CVE List - 2025 / May
Showing 1601 - 1700 of 3984 CVEs for May 2025 (Page 17 of 40)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2025-31245 | 2025-05-12 | The issue was addressed with improved checks. This issue is... |
| CVE-2025-31212 | 2025-05-12 | This issue was addressed through improved state management. This issue... |
| CVE-2025-24155 | 2025-05-12 | The issue was addressed with improved memory handling. This issue... |
| CVE-2025-31204 | 2025-05-12 | The issue was addressed with improved memory handling. This issue... |
| CVE-2025-30442 | 2025-05-12 | The issue was addressed with improved input sanitization. This issue... |
| CVE-2025-31253 | 2025-05-12 | This issue was addressed through improved state management. This issue... |
| CVE-2025-31195 | 2025-05-12 | The issue was addressed by adding additional logic. This issue... |
| CVE-2025-31246 | 2025-05-12 | The issue was addressed with improved memory handling. This issue... |
| CVE-2025-31207 | 2025-05-12 | A logic issue was addressed with improved checks. This issue... |
| CVE-2025-31250 | 2025-05-12 | An information disclosure issue was addressed with improved privacy controls.... |
| CVE-2025-31196 | 2025-05-12 | An out-of-bounds read was addressed with improved input validation. This... |
| CVE-2025-30436 | 2025-05-12 | This issue was addressed by restricting options offered on a... |
| CVE-2025-31227 | 2025-05-12 | A logic issue was addressed with improved checks. This issue... |
| CVE-2025-24225 | 2025-05-12 | An injection issue was addressed with improved input validation. This... |
| CVE-2025-31226 | 2025-05-12 | A logic issue was addressed with improved checks. This issue... |
| CVE-2025-31251 | 2025-05-12 | The issue was addressed with improved input sanitization. This issue... |
| CVE-2025-30440 | 2025-05-12 | The issue was addressed with improved checks. This issue is... |
| CVE-2025-31206 | 2025-05-12 | A type confusion issue was addressed with improved state handling.... |
| CVE-2025-31210 | 2025-05-12 | The issue was addressed with improved UI. This issue is... |
| CVE-2025-31247 | 2025-05-12 | A logic issue was addressed with improved state management. This... |
| CVE-2025-31221 | 2025-05-12 | An integer overflow was addressed with improved input validation. This... |
| CVE-2025-31260 | 2025-05-12 | A permissions issue was addressed with additional restrictions. This issue... |
| CVE-2025-31237 | 2025-05-12 | This issue was addressed with improved checks. This issue is... |
| CVE-2025-24222 | 2025-05-12 | The issue was addressed with improved memory handling. This issue... |
| CVE-2025-31240 | 2025-05-12 | This issue was addressed with improved checks. This issue is... |
| CVE-2025-31217 | 2025-05-12 | The issue was addressed with improved input validation. This issue... |
| CVE-2025-24111 | 2025-05-12 | A memory corruption issue was addressed with improved state management.... |
| CVE-2025-31256 | 2025-05-12 | The issue was addressed with improved handling of caches. This... |
| CVE-2025-31257 | 2025-05-12 | This issue was addressed with improved memory handling. This issue... |
| CVE-2025-31241 | 2025-05-12 | A double free issue was addressed with improved memory management.... |
| CVE-2025-24274 | 2025-05-12 | An input validation issue was addressed by removing the vulnerable... |
| CVE-2025-24223 | 2025-05-12 | The issue was addressed with improved memory handling. This issue... |
| CVE-2025-31236 | 2025-05-12 | An information disclosure issue was addressed with improved privacy controls.... |
| CVE-2025-24258 | 2025-05-12 | A permissions issue was addressed with additional restrictions. This issue... |
