CVE List - 2025 / July
Showing 801 - 900 of 3776 CVEs for July 2025 (Page 9 of 38)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2025-38236 | 2025-07-08 | af_unix: Don't leave consecutive consumed OOB skbs. |
| CVE-2025-38237 | 2025-07-08 | media: platform: exynos4-is: Add hardware sync wait to fimc_is_hw_change_mode() |
| CVE-2025-7169 | 2025-07-08 | code-projects Crime Reporting System complainer_page.php sql injection |
| CVE-2025-7170 | 2025-07-08 | code-projects Crime Reporting System registration.php sql injection |
| CVE-2025-7171 | 2025-07-08 | code-projects Crime Reporting System policelogin.php sql injection |
| CVE-2025-6744 | 2025-07-08 | Woodmart <= 8.2.3 - Unauthenticated Arbitrary Shortcode Execution |
| CVE-2025-7172 | 2025-07-08 | code-projects Crime Reporting System headlogin.php sql injection |
| CVE-2025-7173 | 2025-07-08 | code-projects Library System add-student.php sql injection |
| CVE-2025-7174 | 2025-07-08 | code-projects Library System teacher-issue-book.php sql injection |
| CVE-2023-52236 | 2025-07-08 | A vulnerability has been identified in RUGGEDCOM i800 (All versions), RUGGEDCOM i801 (All versions), RUGGEDCOM i802 (All versions), RUGGEDCOM i803 (All versions), RUGGEDCOM M2100 (All versions), RUGGEDCOM M2200 (All versions),... |
| CVE-2025-20982 | 2025-07-08 | Out-of-bounds write in setting auth secret in KnoxVault trustlet prior to SMR Jul-2025 Release 1 allows local privileged attackers to write out-of-bounds memory. |
| CVE-2025-20983 | 2025-07-08 | Out-of-bounds write in checking auth secret in KnoxVault trustlet prior to SMR Jul-2025 Release 1 allows local privileged attackers to write out-of-bounds memory. |
| CVE-2024-31853 | 2025-07-08 | A vulnerability has been identified in SICAM TOOLBOX II (All versions < V07.11). During establishment of a https connection to the TLS server of a managed device, the affected application... |
| CVE-2024-31854 | 2025-07-08 | A vulnerability has been identified in SICAM TOOLBOX II (All versions < V07.11). During establishment of a https connection to the TLS server of a managed device, the affected application... |
| CVE-2025-20997 | 2025-07-08 | Incorrect default permission in Framework for Galaxy Watch prior to SMR Jul-2025 Release 1 allows local attackers to reset some configuration of Galaxy Watch. |
| CVE-2025-20998 | 2025-07-08 | Improper access control in SamsungAccount for Galaxy Watch prior to SMR Jul-2025 Release 1 allows local attackers to access phone number. |
| CVE-2025-23364 | 2025-07-08 | A vulnerability has been identified in TIA Administrator (All versions < V3.0.6). The affected application improperly validates code signing certificates. This could allow an attacker to bypass the check and... |
| CVE-2025-20999 | 2025-07-08 | Improper authorization in accessing saved Wi-Fi password for Galaxy Tablet prior to SMR Jul-2025 Release 1 allows secondary users to access owner's saved Wi-Fi password. |
| CVE-2025-21000 | 2025-07-08 | Improper privilege management in Bluetooth prior to SMR Jul-2025 Release 1 allows local attackers to enable Bluetooth. |
| CVE-2025-23365 | 2025-07-08 | A vulnerability has been identified in TIA Administrator (All versions < V3.0.6). The affected application allows low-privileged users to trigger installations by overwriting cache files and modifying the downloads path.... |
| CVE-2025-21001 | 2025-07-08 | Improper access control in LeAudioService prior to SMR Jul-2025 Release 1 allows local attackers to stop broadcasting Auracast. |
| CVE-2025-27127 | 2025-07-08 | A vulnerability has been identified in TIA Project-Server (All versions < V2.1.1), TIA Project-Server V17 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions), Totally Integrated Automation Portal... |
| CVE-2025-21002 | 2025-07-08 | Improper access control in LeAudioService prior to SMR Jul-2025 Release 1 allows local attackers to manipulate broadcasting Auracast. |
| CVE-2025-21003 | 2025-07-08 | Insecure storage of sensitive information in Emergency SOS prior to SMR Jul-2025 Release 1 allows local attackers to access sensitive information. |
| CVE-2025-21004 | 2025-07-08 | Improper verification of intent by broadcast receiver in System UI for Galaxy Watch prior to SMR Jul-2025 Release 1 allows local attackers to power off the device. |
