-4062 | 2025-04-29 | code-projects Theater Seat Booking System cancel stack-based overflow |
| CVE-2025-4063 | 2025-04-29 | code-projects Student Information Management System cancel stack-based overflow |
| CVE-2025-3301 | 2025-04-29 | DPA Countermeasures Unavailable for Certain Cryptographic Operations on Series 2 Devices |
| CVE-2025-4064 | 2025-04-29 | ScriptAndTools Online-Travling-System viewenquiry.php access control |
| CVE-2025-4065 | 2025-04-29 | ScriptAndTools Online-Travling-System addadvertisement.php access control |
| CVE-2025-4066 | 2025-04-29 | ScriptAndTools Online-Travling-System addpackage.php access control |
| CVE-2025-4067 | 2025-04-29 | ScriptAndTools Online-Travling-System viewpackage.php access control |
| CVE-2025-4068 | 2025-04-29 | code-projects Simple Movie Ticket Booking System changeprize stack-based overflow |
| CVE-2025-4069 | 2025-04-29 | code-projects Product Management System add_item stack-based overflow |
| CVE-2025-46346 | 2025-04-29 | YesWiki Vulnerable to Stored XSS in Comments |
| CVE-2025-40615 | 2025-04-29 | Reflected Cross-Site Scripting (XSS) vulnerability in Bookgy |
| CVE-2025-40616 | 2025-04-29 | Reflected Cross-Site Scripting (XSS) vulnerability in Bookgy |
| CVE-2025-1551 | 2025-04-29 | IBM Operational Decision Manager cross-site scripting |
| CVE-2025-40617 | 2025-04-29 | SQL injection vulnerability in Bookgy |
| CVE-2025-40618 | 2025-04-29 | SQL injection vulnerability in Bookgy |
| CVE-2025-40619 | 2025-04-29 | Improper access control vulnerability in Bookgy |
| CVE-2025-4070 | 2025-04-29 | PHPGurukul Rail Pass Management System changeimage.php sql injection |
| CVE-2025-4071 | 2025-04-29 | PHPGurukul COVID19 Testing Management System test-details.php sql injection |
| CVE-2025-23177 | 2025-04-29 | Ribbon Communications - CWE-427: Uncontrolled Search Path Element |