CVE List - 2025 / May
Showing 1501 - 1600 of 3984 CVEs for May 2025 (Page 16 of 40)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2025-4541 | 2025-05-11 | LmxCMS POST Request ZtAction.class.php manageZt sql injection |
| CVE-2025-4542 | 2025-05-11 | Freeebird Hotel 酒店管理系统 API SessionInterceptor.java cross-domain policy |
| CVE-2025-4543 | 2025-05-11 | LyLme Spage ajax_link.php sql injection |
| CVE-2025-4544 | 2025-05-11 | D-Link DI-8100 jhttpd ddos.asp stack-based overflow |
| CVE-2025-4545 | 2025-05-11 | CTCMS Content Management System File Tpl.php del path traversal |
| CVE-2025-4546 | 2025-05-11 | 1Panel-dev MaxKB Knowledge Base Module csv injection |
| CVE-2025-4547 | 2025-05-11 | SourceCodester Web-based Pharmacy Product Management System Add User Page cross site scripting |
| CVE-2025-4548 | 2025-05-11 | Campcodes Online Food Ordering System router.php sql injection |
| CVE-2025-4549 | 2025-05-11 | Campcodes Online Food Ordering System register-router.php sql injection |
| CVE-2025-4550 | 2025-05-11 | PHPGurukul Apartment Visitors Management System pass-details.php sql injection |
| CVE-2025-4551 | 2025-05-11 | ContiNew Admin file cross site scripting |
| CVE-2025-4552 | 2025-05-11 | ContiNew Admin password unverified password change |
| CVE-2023-34732 | 2025-05-12 | An issue in the userId parameter in the change password... |
| CVE-2024-55466 | 2025-05-12 | An arbitrary file upload vulnerability in the Image Gallery of... |
| CVE-2024-56523 | 2025-05-12 | Radware Cloud Web Application Firewall (WAF) before 2025-05-07 allows remote... |
| CVE-2024-56524 | 2025-05-12 | Radware Cloud Web Application Firewall (WAF) before 2025-05-07 allows remote... |
| CVE-2025-26841 | 2025-05-12 | Cross Site Scripting vulnerability in WPEVEREST Everest Forms before 3.0.9... |
| CVE-2025-26846 | 2025-05-12 | An issue was discovered in Znuny before 7.1.4. Permissions are... |
| CVE-2025-44022 | 2025-05-12 | An issue in vvveb CMS v.1.0.6 allows a remote attacker... |
| CVE-2025-44175 | 2025-05-12 | Tenda AC10 v4 V16.03.10.13 is vulnerable to Buffer Overflow in... |
| CVE-2025-44176 | 2025-05-12 | Tenda FH451 V1.0.0.9 is vulnerable to Remote Code Execution in... |
| CVE-2025-44830 | 2025-05-12 | EngineerCMS v1.02 through v.2.0.5 has a SQL injection vulnerability in... |
| CVE-2025-45779 | 2025-05-12 | Tenda AC10 V1.0re_V15.03.06.46 is vulnerable to Buffer Overflow in the... |
| CVE-2025-45835 | 2025-05-12 | A null pointer dereference vulnerability was discovered in Netis WF2880... |
| CVE-2025-46610 | 2025-05-12 | ARTEC EMA Mail 6.92 allows CSRF. |
| CVE-2025-46611 | 2025-05-12 | Cross Site Scripting vulnerability in ARTEC EMA Mail v6.92 allows... |
| CVE-2025-4553 | 2025-05-12 | PHPGurukul Apartment Visitors Management System bwdates-reports-details.php sql injection |
| CVE-2025-4554 | 2025-05-12 | PHPGurukul Apartment Visitors Management System bwdates-passreports-details.php sql injection |
| CVE-2025-4555 | 2025-05-12 | ZONG YU Okcat Parking Management Platform - Missing Authentication |
| CVE-2025-4556 | 2025-05-12 | ZONG YU Okcat Parking Management Platform - Arbitrary File Upload |
| CVE-2025-4557 | 2025-05-12 | ZONG YU Parking Management System - Missing Authentication |
| CVE-2025-4558 | 2025-05-12 | WormHole Tech GPM - Unverified Password Change |
| CVE-2025-3597 | 2025-05-12 | Firelight Lightbox < 2.3.15 - Contributor+ Stored XSS |
| CVE-2025-3649 | 2025-05-12 | LightPress Lightbox < 2.3.4 - Contributor+ Stored XSS |
| CVE-2025-4559 | 2025-05-12 | Netvision ISOinsight - SQL Injection |
| CVE-2025-4560 | 2025-05-12 | Netvision ISOinsight - Missing Authentication |
| CVE-2025-4561 | 2025-05-12 | Kinfor KFOX - Arbitrary File Upload |
| CVE-2025-3496 | 2025-05-12 | AUMA Riester: Buffer overflow in service telegram |
| CVE-2025-41393 | 2025-05-12 | Reflected cross-site scripting vulnerability exists in the laser printers and... |
| CVE-2025-1533 | 2025-05-12 | A stack buffer overflow has been identified in the AsIO3.sys... |
| CVE-2025-32390 | 2025-05-12 | EspoCRM vulnerable to HTML Injection into phishing, which may lead to account takeover |
| CVE-2025-46729 | 2025-05-12 | phpDVDProfiler Cross-site Scripting vulnerability |
| CVE-2025-22247 | 2025-05-12 | Insecure file handling vulnerability |
| CVE-2025-47270 | 2025-05-12 | nimiq-network-libp2p Uncontrolled Resource Consumption vulnerability |
| CVE-2025-47271 | 2025-05-12 | OZI-Project/ozi-publish Code Injection vulnerability |
| CVE-2025-40626 | 2025-05-12 | Reflected Cross-Site Scripting (XSS) in AbanteCart |
| CVE-2025-40627 | 2025-05-12 | Reflected Cross-Site Scripting (XSS) in AbanteCart |
| CVE-2025-46717 | 2025-05-12 | sudo-rs Allows Low Privilege Users to Discover the Existence of Files in Inaccessible Folders |
