CVE List - 2025 / May
Showing 1 - 100 of 3982 CVEs for May 2025 (Page 1 of 40)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2024-48906 | 2025-05-01 | Sematell ReplyOne 7.4.3.0 allows XSS via a ReplyDesk e-mail attachment name. |
| CVE-2024-48907 | 2025-05-01 | Sematell ReplyOne 7.4.3.0 allows SSRF via the application server API. |
| CVE-2025-32881 | 2025-05-01 | An issue was discovered on goTenna v1 devices with app 5.5.3 and firmware 0.25.5. By default, the GID is the user's phone number unless they specifically opt out. A phone... |
| CVE-2025-32882 | 2025-05-01 | An issue was discovered on goTenna v1 devices with app 5.5.3 and firmware 0.25.5. The app uses a custom implementation of encryption without any additional integrity checking mechanisms. This leaves... |
| CVE-2025-32884 | 2025-05-01 | An issue was discovered on goTenna Mesh devices with app 5.5.3 and firmware 1.1.12. By default, a GID is the user's phone number unless they specifically opt out. A phone... |
| CVE-2025-32885 | 2025-05-01 | An issue was discovered on goTenna v1 devices with app 5.5.3 and firmware 0.25.5. The app there makes it possible to inject any custom message (into existing v1 networks) with... |
| CVE-2025-32886 | 2025-05-01 | An issue was discovered on goTenna v1 devices with app 5.5.3 and firmware 0.25.5. All packets sent over RF are also sent over UART with USB Shell, allowing someone with... |
| CVE-2025-32887 | 2025-05-01 | An issue was discovered on goTenna v1 devices with app 5.5.3 and firmware 0.25.5. A command channel includes the next hop. which can be intercepted and used to break frequency... |
| CVE-2025-32888 | 2025-05-01 | An issue was discovered on goTenna Mesh devices with app 5.5.3 and firmware 1.1.12. The verification token used for sending SMS through a goTenna server is hardcoded in the app. |
| CVE-2025-32889 | 2025-05-01 | An issue was discovered on goTenna v1 devices with app 5.5.3 and firmware 0.25.5. The verification token used for sending SMS through a goTenna server is hardcoded in the app. |
| CVE-2025-32890 | 2025-05-01 | An issue was discovered on goTenna Mesh devices with app 5.5.3 and firmware 1.1.12. It uses a custom implementation of encryption without any additional integrity checking mechanisms. This leaves messages... |
| CVE-2025-44835 | 2025-05-01 | D-Link DIR-816 A2V1.1.0B05 was found to contain a command injection in iptablesWebsFilterRun, which allows remote attackers to execute arbitrary commands via shell. |
| CVE-2025-44836 | 2025-05-01 | TOTOLINK CPE CP900 V6.3c.1144_B20190715 was discovered to contain a command injection vulnerability in the setApRebootScheCfg function via the hour or minute parameters. This vulnerability allows attackers to execute arbitrary commands... |
| CVE-2025-44837 | 2025-05-01 | TOTOLINK CPE CP900 V6.3c.1144_B20190715 was discovered to contain a command injection vulnerability in the CloudSrvUserdataVersionCheck function via the url or magicid parameters. This vulnerability allows attackers to execute arbitrary commands... |
| CVE-2025-44838 | 2025-05-01 | TOTOLINK CPE CP900 V6.3c.1144_B20190715 was discovered to contain a command injection vulnerability in the setUploadUserData function via the FileName parameter. This vulnerability allows attackers to execute arbitrary commands via a... |
| CVE-2025-44839 | 2025-05-01 | TOTOLINK CA600-PoE V5.3c.6665_B20180820 was found to contain a command injection vulnerability in the CloudSrvUserdataVersionCheck function via the magicid parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted... |
| CVE-2025-44840 | 2025-05-01 | TOTOLINK CA600-PoE V5.3c.6665_B20180820 was found to contain a command injection vulnerability in the CloudSrvUserdataVersionCheck function via the svn parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted... |
| CVE-2025-44841 | 2025-05-01 | TOTOLINK CA600-PoE V5.3c.6665_B20180820 was found to contain a command injection vulnerability in the CloudSrvUserdataVersionCheck function via the version parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted... |
