CVE List - 2025 / May
Showing 3101 - 3200 of 3984 CVEs for May 2025 (Page 32 of 40)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2025-48416 | 2025-05-21 | Backdoor Functionality via SSH in eCharge Hardy Barth cPH2 / cPP2 charging stations |
| CVE-2025-48417 | 2025-05-21 | Hard-Coded Certificate and Private Key for HTTPS Web Interface in eCharge Hardy Barth cPH2 / cPP2 charging stations |
| CVE-2025-40775 | 2025-05-21 | DNS message with invalid TSIG causes an assertion failure |
| CVE-2025-1416 | 2025-05-21 | Password disclosure in Proget MDM |
| CVE-2025-1417 | 2025-05-21 | Information disclosure in Proget MDM |
| CVE-2025-1418 | 2025-05-21 | Information disclosure in Proget MDM |
| CVE-2025-1419 | 2025-05-21 | XSS in Proget MDM |
| CVE-2025-1420 | 2025-05-21 | XSS in Proget MDM |
| CVE-2025-1421 | 2025-05-21 | Formula injection in a CSV file in Proget MDM |
| CVE-2025-5029 | 2025-05-21 | Kingdee Cloud Galaxy Private Cloud BBC System File deleteFileAction.jhtml path traversal |
| CVE-2024-23337 | 2025-05-21 | jq has signed integer overflow in jv.c:jvp_array_write |
| CVE-2025-4008 | 2025-05-21 | Arbitrary Command Injection in Smartbedded MeteoBridge |
| CVE-2025-20112 | 2025-05-21 | Cisco Unified Communications Products Privilege Escalation Vulnerability |
| CVE-2025-20152 | 2025-05-21 | ISE restart |
| CVE-2025-20114 | 2025-05-21 | Cisco Unified Intelligence Center Insecure Direct Object Reference Vulnerability |
| CVE-2025-20113 | 2025-05-21 | Cisco Unified Intelligence Center Privilege Escalation Vulnerability |
| CVE-2025-20256 | 2025-05-21 | Cisco Secure Network Analytics Manager Server-Side Template Injection Vulnerability |
| CVE-2025-20257 | 2025-05-21 | Cisco Secure Network Analytics API Authorization Vulnerability |
| CVE-2025-20267 | 2025-05-21 | Cisco Identity Services Stored Cross-Site Scripting Vulnerability |
| CVE-2025-4415 | 2025-05-21 | Piwik PRO - Moderately critical - Cross Site Scripting - SA-CONTRIB-2025-058 |
| CVE-2025-4416 | 2025-05-21 | Events Log Track - Moderately critical - Denial of Service - SA-CONTRIB-2025-059 |
| CVE-2025-48009 | 2025-05-21 | Single Content Sync - Moderately critical - Access bypass - SA-CONTRIB-2025-060 |
| CVE-2025-48010 | 2025-05-21 | One Time Password - Moderately critical - Access bypass - SA-CONTRIB-2025-061 |
| CVE-2025-48011 | 2025-05-21 | One Time Password - Moderately critical - Access bypass - SA-CONTRIB-2025-062 |
| CVE-2025-48012 | 2025-05-21 | One Time Password - Moderately critical - Access bypass - SA-CONTRIB-2025-063 |
| CVE-2025-5030 | 2025-05-21 | Ackites KillWxapkg wxapkg File Parser unpack.go processFile os command injection |
| CVE-2025-20242 | 2025-05-21 | A vulnerability in the Cloud Connect component of Cisco Unified... |
| CVE-2025-20255 | 2025-05-21 | A vulnerability in client join services of Cisco Webex Meetings... |
| CVE-2025-20258 | 2025-05-21 | A vulnerability in the self-service portal of Cisco Duo could... |
| CVE-2025-20246 | 2025-05-21 | A vulnerability in Cisco Webex could allow an unauthenticated, remote... |
| CVE-2025-20247 | 2025-05-21 | A vulnerability in Cisco Webex could allow an unauthenticated, remote... |
| CVE-2025-20250 | 2025-05-21 | A vulnerability in Cisco Webex could allow an unauthenticated, remote... |
| CVE-2025-5031 | 2025-05-21 | Ackites KillWxapkg wxapkg File Decompression resource consumption |
| CVE-2025-5032 | 2025-05-21 | Campcodes Online Shopping Portal edit-category.php sql injection |
| CVE-2025-0372 | 2025-05-21 | Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')... |