| CVE-2025-21005 | 2025-07-08 | Improper access control in isemtelephony prior to Android 15 allows local attackers to access sensitive information. |
| CVE-2025-21006 | 2025-07-08 | Out-of-bounds write in handling of macro blocks for MPEG4 codec in libsavsvc.so prior to Android 15 allows local attackers to write out-of-bounds memory. |
| CVE-2025-21007 | 2025-07-08 | Out-of-bounds write in accessing uninitialized memory in libsavsvc.so prior to Android 15 allows local attackers to cause memory corruption. |
| CVE-2025-21008 | 2025-07-08 | Out-of-bounds read in decoding frame header in libsavsvc.so prior to Android 15 allows local attackers to cause memory corruption. |
| CVE-2025-21009 | 2025-07-08 | Out-of-bounds read in decoding malformed frame header in libsavsvc.so prior to Android 15 allows local attackers to cause memory corruption. |
| CVE-2025-40593 | 2025-07-08 | A vulnerability has been identified in SIMATIC CN 4100 (All versions < V4.0). The affected application allows to control the device by storing arbitrary files in the SFTP folder of... |
| CVE-2025-40735 | 2025-07-08 | A vulnerability has been identified in SINEC NMS (All versions < V4.0). The affected devices are vulnerable to SQL injection. This could allow an unauthenticated remote attacker to execute arbitrary... |
| CVE-2025-40736 | 2025-07-08 | A vulnerability has been identified in SINEC NMS (All versions < V4.0). The affected application exposes an endpoint that allows an unauthorized modification of administrative credentials. This could allow an... |
| CVE-2025-40737 | 2025-07-08 | A vulnerability has been identified in SINEC NMS (All versions < V4.0). The affected application does not properly validate file paths when extracting uploaded ZIP files. This could allow an... |
| CVE-2025-40738 | 2025-07-08 | A vulnerability has been identified in SINEC NMS (All versions < V4.0). The affected application does not properly validate file paths when extracting uploaded ZIP files. This could allow an... |
| CVE-2025-40739 | 2025-07-08 | A vulnerability has been identified in Solid Edge SE2025 (All versions < V225.0 Update 5). The affected applications contain an out of bounds read past the end of an allocated... |
| CVE-2025-40740 | 2025-07-08 | A vulnerability has been identified in Solid Edge SE2025 (All versions < V225.0 Update 5). The affected applications contain an out of bounds read past the end of an allocated... |
| CVE-2025-40741 | 2025-07-08 | A vulnerability has been identified in Solid Edge SE2025 (All versions < V225.0 Update 5). The affected applications contain a stack based overflow vulnerability while parsing specially crafted CFG files.... |
| CVE-2025-40742 | 2025-07-08 | A vulnerability has been identified in SIPROTEC 5 6MD84 (CP300) (All versions), SIPROTEC 5 6MD85 (CP300) (All versions), SIPROTEC 5 6MD86 (CP300) (All versions), SIPROTEC 5 6MD89 (CP300) (All versions),... |
| CVE-2025-41222 | 2025-07-08 | A vulnerability has been identified in RUGGEDCOM i800 (All versions), RUGGEDCOM i801 (All versions), RUGGEDCOM i802 (All versions), RUGGEDCOM i803 (All versions), RUGGEDCOM M2100 (All versions), RUGGEDCOM M2200 (All versions),... |
| CVE-2025-41223 | 2025-07-08 | A vulnerability has been identified in RUGGEDCOM i800 (All versions), RUGGEDCOM i801 (All versions), RUGGEDCOM i802 (All versions), RUGGEDCOM i803 (All versions), RUGGEDCOM M2100 (All versions), RUGGEDCOM M2200 (All versions),... |
| CVE-2025-41224 | 2025-07-08 | A vulnerability has been identified in RUGGEDCOM RMC8388 V5.X (All versions < V5.10.0), RUGGEDCOM RMC8388NC V5.X (All versions < V5.10.0), RUGGEDCOM RS416NCv2 V5.X (All versions < V5.10.0), RUGGEDCOM RS416PNCv2 V5.X... |
| CVE-2025-7175 | 2025-07-08 | code-projects E-Commerce Site users_photo.php unrestricted upload |
| CVE-2025-7176 | 2025-07-08 | PHPGurukul Hospital Management System view-medhistory.php sql injection |
| CVE-2025-40711 | 2025-07-08 | SQL injection vulnerability in Quiter Gateway |
| CVE-2025-40712 | 2025-07-08 | SQL injection vulnerability in Quiter Gateway |
| CVE-2025-40713 | 2025-07-08 | SQL injection vulnerability in Quiter Gateway |
| CVE-2025-40714 | 2025-07-08 | SQL injection vulnerability in Quiter Gateway |
| CVE-2025-40715 | 2025-07-08 | SQL injection vulnerability in Quiter Gateway |
| CVE-2025-40716 | 2025-07-08 | SQL injection vulnerability in Quiter Gateway |