| CVE-2025-44842 | 2025-05-01 | TOTOLINK CA600-PoE V5.3c.6665_B20180820 was found to contain a command injection vulnerability in the msg_process function via the Port parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted... |
| CVE-2025-44843 | 2025-05-01 | TOTOLINK CA600-PoE V5.3c.6665_B20180820 was found to contain a command injection vulnerability in the CloudSrvUserdataVersionCheck function via the url parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted... |
| CVE-2025-44844 | 2025-05-01 | TOTOLINK CA600-PoE V5.3c.6665_B20180820 was found to contain a command injection vulnerability in the setUpgradeFW function via the FileName parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted... |
| CVE-2025-44845 | 2025-05-01 | TOTOLINK CA600-PoE V5.3c.6665_B20180820 was found to contain a command injection vulnerability in the NTPSyncWithHost function via the hostTime parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted... |
| CVE-2025-44846 | 2025-05-01 | TOTOLINK CA600-PoE V5.3c.6665_B20180820 was found to contain a command injection vulnerability in the recvUpgradeNewFw function via the fwUrl parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted... |
| CVE-2025-44847 | 2025-05-01 | TOTOLINK CA600-PoE V5.3c.6665_B20180820 was found to contain a command injection vulnerability in the setWebWlanIdx function via the webWlanIdx parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted... |
| CVE-2025-44848 | 2025-05-01 | TOTOLINK CA600-PoE V5.3c.6665_B20180820 was found to contain a command injection vulnerability in the msg_process function via the Url parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted... |
| CVE-2025-44854 | 2025-05-01 | TOTOLINK CP900 V6.3c.1144_B20190715 was found to contain a command injection vulnerability in the setUpgradeUboot function via the FileName parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted... |
| CVE-2025-44860 | 2025-05-01 | TOTOLINK CA300-POE V6.2c.884_B20180522 was found to contain a command injection vulnerability in the msg_process function via the Port parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted... |
| CVE-2025-44861 | 2025-05-01 | TOTOLINK CA300-POE V6.2c.884_B20180522 was found to contain a command injection vulnerability in the CloudSrvUserdataVersionCheck function via the url parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted... |
| CVE-2025-44862 | 2025-05-01 | TOTOLINK CA300-POE V6.2c.884_B20180522 was found to contain a command injection vulnerability in the recvUpgradeNewFw function via the fwUrl parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted... |
| CVE-2025-44863 | 2025-05-01 | TOTOLINK CA300-POE V6.2c.884_B20180522 was found to contain a command injection vulnerability in the msg_process function via the Url parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted... |
| CVE-2025-44864 | 2025-05-01 | Tenda W20E V15.11.0.6 was found to contain a command injection vulnerability in the formSetDebugCfg function via the module parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted... |
| CVE-2025-44865 | 2025-05-01 | Tenda W20E V15.11.0.6 was found to contain a command injection vulnerability in the formSetDebugCfg function via the enable parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted... |
| CVE-2025-44866 | 2025-05-01 | Tenda W20E V15.11.0.6 was found to contain a command injection vulnerability in the formSetDebugCfg function via the level parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted... |
| CVE-2025-44867 | 2025-05-01 | Tenda W20E V15.11.0.6 was found to contain a command injection vulnerability in the formSetNetCheckTools function via the hostName parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted... |
| CVE-2025-46625 | 2025-05-01 | Lack of input validation/sanitization in the 'setLanCfg' API endpoint in httpd in the Tenda RX2 Pro 16.03.30.14 allows a remote attacker that is authorized to the web management portal to... |
