CVE List - 2025 / May
Showing 3701 - 3800 of 3982 CVEs for May 2025 (Page 38 of 40)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2025-48925 | 2025-05-28 | The TeleMessage service through 2025-05-05 relies on the client side (e.g., the TM SGNL app) to do MD5 hashing, and then accepts the hash as the authentication credential. |
| CVE-2025-48926 | 2025-05-28 | The admin panel in the TeleMessage service through 2025-05-05 allows attackers to discover usernames, e-mail addresses, passwords, and telephone numbers. |
| CVE-2025-48927 | 2025-05-28 | The TeleMessage service through 2025-05-05 configures Spring Boot Actuator with an exposed heap dump endpoint at a /heapdump URI, as exploited in the wild in May 2025. |
| CVE-2025-48928 | 2025-05-28 | The TeleMessage service through 2025-05-05 is based on a JSP application in which the heap content is roughly equivalent to a "core dump" in which a password previously sent over... |
| CVE-2025-48929 | 2025-05-28 | The TeleMessage service through 2025-05-05 implements authentication through a long-lived credential (e.g., not a token with a short expiration time) that can be reused at a later date if discovered... |
| CVE-2025-48930 | 2025-05-28 | The TeleMessage service through 2025-05-05 stores certain cleartext information in memory, even though memory content may be accessible to an adversary through various avenues. |
| CVE-2025-48931 | 2025-05-28 | The TeleMessage service through 2025-05-05 relies on MD5 for password hashing, which opens up various attack possibilities (including rainbow tables) with low computational effort. |
| CVE-2025-25025 | 2025-05-28 | IBM Security Guardium information disclosure |
| CVE-2025-25026 | 2025-05-28 | IBM Security Guardium information disclosure |
| CVE-2025-25029 | 2025-05-28 | IBM Security Guardium information disclosure |
| CVE-2025-4800 | 2025-05-28 | MasterStudy LMS Pro <= 4.7.0 - Authenticated (Subscriber+) Arbitrary File Upload |
| CVE-2025-4947 | 2025-05-28 | QUIC certificate check skip with wolfSSL |
| CVE-2025-5025 | 2025-05-28 | No QUIC certificate pinning with wolfSSL |
| CVE-2025-4009 | 2025-05-28 | Unauthenticated Arbitrary Command Injection in Evertz SDVN |
| CVE-2025-5082 | 2025-05-28 | WP Attachments <= 5.0.12 - Reflected Cross-Site Scripting via attachment_id Parameter |
| CVE-2025-25251 | 2025-05-28 | An Incorrect Authorization vulnerability [CWE-863] in FortiClient Mac 7.4.0 through 7.4.2, 7.2.0 through 7.2.8, 7.0.0 through 7.0.14 may allow a local attacker to escalate privileges via crafted XPC messages. |
| CVE-2025-47295 | 2025-05-28 | A buffer over-read in Fortinet FortiOS versions 7.4.0 through 7.4.3, versions 7.2.0 through 7.2.7, and versions 7.0.0 through 7.0.14 may allow a remote unauthenticated attacker to crash the FGFM daemon... |
| CVE-2024-54020 | 2025-05-28 | A missing authorization in Fortinet FortiManager versions 7.2.0 through 7.2.1, and versions 7.0.0 through 7.0.7 may allow an authenticated attacker to overwrite global threat feeds via crafted update requests. |
| CVE-2025-47294 | 2025-05-28 | A integer overflow or wraparound in Fortinet FortiOS versions 7.2.0 through 7.2.7, versions 7.0.0 through 7.0.14 may allow a remote unauthenticated attacker to crash the csfd daemon via a specially... |
| CVE-2025-22252 | 2025-05-28 | A missing authentication for critical function in Fortinet FortiProxy versions 7.6.0 through 7.6.1, FortiSwitchManager version 7.2.5, and FortiOS versions 7.4.4 through 7.4.6 and version 7.6.0 may allow an attacker with... |