| CVE-2025-5020 | 2025-05-21 | Opening maliciously-crafted URLs in Firefox from other apps such as... |
| CVE-2025-2102 | 2025-05-21 | Improper Link Resolution Before File Access ('Link Following') vulnerability in... |
| CVE-2025-46822 | 2025-05-21 | Unauthenticated Arbitrary File Read via Absolute Path |
| CVE-2025-47291 | 2025-05-21 | containerd CRI plugin: Incorrect cgroup hierarchy assignment for containers running in usernamespaced Kubernetes pods. |
| CVE-2025-5033 | 2025-05-21 | XiaoBingby TeaCMS addUser cross-site request forgery |
| CVE-2025-48060 | 2025-05-21 | AddressSanitizer: stack-buffer-overflow in jq_fuzz_execute (jv_string_vfmt) |
| CVE-2025-48063 | 2025-05-21 | XWiki Platform Security Authorization Bridge allows users with just edit right can enforce required rights with programming right |
| CVE-2025-48064 | 2025-05-21 | GitHub Desktop vulnerable to maliciously crafted file renames leading to information disclosure |
| CVE-2025-48069 | 2025-05-21 | ejson2env has insufficient input sanitization |
| CVE-2025-3751 | 2025-05-21 | TIBCO ActiveMatrix BusinessWorks SQL Injection Vulnerability |
| CVE-2025-2261 | 2025-05-21 | TIBCO BPM Enterprise XSS Vulnerability |
| CVE-2025-5049 | 2025-05-21 | FreeFloat FTP Server APPEND Command buffer overflow |
| CVE-2025-5050 | 2025-05-21 | FreeFloat FTP Server BELL Command buffer overflow |
| CVE-2025-46412 | 2025-05-21 | Vertiv Liebert RDU101 and UNITY Authentication Bypass Using an Alternate Path or Channel |
| CVE-2025-41426 | 2025-05-21 | Vertiv Liebert RDU101 and UNITY Stack-based Buffer Overflow |
| CVE-2025-36535 | 2025-05-21 | AutomationDirect MB-Gateway Missing Authentication for Critical Function |
| CVE-2025-5051 | 2025-05-21 | FreeFloat FTP Server BINARY Command buffer overflow |
| CVE-2025-5052 | 2025-05-21 | FreeFloat FTP Server LS Command buffer overflow |
| CVE-2025-5053 | 2025-05-21 | FreeFloat FTP Server MDIR Command buffer overflow |
| CVE-2025-47942 | 2025-05-21 | Learners on edX Platform can download python_lib.zip |
| CVE-2025-34027 | 2025-05-21 | Versa Concerto Authentication Bypass File Write Remote Code Execution |
| CVE-2025-5056 | 2025-05-21 | Campcodes Online Shopping Portal edit-products.php sql injection |
| CVE-2025-5057 | 2025-05-21 | Campcodes Online Shopping Portal insert-product.php sql injection |
| CVE-2025-34026 | 2025-05-21 | Versa Concerto Actuator Authentication Bypass Information Leak |
| CVE-2025-47947 | 2025-05-21 | ModSecurity Has Possible DoS Vulnerability |
| CVE-2025-48070 | 2025-05-21 | Plane has insecure permissions in UserSerializer |
| CVE-2025-34025 | 2025-05-21 | Versa Concerto Insecure Docker Mount Container Escape |
| CVE-2025-5059 | 2025-05-21 | Campcodes Online Shopping Portal edit-subcategory.php unrestricted upload |
| CVE-2023-47466 | 2025-05-22 | TagLib before 2.0 allows a segmentation violation and application crash... |
| CVE-2024-40458 | 2025-05-22 | An issue in Ocuco Innovation Tracking.exe v.2.10.24.51 allows a local... |
| CVE-2024-40459 | 2025-05-22 | An issue in Ocuco Innovation APPMANAGER.EXE v.2.10.24.51 allows a local... |
| CVE-2024-40460 | 2025-05-22 | An issue in Ocuco Innovation v.2.10.24.51 allows a local attacker... |
| CVE-2024-40461 | 2025-05-22 | An issue in Ocuco Innovation v.2.10.24.51 allows a local attacker... |
| CVE-2024-40462 | 2025-05-22 | An issue in Ocuco Innovation v.2.10.24.51 allows a local attacker... |
| CVE-2024-41195 | 2025-05-22 | An issue in Ocuco Innovation - INNOVASERVICEINTF.EXE v2.10.24.17 allows attackers... |