| CVE-2025-31220 | 2025-05-12 | A privacy issue was addressed by removing sensitive data. This... |
| CVE-2025-46825 | 2025-05-12 | Kanboard has stored Cross-site Scripting vulnerability in project name |
| CVE-2023-49641 | 2025-05-12 | Billing Software v1.0 - Multiple Unauthenticated SQL Injections (SQLi) |
| CVE-2024-46506 | 2025-05-13 | NetAlertX 23.01.14 through 24.x before 24.10.12 allows unauthenticated command injection... |
| CVE-2024-48766 | 2025-05-13 | NetAlertX 24.7.18 before 24.10.12 allows unauthenticated file reading because an... |
| CVE-2024-56526 | 2025-05-13 | An issue was discovered in OXID eShop before 7. CMS... |
| CVE-2025-28055 | 2025-05-13 | upset-gal-web v7.1.0 /api/music/v1/cover.ts contains an arbitrary file read vulnerabilit |
| CVE-2025-28056 | 2025-05-13 | rebuild v3.9.0 through v3.9.3 has a SQL injection vulnerability in... |
| CVE-2025-28057 | 2025-05-13 | owl-admin v3.2.2~ to v4.10.2 is vulnerable to SQL Injection in... |
| CVE-2025-44039 | 2025-05-13 | CP-XR-DE21-S -4G Router Firmware version 1.031.022 was discovered to contain... |
| CVE-2025-44831 | 2025-05-13 | EngineerCMS v1.02 through v2.0.5 has a SQL injection vulnerability in... |
| CVE-2025-45746 | 2025-05-13 | In ZKT ZKBio CVSecurity 6.4.1_R an unauthenticated attacker can craft... |
| CVE-2025-45857 | 2025-05-13 | EDIMAX CV7428NS v1.20 was discovered to contain a remote code... |
| CVE-2025-45858 | 2025-05-13 | TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a command injection... |
| CVE-2025-45859 | 2025-05-13 | TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow... |
| CVE-2025-45861 | 2025-05-13 | TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow... |
| CVE-2025-45863 | 2025-05-13 | TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow... |
| CVE-2025-45864 | 2025-05-13 | TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow... |
| CVE-2025-45865 | 2025-05-13 | TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow... |
| CVE-2025-45866 | 2025-05-13 | TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow... |
| CVE-2025-45867 | 2025-05-13 | TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow... |
| CVE-2025-47204 | 2025-05-13 | An issue was discovered in post.php in bootstrap-multiselect (aka Bootstrap... |
| CVE-2025-47905 | 2025-05-13 | Varnish Cache before 7.6.3 and 7.7 before 7.7.1, and Varnish... |
| CVE-2025-26662 | 2025-05-13 | Cross-Site Scripting (XSS) vulnerability in the SAP Data Services Management Console |
| CVE-2025-30009 | 2025-05-13 | Multiple vulnerabilities in SAP Supplier Relationship Management (Live Auction Cockpit) |
| CVE-2025-30010 | 2025-05-13 | Multiple vulnerabilities in SAP Supplier Relationship Management (Live Auction Cockpit) |
| CVE-2025-30011 | 2025-05-13 | Multiple vulnerabilities in SAP Supplier Relationship Management (Live Auction Cockpit) |
| CVE-2025-30012 | 2025-05-13 | Multiple vulnerabilities in SAP Supplier Relationship Management (Live Auction Cockpit) |
| CVE-2025-30018 | 2025-05-13 | Multiple vulnerabilities in SAP Supplier Relationship Management (Live Auction Cockpit) |
| CVE-2025-31329 | 2025-05-13 | Information Disclosure vulnerability in SAP NetWeaver Application Server ABAP and ABAP Platform |
| CVE-2025-42997 | 2025-05-13 | Information Disclosure vulnerability in SAP Gateway Client |
| CVE-2025-42999 | 2025-05-13 | Insecure Deserialization in SAP NetWeaver (Visual Composer development server) |
| CVE-2025-43000 | 2025-05-13 | Information Disclosure Vulnerability in SAP Business Objects Business Intelligence Platform (PMW) |
| CVE-2025-43002 | 2025-05-13 | Missing Authorization check in SAP S4/HANA (OData meta-data property) |