| CVE-2025-24473 | 2025-05-28 | A exposure of sensitive system information to an unauthorized control sphere in Fortinet FortiClientWindows versions 7.2.0 through 7.2.1 may allow an unauthorized remote attacker to view application information via navigation... |
| CVE-2025-46777 | 2025-05-28 | A insertion of sensitive information into log file in Fortinet FortiPortal versions 7.4.0, versions 7.2.0 through 7.2.5, and versions 7.0.0 through 7.0.9 may allow an authenticated attacker with at least... |
| CVE-2025-27522 | 2025-05-28 | Apache InLong: JDBC Vulnerability during verification processing |
| CVE-2025-27526 | 2025-05-28 | Apache InLong: JDBC Vulnerability For URLEncode and backspace bypass |
| CVE-2025-27528 | 2025-05-28 | Apache InLong: JDBC Vulnerability for Invisible Character Bypass Leading to Arbitrary File Read |
| CVE-2025-5287 | 2025-05-28 | Likes and Dislikes Plugin <= 1.0.0 - Unauthenticated SQL Injection |
| CVE-2025-4963 | 2025-05-28 | WP Extended <= 3.0.15 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload |
| CVE-2025-1753 | 2025-05-28 | Command Injection in LLama-Index CLI in run-llama/llama_index |
| CVE-2025-40673 | 2025-05-28 | Missing Authorization in DinoRANK |
| CVE-2025-5295 | 2025-05-28 | FreeFloat FTP Server PORT Command buffer overflow |
| CVE-2025-3864 | 2025-05-28 | Connection pool exhaustion in hackney |
| CVE-2025-5297 | 2025-05-28 | SourceCodester Computer Store System main.c Add stack-based overflow |
| CVE-2025-5298 | 2025-05-28 | Campcodes Online Hospital Management System betweendates-detailsreports.php sql injection |
| CVE-2025-5299 | 2025-05-28 | SourceCodester Client Database Management System user_order_customer_update.php unrestricted upload |
| CVE-2025-4493 | 2025-05-28 | Improper privilege assignment in PAM JIT privilege sets in Devolutions Server allows a PAM user to perform PAM JIT requests on unauthorized groups by exploiting a user interface issue. This... |
| CVE-2025-5277 | 2025-05-28 | aws-mcp-server MCP server is vulnerable to command injection. An attacker can craft a prompt that once accessed by the MCP client will run arbitrary commands on the host system. |
| CVE-2025-40651 | 2025-05-28 | Reflected Cross Site Scripting (XSS) in Real Easy Store |
| CVE-2025-48734 | 2025-05-28 | Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum's declaredClass property by default |
| CVE-2025-4134 | 2025-05-28 | Lack of file validation in Avast Business Antivirus for Linux allows writing untrusted update files |
| CVE-2025-3357 | 2025-05-28 | IBM Tivoli Monitoring code execution |
| CVE-2024-38341 | 2025-05-28 | IBM Sterling Secure Proxy information disclosure |
| CVE-2024-51453 | 2025-05-28 | IBM Sterling Secure Proxy directory traversal |
| CVE-2025-36572 | 2025-05-28 | Dell PowerStore, version(s) 4.0.0.0, contain(s) an Use of Hard-coded Credentials vulnerability in the PowerStore image file. A low privileged attacker with remote access, with the knowledge of the hard-coded credentials,... |
| CVE-2025-5257 | 2025-05-28 | Predictable Page Indexing Might Lead to Sensitive Data Exposure |
| CVE-2024-47056 | 2025-05-28 | Mautic does not shield .env files from web traffic |
| CVE-2025-32801 | 2025-05-28 | Loading a malicious hook library can lead to local privilege escalation |
