CVE List - 2025 / July
Showing 1901 - 2000 of 3776 CVEs for July 2025 (Page 20 of 38)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2025-50084 | 2025-07-15 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and 9.0.0-9.3.0. Easily exploitable vulnerability allows high privileged attacker with... |
| CVE-2025-50085 | 2025-07-15 | Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and 9.0.0-9.3.0. Easily exploitable vulnerability allows high privileged attacker with network... |
| CVE-2025-50086 | 2025-07-15 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Components Services). Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and 9.0.0-9.3.0. Easily exploitable vulnerability allows high privileged attacker... |
| CVE-2025-50087 | 2025-07-15 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and 9.0.0-9.3.0. Easily exploitable vulnerability allows high privileged attacker with... |
| CVE-2025-50088 | 2025-07-15 | Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network... |
| CVE-2025-50089 | 2025-07-15 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 9.0.0-9.1.0. Easily exploitable vulnerability allows high privileged attacker with network access via... |
| CVE-2025-50090 | 2025-07-15 | Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite (component: Personalization). Supported versions that are affected are 12.2.3-12.2.14. Easily exploitable vulnerability allows low privileged attacker with network access... |
| CVE-2025-50091 | 2025-07-15 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and 9.0.0-9.3.0. Easily exploitable vulnerability allows high privileged attacker with... |
| CVE-2025-50092 | 2025-07-15 | Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and 9.0.0-9.3.0. Easily exploitable vulnerability allows high privileged attacker with network... |
| CVE-2025-50093 | 2025-07-15 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and 9.0.0-9.3.0. Easily exploitable vulnerability allows high privileged attacker with... |
| CVE-2025-50094 | 2025-07-15 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versions that are affected are 8.0.42, 8.4.5 and 9.3.0. Easily exploitable vulnerability allows high privileged attacker with... |
| CVE-2025-50095 | 2025-07-15 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 9.0.0-9.3.0. Easily exploitable vulnerability allows high privileged attacker with network access via... |
| CVE-2025-50096 | 2025-07-15 | Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and 9.0.0-9.3.0. Easily exploitable vulnerability allows high privileged attacker with logon... |
| CVE-2025-50097 | 2025-07-15 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and 9.0.0-9.3.0. Easily exploitable vulnerability allows high privileged attacker... |
| CVE-2025-50098 | 2025-07-15 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and 9.0.0-9.3.0. Easily exploitable vulnerability allows high privileged attacker with... |
| CVE-2025-50099 | 2025-07-15 | Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and 9.0.0-9.3.0. Easily exploitable vulnerability allows high privileged attacker with network... |
| CVE-2025-50100 | 2025-07-15 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Thread Pooling). Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and 9.0.0-9.3.0. Difficult to exploit vulnerability allows high privileged... |
| CVE-2025-50101 | 2025-07-15 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and 9.0.0-9.3.0. Easily exploitable vulnerability allows high privileged attacker with... |
| CVE-2025-50102 | 2025-07-15 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and 9.0.0-9.3.0. Easily exploitable vulnerability allows high privileged attacker with... |
| CVE-2025-50103 | 2025-07-15 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: LDAP Auth). Supported versions that are affected are 9.0.0-9.3.0. Difficult to exploit vulnerability allows high privileged attacker with... |