| CVE-2025-43003 | 2025-05-13 | Information Disclosure vulnerability in SAP S/4HANA (Private Cloud & On-Premise) |
| CVE-2025-43004 | 2025-05-13 | Security Misconfiguration Vulnerability in SAP Digital Manufacturing (Production Operator Dashboard) |
| CVE-2025-43005 | 2025-05-13 | Information Disclosure vulnerability in SAP GUI for Windows |
| CVE-2025-43006 | 2025-05-13 | Cross-Site Scripting (XSS) vulnerability in SAP Supplier Relationship Management (Master Data Management Catalog) |
| CVE-2025-43007 | 2025-05-13 | Missing Authorization check in SAP Service Parts Management (SPM) |
| CVE-2025-43008 | 2025-05-13 | Missing Authorization check in SAP S/4HANA HCM Portugal and SAP ERP HCM Portugal |
| CVE-2025-43009 | 2025-05-13 | Missing Authorization check in SAP Service Parts Management (SPM) |
| CVE-2025-43010 | 2025-05-13 | Code injection vulnerability in SAP S/4HANA Cloud Private Edition or On Premise(SCM Master Data Layer (MDL)) |
| CVE-2025-43011 | 2025-05-13 | Missing Authorization Check in SAP Landscape Transformation (PCL Basis) |
| CVE-2025-35471 | 2025-05-13 | conda-forge openssl-feedstock writable OPENSSLDIR |
| CVE-2025-4396 | 2025-05-13 | Relevanssi <= 4.24.4 (Free) and <= 2.27.4 (Premium) - Unauthenticated SQL Injection |
| CVE-2025-22249 | 2025-05-13 | VMSA-2025-0008: VMware Aria automation updates address a DOM based Cross-site scripting vulnerability (CVE-2025-22249) |
| CVE-2025-22246 | 2025-05-13 | CVE-2025-22246 – UAA Private Key Exposure |
| CVE-2025-4632 | 2025-05-13 | Improper limitation of a pathname to a restricted directory vulnerability... |
| CVE-2025-4473 | 2025-05-13 | Frontend Dashboard 1.5.10 - 2.2.7 - Missing Authorization to Authenticated (Subscriber+) Account Takeover/Privilege Escalation via ajax_request Function |
| CVE-2025-3107 | 2025-05-13 | Newsletters <= 4.9.9.8 - Authenticated (Contributor+) SQL Injection orderby Parameter |
| CVE-2025-4317 | 2025-05-13 | TheGem <= 5.10.3 - Authenticated (Subscriber+) Arbitrary File Upload |
| CVE-2025-4339 | 2025-05-13 | TheGem <= 5.10.3 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Theme Options Update |
| CVE-2025-4474 | 2025-05-13 | Frontend Dashboard 1.0 - 2.2.7 - Missing Authorization to Authenticated (Subscriber+) Privilege Escalation via fed_admin_setting_form_function Function |
| CVE-2025-27696 | 2025-05-13 | Apache Superset: Improper authorization leading to resource ownership takeover |
| CVE-2025-3916 | 2025-05-13 | CWE-121: Stack-based Buffer Overflow vulnerability exists that could cause local... |
| CVE-2025-41645 | 2025-05-13 | SMA: Sunny Portal demo system privilege escalation |
| CVE-2025-22248 | 2025-05-13 | [pgpool] Unauthenticated access to postgres through pgpool |
| CVE-2025-4646 | 2025-05-13 | A high privilege user is able to create and use a valid admin API token in centreon-web |
| CVE-2025-4647 | 2025-05-13 | A user with elevated privileges can bypass sanitization measures by replacing the content of an existing SVG |
| CVE-2025-40628 | 2025-05-13 | SQL Injection in DomainsPRO |
| CVE-2024-23815 | 2025-05-13 | A vulnerability has been identified in Desigo CC (All versions... |
| CVE-2024-51444 | 2025-05-13 | A vulnerability has been identified in Polarion V2310 (All versions),... |
| CVE-2024-51445 | 2025-05-13 | A vulnerability has been identified in Polarion V2310 (All versions),... |
| CVE-2024-51446 | 2025-05-13 | A vulnerability has been identified in Polarion V2310 (All versions),... |
| CVE-2024-51447 | 2025-05-13 | A vulnerability has been identified in Polarion V2310 (All versions),... |
| CVE-2025-24007 | 2025-05-13 | A vulnerability has been identified in SIRIUS 3RK3 Modular Safety... |