| CVE-2025-32802 | 2025-05-28 | Insecure handling of file paths allows multiple local attacks |
| CVE-2025-32803 | 2025-05-28 | Insecure file permissions can result in confidential information leakage |
| CVE-2024-47057 | 2025-05-28 | User name enumeration possible due to response time difference on password reset form |
| CVE-2025-1461 | 2025-05-28 | Vuetify XSS through 'eventMoreText' prop of VCalendar |
| CVE-2024-47055 | 2025-05-28 | Segment cloning doesn't have a proper permission check |
| CVE-2025-5256 | 2025-05-28 | Open Redirect vulnerability on user unlock path |
| CVE-2025-27702 | 2025-05-28 | Permissions bypass in the management console of Absolute Secure Access prior to version 13.54 |
| CVE-2025-27703 | 2025-05-28 | Privilege escalation in the management console of Absolute Secure Access prior to version 13.54 |
| CVE-2025-27706 | 2025-05-28 | Cross-site scripting vulnerability in the Secure Access administrative console of Absolute Secure Access prior to version 13.54 |
| CVE-2023-41591 | 2025-05-29 | An issue in Open Network Foundation ONOS v2.7.0 allows attackers to create fake IP/MAC addresses and potentially execute a man-in-the-middle attack on communications between fake and real hosts. |
| CVE-2024-22653 | 2025-05-29 | yasm commit 9defefae was discovered to contain a NULL pointer dereference via the yasm_section_bcs_append function at section.c. |
| CVE-2024-22654 | 2025-05-29 | tcpreplay v4.4.4 was discovered to contain an infinite loop via the tcprewrite function at get.c. |
| CVE-2024-51392 | 2025-05-29 | An issue in OpenKnowledgeMaps Headstart v7 allows a remote attacker to escalate privileges via the url parameter of the getPDF.php component |
| CVE-2024-53423 | 2025-05-29 | An issue in Open Network Foundation ONOS v2.7.0 allows attackers to cause a Denial of Service (DoS) via supplying crafted packets. |
| CVE-2024-54952 | 2025-05-29 | MikroTik RouterOS 6.40.5, the SMB service contains a memory corruption vulnerability. Remote, unauthenticated attackers can exploit this issue by sending specially crafted packets, triggering a null pointer dereference. This leads... |
| CVE-2025-29632 | 2025-05-29 | Buffer Overflow vulnerability in Free5gc v.4.0.0 allows a remote attacker to cause a denial of service via the AMF, NGAP, security.go, handler_generated.go, handleInitialUEMessageMain, DecodePlainNasNoIntegrityCheck, GetSecurityHeaderType components |
| CVE-2025-45474 | 2025-05-29 | maccms10 v2025.1000.4047 is vulnerable to Server-side request forgery (SSRF) in Email Settings. |
| CVE-2025-46078 | 2025-05-29 | HuoCMS V3.5.1 and before is vulnerable to file upload, which allows attackers to take control of the target server |
| CVE-2025-46080 | 2025-05-29 | HuoCMS V3.5.1 has a File Upload Vulnerability. An attacker can exploit this flaw to bypass whitelist restrictions and craft malicious files with specific suffixes, thereby gaining control of the server. |
| CVE-2025-48748 | 2025-05-29 | Netwrix Directory Manager (formerly Imanami GroupID) through v.10.0.7784.0 has a hard-coded password. |
| CVE-2025-4583 | 2025-05-29 | Smash Balloon Instagram Feed <= 6.9.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via `data-plugin` Attribute |
| CVE-2025-3755 | 2025-05-29 | Information Disclosure and Denial-of-Service(DoS) Vulnerability in MELSEC iQ-F Series CPU module |
| CVE-2025-5273 | 2025-05-29 | All versions of the package mcp-markdownify-server are vulnerable to Files or Directories Accessible to External Parties via the get-markdown-file tool. An attacker can craft a prompt that, once accessed by... |