| CVE-2025-50104 | 2025-07-15 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and 9.0.0-9.3.0. Easily exploitable vulnerability allows high privileged attacker with... |
| CVE-2025-50105 | 2025-07-15 | Vulnerability in the Oracle Universal Work Queue product of Oracle E-Business Suite (component: Work Provider Administration). Supported versions that are affected are 12.2.3-12.2.14. Easily exploitable vulnerability allows low privileged attacker... |
| CVE-2025-50106 | 2025-07-15 | Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: 2D). Supported versions that are affected are Oracle Java SE:... |
| CVE-2025-50107 | 2025-07-15 | Vulnerability in the Oracle Universal Work Queue product of Oracle E-Business Suite (component: Request handling). Supported versions that are affected are 12.2.5-12.2.14. Easily exploitable vulnerability allows unauthenticated attacker with network... |
| CVE-2025-50108 | 2025-07-15 | Vulnerability in the Oracle Hyperion Financial Reporting product of Oracle Hyperion (component: Workspace). The supported version that is affected is 11.2.20.0.000. Easily exploitable vulnerability allows low privileged attacker with network... |
| CVE-2025-53023 | 2025-07-15 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Supported versions that are affected are 8.0.0-8.0.42. Easily exploitable vulnerability allows high privileged attacker with network access via... |
| CVE-2025-53024 | 2025-07-15 | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is 7.1.10. Easily exploitable vulnerability allows high privileged attacker with logon to... |
| CVE-2025-53025 | 2025-07-15 | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is 7.1.10. Easily exploitable vulnerability allows high privileged attacker with logon to... |
| CVE-2025-53026 | 2025-07-15 | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is 7.1.10. Easily exploitable vulnerability allows high privileged attacker with logon to... |
| CVE-2025-53027 | 2025-07-15 | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is 7.1.10. Easily exploitable vulnerability allows high privileged attacker with logon to... |
| CVE-2025-53028 | 2025-07-15 | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is 7.1.10. Easily exploitable vulnerability allows high privileged attacker with logon to... |
| CVE-2025-53029 | 2025-07-15 | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is 7.1.10. Easily exploitable vulnerability allows high privileged attacker with logon to... |
| CVE-2025-53030 | 2025-07-15 | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is 7.1.10. Easily exploitable vulnerability allows high privileged attacker with logon to... |
| CVE-2025-53031 | 2025-07-15 | Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Oracle Financial Services Applications (component: Platform). Supported versions that are affected are 8.0.7.8, 8.0.8.5, 8.0.8.6, 8.1.1.4 and 8.1.2.5. Easily... |
| CVE-2025-53032 | 2025-07-15 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 9.0.0-9.1.0. Easily exploitable vulnerability allows high privileged attacker with network access via... |
| CVE-2025-49828 | 2025-07-15 | Conjur OSS and Secrets Manager, Self-Hosted (formerly Conjur Enterprise) Vulnerable to Remote Code Execution |
| CVE-2025-49829 | 2025-07-15 | Conjur OSS and Secrets Manager, Self-Hosted (formerly Conjur Enterprise) missing validations |
| CVE-2025-49830 | 2025-07-15 | Conjur OSS and Secrets Manager, Self-Hosted (formerly Conjur Enterprise) vulnerable to path traversal and file disclosure |
| CVE-2025-49831 | 2025-07-15 | Conjur OSS and Secrets Manager, Self-Hosted (formerly Conjur Enterprise) vulnerable to IAM Authenticator Bypass via Mis-configured Network Device |
| CVE-2025-49833 | 2025-07-15 | GHSL-2025-045: GPT-SoVITS Command Injection vulnerability |
| CVE-2025-49834 | 2025-07-15 | GHSL-2025-046: GPT-SoVITS Command Injection vulnerability |
