CVE List - 2025 / April
Showing 4001 - 4038 of 4038 CVEs for April 2025 (Page 41 of 41)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2025-30392 | 2025-04-30 | Azure AI bot Elevation of Privilege Vulnerability |
| CVE-2025-21416 | 2025-04-30 | Azure Virtual Desktop Elevation of Privilege Vulnerability |
| CVE-2025-39413 | 2025-04-30 | WordPress Simple Sitemap – Create a Responsive HTML Sitemap plugin <= 3.5.14 - Broken Access Control vulnerability |
| CVE-2025-24091 | 2025-04-30 | An app could impersonate system notifications. Sensitive notifications now require... |
| CVE-2025-4135 | 2025-04-30 | Netgear WG302v2 ui_get_input_value command injection |
| CVE-2024-47784 | 2025-04-30 | Unverified Password Change |
| CVE-2025-46331 | 2025-04-30 | OpenFGA Authorization Bypass |
| CVE-2025-32777 | 2025-04-30 | Volcano Scheduler Denial of Service via Unbounded Response from Elastic Service/extender Plugin |
| CVE-2025-24887 | 2025-04-30 | OpenCTI bypass of protected attribute update |
| CVE-2025-46558 | 2025-04-30 | org.xwiki.contrib.markdown:syntax-markdown-commonmark12 vulnerable to XSS via Markdown content |
| CVE-2025-46557 | 2025-04-30 | Any user with view access to the XWiki space can change the authenticator |
| CVE-2025-46554 | 2025-04-30 | XWiki missing authorization when accessing the wiki level attachments list and metadata via REST API |
| CVE-2024-9876 | 2025-04-30 | Application is vulnerable to Privilege escalation |
| CVE-2024-9877 | 2025-04-30 | Sensitive information submitted using GET method |
| CVE-2025-2170 | 2025-04-30 | A Server-side request forgery (SSRF) vulnerability has been identified in... |
| CVE-2025-4136 | 2025-04-30 | Weitong Mall Sale Endpoint improper authorization |
| CVE-2025-27611 | 2025-04-30 | base-x homograph attack allows Unicode lookalike characters to bypass validation. |
| CVE-2024-6029 | 2025-04-30 | Tesla Model S Iris Modem Race Condition Firewall Bypass Vulnerability |
| CVE-2024-6031 | 2025-04-30 | Tesla Model S oFono AT Command Heap-based Buffer Overflow Code Execution Vulnerability |
| CVE-2024-13943 | 2025-04-30 | Tesla Model S Iris Modem QCMAP_ConnectionManager Improper Input Validation Sandbox Escape Vulnerability |
| CVE-2024-6030 | 2025-04-30 | Tesla Model S oFono Unnecessary Privileges Sandbox Escape Vulnerability |
| CVE-2024-6032 | 2025-04-30 | Tesla Model S Iris Modem ql_atfwd Command Injection Code Execution Vulnerability |
| CVE-2025-2082 | 2025-04-30 | Tesla Model 3 VCSEC Integer Overflow Remote Code Execution Vulnerability |
| CVE-2025-4139 | 2025-04-30 | Netgear EX6120 fwAcosCgiInbound buffer overflow |
| CVE-2025-24132 | 2025-04-30 | The issue was addressed with improved memory handling. This issue... |
| CVE-2025-30422 | 2025-04-30 | A buffer overflow was addressed with improved input validation. This... |
| CVE-2022-27562 | 2025-04-30 | HCL Domino Volt is affected by an unrestricted upload of a dangerous file type |
| CVE-2022-42449 | 2025-04-30 | HCL Domino Volt is affected by an unrestricted upload of a dangerous file type |
| CVE-2022-42450 | 2025-04-30 | HCL Domino Volt is affected by Cross-site scripting (XSS) |
| CVE-2023-37517 | 2025-04-30 | HCL Domino Volt and Domino Leap are affected by missing "no cache" headers |
| CVE-2023-37535 | 2025-04-30 | HCL Domino Volt and Domino Leap are affected by a Cross-site scripting (XSS) vulnerability |
| CVE-2023-45721 | 2025-04-30 | HCL Domino Volt and Domino Leap are affected by a disclosure of private personal information vulnerability |
| CVE-2024-30115 | 2025-04-30 | HCL Domino Volt and Domino Leap are affected by a cross-site scripting (XSS) vulnerability |
| CVE-2024-30145 | 2025-04-30 | HCL Domino Volt and Domino Leap are affected by a cross-site scripting (XSS) vulnerability |
| CVE-2024-30146 | 2025-04-30 | HCL Domino Leap is affected by improper access control |
| CVE-2025-4140 | 2025-04-30 | Netgear EX6120 sub_30394 buffer overflow |
| CVE-2025-4141 | 2025-04-30 | Netgear EX6200 sub_3C03C buffer overflow |
| CVE-2025-4142 | 2025-04-30 | Netgear EX6200 sub_3C8EC buffer overflow |