| CVE-2024-41196 | 2025-05-22 | An issue in Ocuco Innovation - REPORTSERVER.EXE v2.10.24.13 allows attackers... |
| CVE-2024-41197 | 2025-05-22 | An issue in Ocuco Innovation - INVCLIENT.EXE v2.10.24.5 allows attackers... |
| CVE-2024-41198 | 2025-05-22 | An issue in Ocuco Innovation - REPORTS.EXE v2.10.24.13 allows attackers... |
| CVE-2024-41199 | 2025-05-22 | An issue in Ocuco Innovation - JOBMANAGER.EXE v2.10.24.16 allows attackers... |
| CVE-2024-52874 | 2025-05-22 | In Infoblox NETMRI before 7.6.1, authenticated users can perform SQL... |
| CVE-2024-54188 | 2025-05-22 | Infoblox NETMRI before 7.6.1 has a vulnerability allowing remote authenticated... |
| CVE-2025-32813 | 2025-05-22 | An issue was discovered in Infoblox NETMRI before 7.6.1. Remote... |
| CVE-2025-32814 | 2025-05-22 | An issue was discovered in Infoblox NETMRI before 7.6.1. Unauthenticated... |
| CVE-2025-32815 | 2025-05-22 | An issue was discovered in Infoblox NETMRI before 7.6.1. Authentication... |
| CVE-2025-45468 | 2025-05-22 | Insecure permissions in fc-stable-diffusion-plus v1.0.18 allows attackers to escalate privileges... |
| CVE-2025-45471 | 2025-05-22 | Insecure permissions in measure-cold-start v1.4.1 allows attackers to escalate privileges... |
| CVE-2025-45472 | 2025-05-22 | Insecure permissions in autodeploy-layer v1.2.0 allows attackers to escalate privileges... |
| CVE-2025-3887 | 2025-05-22 | GStreamer H265 Codec Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| CVE-2025-3881 | 2025-05-22 | eCharge Hardy Barth cPH2 check_req.php ntp Command Injection Remote Code Execution Vulnerability |
| CVE-2025-3882 | 2025-05-22 | eCharge Hardy Barth cPH2 nwcheckexec.php dest Command Injection Remote Code Execution Vulnerability |
| CVE-2025-3883 | 2025-05-22 | eCharge Hardy Barth cPH2 index.php Command Injection Remote Code Execution Vulnerability |
| CVE-2025-3884 | 2025-05-22 | Cloudera Hue Ace Editor Directory Traversal Information Disclosure Vulnerability |
| CVE-2025-3885 | 2025-05-22 | Harman Becker MGU21 Bluetooth Improper Input Validation Denial-of-Service Vulnerability |
| CVE-2025-3484 | 2025-05-22 | MedDream PACS Server DICOM File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| CVE-2025-3483 | 2025-05-22 | MedDream PACS Server DICOM File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| CVE-2025-3482 | 2025-05-22 | MedDream PACS Server DICOM File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| CVE-2025-3481 | 2025-05-22 | MedDream PACS Server DICOM File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
| CVE-2025-3480 | 2025-05-22 | MedDream WEB DICOM Viewer Cleartext Transmission of Credentials Information Disclosure Vulnerability |
| CVE-2025-3486 | 2025-05-22 | Allegra isZipEntryValide Directory Traversal Remote Code Execution Vulnerability |
| CVE-2025-2759 | 2025-05-22 | GStreamer Incorrect Permission Assignment Local Privilege Escalation Vulnerability |
| CVE-2025-5062 | 2025-05-22 | WooCommerce <= 9.4.2 - PostMessage-Based Cross-Site Scripting |
| CVE-2025-4133 | 2025-05-22 | Blog2Social: Social Media Auto Post & Scheduler < 8.4.0 - Contributor+ Stored XSS |
| CVE-2025-4123 | 2025-05-22 | A cross-site scripting (XSS) vulnerability exists in Grafana caused by... |
| CVE-2024-9544 | 2025-05-22 | MapSVG - All Kinds of Maps and Store Locator for WordPress <= 8.6.4 - Authenticated (Contributor+) Stored Cross-Site Scripting |
| CVE-2025-4405 | 2025-05-22 | Hot Random Image <= 1.9.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via link Parameter |