| CVE-2025-49835 | 2025-07-15 | GHSL-2025-047: GPT-SoVITS Command Injection vulnerability |
| CVE-2025-49836 | 2025-07-15 | GHSL-2025-048: GPT-SoVITS Command Injection vulnerability |
| CVE-2025-49837 | 2025-07-15 | GHSL-2025-049: GPT-SoVITS Deserialization of Untrusted Data vulnerability |
| CVE-2025-49838 | 2025-07-15 | GHSL-2025-050: GPT-SoVITS Deserialization of Untrusted Data vulnerability |
| CVE-2025-49839 | 2025-07-15 | GHSL-2025-051: GPT-SoVITS Deserialization of Untrusted Data vulnerability |
| CVE-2025-49840 | 2025-07-15 | GHSL-2025-052: GPT-SoVITS Deserialization of Untrusted Data vulnerability |
| CVE-2025-49841 | 2025-07-15 | GHSL-2025-053: GPT-SoVITS Deserialization of Untrusted Data vulnerability |
| CVE-2025-6981 | 2025-07-15 | Incorrect authorization vulnerability was identified in GitHub Enterprise Server that allowed unauthorized read-only access |
| CVE-2025-53905 | 2025-07-15 | Vim has path traversial issue with tar.vim and special crafted tar files |
| CVE-2025-30761 | 2025-07-15 | Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Scripting). Supported versions that are affected are Oracle Java SE: 8u451, 8u451-perf and 11.0.27;... |
| CVE-2025-53906 | 2025-07-15 | Vim has path traversal issue with zip.vim and special crafted zip archives |
| CVE-2024-42912 | 2025-07-16 | A cross-site scripting (XSS) vulnerability in META-INF Kft. Email This Issue (Data Center) before 9.13.0-GA allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into... |
| CVE-2025-32353 | 2025-07-16 | Kaseya Rapid Fire Tools Network Detective 2.0.16.0 has Unencrypted Credentials (for privileged access) stored in the collector.txt configuration file. |
| CVE-2025-32874 | 2025-07-16 | An issue was discovered in Kaseya Rapid Fire Tools Network Detective through 2.0.16.0. A vulnerability exists in the EncryptionUtil class because symmetric encryption is implemented in a deterministic and non-randomized... |
| CVE-2025-6977 | 2025-07-16 | ProfileGrid – User Profiles, Groups and Communities <= 5.9.5.4 - Reflected Cross-Site Scripting via 'pm_get_messenger_notification' function |
| CVE-2025-53842 | 2025-07-16 | Use of hard-coded credentials issue exists in ZWX-2000CSW2-HN prior to 0.3.19 and ZWX-2000CS2-HN firmware all versions. If this vulnerability is exploited, an attacker may tamper with the settings of the... |
| CVE-2025-2800 | 2025-07-16 | WP Event Manager <= 3.1.50 - Unauthenticated Stored Cross-Site Scripting via 'organizer_name' |
| CVE-2025-2799 | 2025-07-16 | WP Event Manager <= 3.1.49 - Authenticated (Administrator+) Stored Cross-Site Scripting |
| CVE-2025-52687 | 2025-07-16 | JavaScript Injection Vulnerability in the OmniAccess Stellar Web Management Interface |
| CVE-2025-52688 | 2025-07-16 | Command Injection Vulnerability in the OmniAccess Stellar Web Management Interface |
| CVE-2025-52689 | 2025-07-16 | Weak Session ID Check in the OmniAccess Stellar Web Management Interface |
| CVE-2025-52690 | 2025-07-16 | Command Injection Vulnerability in the OmniAccess Stellar over UDP Service |
| CVE-2025-7359 | 2025-07-16 | Counter live visitors for WooCommerce <= 1.3.6 - Unauthenticated Arbitrary File Deletion in wcvisitor_get_block |
| CVE-2025-5843 | 2025-07-16 | Brandfolder <= 5.0.19 - Authenticated (Contributor+) Stored Cross-Site Scripting via id Parameter |
| CVE-2025-5845 | 2025-07-16 | Affiliate Reviews <= 1.0.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via numColumns Parameter |
| CVE-2025-6043 | 2025-07-16 | Malcure Malware Scanner — #1 Toolset for WordPress Malware Removal <= 16.8 - Authenticated (Subscriber+) Arbitrary File Deletion |
| CVE-2025-6747 | 2025-07-16 | Avada (Fusion) Builder <= 3.12.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode |
| CVE-2025-7673 | 2025-07-16 | A buffer overflow vulnerability in the URL parser of the zhttpd web server in Zyxel VMG8825-T50K firmware versions prior to V5.50(ABOM.5)C0 could allow an unauthenticated attacker to cause denial-of-service (DoS)... |