| CVE-2025-46626 | 2025-05-01 | Reuse of a static AES key and initialization vector for encrypted traffic to the 'ate' management service of the Tenda RX2 Pro 16.03.30.14 allows an attacker to decrypt, replay, and/or... |
| CVE-2025-46627 | 2025-05-01 | Use of weak credentials in the Tenda RX2 Pro 16.03.30.14 allows an unauthenticated attacker to authenticate to the telnet service by calculating the root password based on easily-obtained device information.... |
| CVE-2025-46628 | 2025-05-01 | Lack of input validation/sanitization in the 'ate' management service in the Tenda RX2 Pro 16.03.30.14 allows an unauthorized remote attacker to gain root shell access to the device by sending... |
| CVE-2025-46629 | 2025-05-01 | Lack of access controls in the 'ate' management binary of the Tenda RX2 Pro 16.03.30.14 allows an unauthenticated remote attacker to perform unauthorized configuration changes for any router where 'ate'... |
| CVE-2025-46630 | 2025-05-01 | Improper access controls in the web management portal of the Tenda RX2 Pro 16.03.30.14 allows an unauthenticated remote attacker to enable 'ate' (a remote system management binary) by sending a... |
| CVE-2025-46631 | 2025-05-01 | Improper access controls in the web management portal of the Tenda RX2 Pro 16.03.30.14 allows an unauthenticated remote attacker to enable telnet access to the router's OS by sending a... |
| CVE-2025-46632 | 2025-05-01 | Initialization vector (IV) reuse in the web management portal of the Tenda RX2 Pro 16.03.30.14 may allow an attacker to discern information about or more easily decrypt encrypted messages between... |
| CVE-2025-46633 | 2025-05-01 | Cleartext transmission of sensitive information in the web management portal of the Tenda RX2 Pro 16.03.30.14 allows an attacker to decrypt traffic between the client and server by collecting the... |
| CVE-2025-46634 | 2025-05-01 | Cleartext transmission of sensitive information in the web management portal of the Tenda RX2 Pro 16.03.30.14 may allow an unauthenticated attacker to authenticate to the web management portal by collecting... |
| CVE-2025-46635 | 2025-05-01 | An issue was discovered on Tenda RX2 Pro 16.03.30.14 devices. Improper network isolation between the guest Wi-Fi network and other network interfaces on the router allows an attacker (who is... |
| CVE-2025-47153 | 2025-05-01 | Certain build processes for libuv and Node.js for 32-bit systems, such as for the nodejs binary package through nodejs_20.19.0+dfsg-2_i386.deb for Debian GNU/Linux, have an inconsistent off_t size (e.g., building on... |
| CVE-2025-47154 | 2025-05-01 | LibJS in Ladybird before f5a6704 mishandles the freeing of the vector that arguments_list references, leading to a use-after-free, and allowing remote attackers to execute arbitrary code via a crafted .js... |
| CVE-2025-4145 | 2025-05-01 | Netgear EX6200 sub_3D0BC buffer overflow |
| CVE-2025-4143 | 2025-05-01 | Missing validation of redirect_uri on authorize endpoint |
| CVE-2025-4144 | 2025-05-01 | PKCE bypass via downgrade attack |
| CVE-2025-4146 | 2025-05-01 | Netgear EX6200 sub_41940 buffer overflow |
| CVE-2025-4147 | 2025-05-01 | Netgear EX6200 sub_47F7C buffer overflow |
| CVE-2025-2816 | 2025-05-01 | Page View Count 2.8.0 - 2.8.4 - Missing Authorization to Authenticated (Subscriber+) Limited Options Update |
| CVE-2025-4148 | 2025-05-01 | Netgear EX6200 sub_503FC buffer overflow |
| CVE-2025-1305 | 2025-05-01 | NewsBlogger <= 0.2.5.4 - Cross-Site Request Forgery to Arbitrary Plugin Installation |
| CVE-2025-1304 | 2025-05-01 | NewsBlogger <= 0.2.5.1 - Authenticated (Subscriber+) Arbitrary File Upload |
| CVE-2025-2168 | 2025-05-01 | Ultimate Store Kit Elementor Addons, Woocommerce Builder, EDD Builder, Elementor Store Builder, Product Grid, Product Table, Woocommerce Slider <= 2.4.1 - Cross-Site Request Forgery to Limited User Meta Update |
| CVE-2025-4149 | 2025-05-01 | Netgear EX6200 sub_54014 buffer overflow |
| CVE-2025-4099 | 2025-05-01 | List Children <= 2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode |
| CVE-2024-13845 | 2025-05-01 | Gravity Forms WebHooks <= 1.6.0 - Authenticated (Admin+) Server-Side Request Forgery via Webhook |