| CVE-2025-46718 | 2025-05-12 | sudo-rs Allows Low Privilege Users to Enumerate Privileges of Others |
| CVE-2025-47274 | 2025-05-12 | ToolHive stores secrets in the state store with no encryption |
| CVE-2025-47578 | 2025-05-12 | WordPress BNS Twitter Follow Button plugin <= 0.3.8 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-46737 | 2025-05-12 | Origin Validation Error |
| CVE-2025-46738 | 2025-05-12 | Deserialization of Untrusted Data |
| CVE-2025-46739 | 2025-05-12 | Improper Restriction of Excessive Authentication Attempts |
| CVE-2025-46740 | 2025-05-12 | Improper Handling of Insufficient Permissions |
| CVE-2025-46741 | 2025-05-12 | Improper Privilege Management |
| CVE-2025-46742 | 2025-05-12 | Improper Access Control |
| CVE-2025-46744 | 2025-05-12 | Improper Privilege Management |
| CVE-2025-46745 | 2025-05-12 | Improper Privilege Management |
| CVE-2025-46746 | 2025-05-12 | Error Message Contains Sensitive Information |
| CVE-2025-46747 | 2025-05-12 | Exposure of Sensitive System Information |
| CVE-2025-46748 | 2025-05-12 | Unverified Password Change |
| CVE-2025-46749 | 2025-05-12 | Improper Neutralization of Input |
| CVE-2025-46750 | 2025-05-12 | Authentication Bypass |
| CVE-2025-46743 | 2025-05-12 | Cross-Site Request Forgery |
| CVE-2025-3632 | 2025-05-12 | IBM 4769 Developers Toolkit denial of service |
| CVE-2025-47682 | 2025-05-12 | WordPress SMS Alert Order Notifications – WooCommerce <= 3.8.2 - SQL Injection Vulnerability |
| CVE-2024-4981 | 2025-05-12 | Pagure: _update_file_in_git() follows symbolic links in temporary clones |
| CVE-2024-4982 | 2025-05-12 | Pagure: path traversal in view_issue_raw_file() |
| CVE-2025-1079 | 2025-05-12 | RCE In Google Web Designer |
| CVE-2025-3659 | 2025-05-12 | Improper authentication handling for Digi PortServer TS; Digi One SP, SP IA, IA; Digi One IAP |
| CVE-2025-31258 | 2025-05-12 | This issue was addressed by removing the vulnerable code. This... |
| CVE-2025-31219 | 2025-05-12 | The issue was addressed with improved memory handling. This issue... |
| CVE-2025-24220 | 2025-05-12 | A permissions issue was addressed with additional restrictions. This issue... |
| CVE-2025-31235 | 2025-05-12 | A double free issue was addressed with improved memory management.... |
| CVE-2025-31223 | 2025-05-12 | The issue was addressed with improved checks. This issue is... |
| CVE-2025-24144 | 2025-05-12 | An information disclosure issue was addressed by removing the vulnerable... |
| CVE-2025-31215 | 2025-05-12 | The issue was addressed with improved checks. This issue is... |
| CVE-2025-30453 | 2025-05-12 | The issue was addressed with additional permissions checks. This issue... |
| CVE-2025-31242 | 2025-05-12 | A privacy issue was addressed with improved private data redaction... |
| CVE-2025-31239 | 2025-05-12 | A use-after-free issue was addressed with improved memory management. This... |
| CVE-2025-31238 | 2025-05-12 | The issue was addressed with improved checks. This issue is... |
| CVE-2025-31214 | 2025-05-12 | This issue was addressed through improved state management. This issue... |
| CVE-2025-31222 | 2025-05-12 | A correctness issue was addressed with improved checks. This issue... |
| CVE-2025-31234 | 2025-05-12 | The issue was addressed with improved input sanitization. This issue... |
| CVE-2025-31218 | 2025-05-12 | This issue was addressed by removing the vulnerable code. This... |
| CVE-2025-30448 | 2025-05-12 | This issue was addressed with additional entitlement checks. This issue... |
| CVE-2025-31259 | 2025-05-12 | The issue was addressed with improved input sanitization. This issue... |
| CVE-2025-31205 | 2025-05-12 | The issue was addressed with improved checks. This issue is... |
| CVE-2025-24142 | 2025-05-12 | A privacy issue was addressed with improved private data redaction... |
| CVE-2025-31213 | 2025-05-12 | A logging issue was addressed with improved data redaction. This... |
| CVE-2025-31244 | 2025-05-12 | A file quarantine bypass was addressed with additional checks. This... |
| CVE-2025-31209 | 2025-05-12 | An out-of-bounds read was addressed with improved bounds checking. This... |
| CVE-2025-31233 | 2025-05-12 | The issue was addressed with improved input sanitization. This issue... |
| CVE-2025-31225 | 2025-05-12 | A privacy issue was addressed by removing sensitive data. This... |
| CVE-2025-31224 | 2025-05-12 | A logic issue was addressed with improved checks. This issue... |
| CVE-2025-31232 | 2025-05-12 | A logic issue was addressed with improved checks. This issue... |
| CVE-2025-31249 | 2025-05-12 | A logic issue was addressed with improved checks. This issue... |
| CVE-2025-31208 | 2025-05-12 | The issue was addressed with improved checks. This issue is... |
| CVE-2025-31228 | 2025-05-12 | The issue was addressed with improved authentication. This issue is... |