| CVE-2025-5276 | 2025-05-29 | All versions of the package mcp-markdownify-server are vulnerable to Server-Side Request Forgery (SSRF) via the Markdownify.get() function. An attacker can craft a prompt that, once accessed by the MCP host,... |
| CVE-2025-5122 | 2025-05-29 | Map Block Leaflet <= 3.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via url Parameter |
| CVE-2025-4670 | 2025-05-29 | Easy Digital Downloads <= 3.3.8.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via edd_receipt Shortcode |
| CVE-2025-5286 | 2025-05-29 | Bold Builder <= 5.3.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via additional_settings Parameter |
| CVE-2025-4687 | 2025-05-29 | Account pre-hijacking through invite misuse |
| CVE-2024-52588 | 2025-05-29 | Strapi allows Server-Side Request Forgery in Webhook function |
| CVE-2025-27151 | 2025-05-29 | redis-check-aof may lead to stack overflow and potential RCE |
| CVE-2025-48388 | 2025-05-29 | FreeScout Has Insufficient Protection Against CRLF-injection |
| CVE-2025-48045 | 2025-05-29 | MICI Network Co. Ltd. NetFax Server Default Administrator Credentials Disclosure |
| CVE-2025-48046 | 2025-05-29 | MICI Network Co. Ltd. NetFax Server Disclosure of Stored Passwords in Cleartext |
| CVE-2025-48047 | 2025-05-29 | MICI Network Co. Ltd. NetFax Server Command Injection |
| CVE-2025-37993 | 2025-05-29 | can: m_can: m_can_class_allocate_dev(): initialize spin lock on device probe |
| CVE-2025-37994 | 2025-05-29 | usb: typec: ucsi: displayport: Fix NULL pointer access |
| CVE-2025-37995 | 2025-05-29 | module: ensure that kobject_put() is safe for module type kobjects |
| CVE-2025-37996 | 2025-05-29 | KVM: arm64: Fix uninitialized memcache pointer in user_mem_abort() |
| CVE-2025-37997 | 2025-05-29 | netfilter: ipset: fix region locking in hash types |
| CVE-2025-37998 | 2025-05-29 | openvswitch: Fix unsafe attribute parsing in output_userspace() |
| CVE-2025-37999 | 2025-05-29 | fs/erofs/fileio: call erofs_onlinefolio_split() after bio_add_folio() |
| CVE-2025-5320 | 2025-05-29 | gradio-app gradio CORS is_valid_origin privilege escalation |
| CVE-2025-33043 | 2025-05-29 | SMM buffer Integrity |
| CVE-2025-4081 | 2025-05-29 | TCC Bypass via Dylib Substitution in DaVinci Resolve |
| CVE-2025-5334 | 2025-05-29 | Exposure of private personal information to an unauthorized actor in the user vaults component of Devolutions Remote Desktop Manager allows an authenticated user to gain unauthorized access to private personal... |
| CVE-2025-5321 | 2025-05-29 | aimhubio aim run_view Object query.py RestrictedPythonQuery privilege escalation |
| CVE-2025-3913 | 2025-05-29 | Team Privacy Settings Authorization Bypass in Mattermost Server |
| CVE-2025-48389 | 2025-05-29 | FreeScout Vulnerable to Deserialization of Untrusted Data |
| CVE-2025-48390 | 2025-05-29 | FreeScout Vulnerable to Remote Code Execution (RCE) |
| CVE-2025-48471 | 2025-05-29 | FreeScout Vulnerable to Arbitrary File Upload |
| CVE-2025-48472 | 2025-05-29 | FreeScout Vulnerable to Insufficient Authorization |
| CVE-2025-48473 | 2025-05-29 | FreeScout Vulnerable to Insufficient Authorization |
| CVE-2025-48474 | 2025-05-29 | FreeScout Vulnerable to Insufficient Authorization |
| CVE-2025-48475 | 2025-05-29 | FreeScout Vulnerable to Insufficient Authorization |