| CVE-2025-3952 | 2025-05-01 | Projectopia – WordPress Project Management <= 5.1.16 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Option Deletion |
| CVE-2025-4150 | 2025-05-01 | Netgear EX6200 sub_54340 buffer overflow |
| CVE-2025-4151 | 2025-05-01 | PHPGurukul Curfew e-Pass Management System pass-bwdates-reports-details.php sql injection |
| CVE-2024-13381 | 2025-05-01 | Calculated Fields Form < 5.2.62 - Admin+ Stored XSS |
| CVE-2025-3502 | 2025-05-01 | WP Maps < 4.7.2 - Admin+ Stored XSS |
| CVE-2025-3503 | 2025-05-01 | WP Maps < 4.7.2 - Admin+ Stored XSS |
| CVE-2025-3504 | 2025-05-01 | WP Maps < 4.7.2 - Admin+ Stored XSS |
| CVE-2025-4152 | 2025-05-01 | PHPGurukul Online Birth Certificate System bwdates-reports-details.php sql injection |
| CVE-2025-4153 | 2025-05-01 | PHPGurukul Park Ticketing Management System profile.php sql injection |
| CVE-2025-4100 | 2025-05-01 | Nautic Pages <= 2.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode |
| CVE-2025-3521 | 2025-05-01 | Team Members – Best WordPress Team Plugin with Team Slider, Team Showcase & Team Builder <= 3.4.0 - Authenticated (Contributor+) Stored Cross-Site Scripting |
| CVE-2025-4154 | 2025-05-01 | PHPGurukul Pre-School Enrollment System enrollment-details.php sql injection |
| CVE-2025-4155 | 2025-05-01 | PHPGurukul Boat Booking System edit-boat.php sql injection |
| CVE-2025-4156 | 2025-05-01 | PHPGurukul Boat Booking System change-image.php sql injection |
| CVE-2025-4157 | 2025-05-01 | PHPGurukul Boat Booking System booking-details.php sql injection |
| CVE-2025-4158 | 2025-05-01 | PCMan FTP Server PROMPT Command buffer overflow |
| CVE-2025-4159 | 2025-05-01 | PCMan FTP Server GLOB Command buffer overflow |
| CVE-2025-4160 | 2025-05-01 | PCMan FTP Server LS Command buffer overflow |
| CVE-2025-4161 | 2025-05-01 | PCMan FTP Server VERBOSE Command buffer overflow |
| CVE-2025-27007 | 2025-05-01 | WordPress SureTriggers <= 1.0.82 - Privilege Escalation Vulnerability |
| CVE-2025-4162 | 2025-05-01 | PCMan FTP Server ASCII Command buffer overflow |
| CVE-2025-1529 | 2025-05-01 | AM LottiePlayer <= 3.5.3 - Authenticated (Author+) Stored Cross-Site Scripting via Uploaded Lottie File |
| CVE-2025-3889 | 2025-05-01 | WordPress Simple PayPal Shopping Cart <= 5.1.3 - Insecure Direct Object Reference via 'quantity' |
| CVE-2025-3874 | 2025-05-01 | WordPress Simple PayPal Shopping Cart <= 5.1.3 - Insecure Direct Object Reference |
| CVE-2025-3890 | 2025-05-01 | WordPress Simple PayPal Shopping Cart <= 5.1.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode |
| CVE-2025-4163 | 2025-05-01 | PHPGurukul Land Record System aboutus.php sql injection |
| CVE-2025-4164 | 2025-05-01 | PHPGurukul Employee Record Management System changepassword.php sql injection |
| CVE-2025-23140 | 2025-05-01 | misc: pci_endpoint_test: Avoid issue of interrupts remaining after request_irq error |
| CVE-2025-23141 | 2025-05-01 | KVM: x86: Acquire SRCU in KVM_GET_MP_STATE to protect guest memory accesses |
| CVE-2025-23142 | 2025-05-01 | sctp: detect and prevent references to a freed transport in sendmsg |
| CVE-2025-23143 | 2025-05-01 | net: Fix null-ptr-deref by sock_lock_init_class_and_name() and rmmod. |
| CVE-2025-23144 | 2025-05-01 | backlight: led_bl: Hold led_access lock when calling led_sysfs_disable() |
| CVE-2025-23145 | 2025-05-01 | mptcp: fix NULL pointer in can_accept_new_subflow |
| CVE-2025-23146 | 2025-05-01 | mfd: ene-kb3930: Fix a potential NULL pointer dereference |
| CVE-2025-23147 | 2025-05-01 | i3c: Add NULL pointer check in i3c_master_queue_ibi() |
| CVE-2025-23148 | 2025-05-01 | soc: samsung: exynos-chipid: Add NULL pointer check in exynos_chipid_probe() |
| CVE-2025-23149 | 2025-05-01 | tpm: do not start chip while suspended |
| CVE-2025-23150 | 2025-05-01 | ext4: fix off-by-one error in do_split |
| CVE-2025-23151 | 2025-05-01 | bus: mhi: host: Fix race between unprepare and queue_buf |
| CVE-2025-23152 | 2025-05-01 | arm64/crc-t10dif: fix use of out-of-scope array in crc_t10dif_arch() |