| CVE-2025-27465 | 2025-07-16 | x86: Incorrect stubs exception handling for flags recovery |
| CVE-2025-7703 | 2025-07-16 | Authentication vulnerability in the mobile application(tech.palm.id)may lead to the risk of information leakage. |
| CVE-2025-5284 | 2025-07-16 | Master Addons – Elementor Addons with White Label, Free Widgets, Hover Effects, Conditions, & Animations <= 2.0.8.2 - Authenticated (Contributor+) Stored Cross-Site Scripting |
| CVE-2025-6993 | 2025-07-16 | Ultimate WP Mail 1.0.17 - 1.3.6 - Missing Authorization to Authenticated (Contributor+) Privilege Escalation via get_email_log_details Function |
| CVE-2025-7035 | 2025-07-16 | Media Library Assistant <= 3.26 - Authenticated (Contributor+) Stored Cross-Site Scripting via mla_tag_cloud and mla_term_list Shortcodes |
| CVE-2025-40724 | 2025-07-16 | Stored Cross-Site Scripting (XSS) in Pharmacy POS PHP Script |
| CVE-2025-40985 | 2025-07-16 | SQL Injection in SCATI Vision Web |
| CVE-2025-22227 | 2025-07-16 | CVE-2025-22227: Authentication Leak On Redirect With Reactor Netty HTTP Client |
| CVE-2025-7699 | 2025-07-16 | An improper access control vulnerability was found in the EZ Sync Manager of ADM |
| CVE-2024-9342 | 2025-07-16 | In Eclipse GlassFish version 7.0.16 or earlier it is possible to perform Login Brute Force attacks as there is no limitation in the number of failed login attempts. |
| CVE-2025-53982 | 2025-07-16 | WordPress JetElements For Elementor plugin <= 2.7.7 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-53984 | 2025-07-16 | WordPress JetTabs plugin <= 2.2.9 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-53986 | 2025-07-16 | WordPress Hestia theme <= 3.2.10 - Broken Access Control Vulnerability |
| CVE-2025-53989 | 2025-07-16 | WordPress JetBlocks For Elementor plugin <= 1.3.19 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-53990 | 2025-07-16 | WordPress JetFormBuilder plugin <= 3.5.1.2 - PHP Object Injection Vulnerability |
| CVE-2025-53991 | 2025-07-16 | WordPress JetTricks plugin <= 1.5.4.1 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-53994 | 2025-07-16 | WordPress JetPopup plugin <= 2.0.15 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-53995 | 2025-07-16 | WordPress JetPopup plugin <= 2.0.15.1 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-53996 | 2025-07-16 | WordPress JetSearch plugin <= 3.5.10.1 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-53997 | 2025-07-16 | WordPress Houzez theme <= 4.0.4 - Broken Access Control Vulnerability |
| CVE-2025-54006 | 2025-07-16 | WordPress Bold Page Builder plugin <= 5.4.1 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-54009 | 2025-07-16 | WordPress JetSmartFilters plugin <= 3.6.8 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-54010 | 2025-07-16 | WordPress FluentSnippets plugin <= 10.50 - Cross Site Request Forgery (CSRF) Vulnerability |
| CVE-2025-54011 | 2025-07-16 | WordPress SMTP2GO plugin <= 1.12.1 - Broken Access Control Vulnerability |
| CVE-2025-54013 | 2025-07-16 | WordPress Welcart e-Commerce plugin <= 2.11.16 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-54015 | 2025-07-16 | WordPress HT Contact Form 7 plugin <= 2.0.0 - Local File Inclusion Vulnerability |
| CVE-2025-54016 | 2025-07-16 | WordPress Videopack plugin <= 4.10.3 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-54018 | 2025-07-16 | WordPress CM Pop-Up banners plugin <= 1.8.4 - Broken Access Control Vulnerability |
| CVE-2025-54020 | 2025-07-16 | WordPress AntiSpam for Contact Form 7 plugin <= 0.6.3 - Cross Site Request Forgery (CSRF) Vulnerability |
| CVE-2025-54022 | 2025-07-16 | WordPress Coupon Affiliates plugin <= 6.4.0 - Cross Site Request Forgery (CSRF) Vulnerability |
| CVE-2025-54023 | 2025-07-16 | WordPress WP Delicious plugin <= 1.8.4 - Cross Site Scripting (XSS) Vulnerability |