| CVE-2025-40717 | 2025-07-08 | SQL injection vulnerability in Quiter Gateway |
| CVE-2025-40718 | 2025-07-08 | Improper error handling vulnerability in Quiter Gateway |
| CVE-2025-40719 | 2025-07-08 | Reflected Cross-site Scripting (XSS) vulnerability in Quiter Gateway |
| CVE-2025-40720 | 2025-07-08 | Reflected Cross-site Scripting (XSS) vulnerability in Quiter Gateway |
| CVE-2025-40721 | 2025-07-08 | Reflected Cross-site Scripting (XSS) vulnerability in Quiter Gateway |
| CVE-2025-7177 | 2025-07-08 | PHPGurukul Car Washing Management System editcar-washpoint.php sql injection |
| CVE-2025-7178 | 2025-07-08 | code-projects Food Distributor Site login.php sql injection |
| CVE-2024-53009 | 2025-07-08 | Improper Validation of Array Index in Automotive Autonomy |
| CVE-2025-21422 | 2025-07-08 | Cryptographic Issues in Automotive |
| CVE-2025-21426 | 2025-07-08 | Buffer Copy Without Checking Size of Input (`Classic Buffer Overflow`) in Camera_Linux |
| CVE-2025-21427 | 2025-07-08 | Buffer Over-read in Data HLOS - LNX |
| CVE-2025-21432 | 2025-07-08 | Double Free in SPS-HLOS |
| CVE-2025-21433 | 2025-07-08 | NULL Pointer Dereference in SPS-HLOS |
| CVE-2025-21444 | 2025-07-08 | Buffer Copy Without Checking Size of Input (`Classic Buffer Overflow`) in Data HLOS - QX |
| CVE-2025-21445 | 2025-07-08 | Buffer Copy Without Checking Size of Input (`Classic Buffer Overflow`) in Data HLOS - QX |
| CVE-2025-21446 | 2025-07-08 | Buffer Over-read in WLAN Firmware |
| CVE-2025-21449 | 2025-07-08 | Buffer Over-read in WLAN Embedded SW |
| CVE-2025-21450 | 2025-07-08 | Improper Authentication in GPS_GNSS |
| CVE-2025-21454 | 2025-07-08 | Buffer Over-read in WLAN Embedded SW |
| CVE-2025-21466 | 2025-07-08 | Use After Free in Display |
| CVE-2025-27042 | 2025-07-08 | Incorrect Calculation of Buffer Size in Video |
| CVE-2025-27043 | 2025-07-08 | Buffer Copy Without Checking Size of Input in Video |
| CVE-2025-27044 | 2025-07-08 | Out-of-bounds Write in Video |
| CVE-2025-27046 | 2025-07-08 | Double Free in Display |
| CVE-2025-27047 | 2025-07-08 | Use After Free in Display |
| CVE-2025-27050 | 2025-07-08 | Use After Free in Camera |
| CVE-2025-27051 | 2025-07-08 | Double Free in Windows WLAN Host |
| CVE-2025-27052 | 2025-07-08 | Buffer Copy Without Checking Size of Input in Core Services |
| CVE-2025-27055 | 2025-07-08 | Buffer Over-read in Camera |
| CVE-2025-27056 | 2025-07-08 | Use After Free in DSP Service |
| CVE-2025-27057 | 2025-07-08 | Buffer Over-read in WLAN Host |
| CVE-2025-27058 | 2025-07-08 | Buffer Copy Without Checking Size of Input in Computer Vision |
| CVE-2025-27061 | 2025-07-08 | Out-of-bounds Write in Video |
| CVE-2025-50130 | 2025-07-08 | A heap-based buffer overflow vulnerability exists in VS6Sim.exe contained in V-SFT and TELLUS provided by FUJI ELECTRIC CO., LTD. Opening V9 files or X1 files specially crafted by an attacker... |
| CVE-2025-7179 | 2025-07-08 | code-projects Library System add-teacher.php sql injection |
| CVE-2025-7180 | 2025-07-08 | code-projects Staff Audit System login.php sql injection |
| CVE-2025-7345 | 2025-07-08 | Gdk‑pixbuf: heap‑buffer‑overflow in gdk‑pixbuf |
| CVE-2025-7181 | 2025-07-08 | code-projects Staff Audit System test.php unrestricted upload |
| CVE-2025-36600 | 2025-07-08 | Dell Client Platform BIOS contains an Improper Access Control Applied to Mirrored or Aliased Memory Regions vulnerability in an externally developed component. A high privileged attacker with local access could... |
| CVE-2025-7326 | 2025-07-08 | EOL ASP.NET Core Elevation of Privilege Vulnerability |
| CVE-2025-7182 | 2025-07-08 | itsourcecode Student Transcript Processing System edit.php cross site scripting |
| CVE-2024-55599 | 2025-07-08 | An Improperly Implemented Security Check for Standard vulnerability [CWE-358] in FortiOS version 7.6.0, version 7.4.7 and below, 7.0 all versions, 6.4 all versions and FortiProxy version 7.6.1 and below, version... |
| CVE-2025-24474 | 2025-07-08 | An Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability [CWE-89] in FortiManager 7.6.0 through 7.6.1, 7.4.0 through 7.4.6, 7.2 all versions, 7.0 all versions, 6.4... |
| CVE-2024-52965 | 2025-07-08 | A missing critical step in authentication vulnerability [CWE-304] in Fortinet FortiOS version 7.6.0 through 7.6.1, 7.4.0 through 7.4.5, 7.2.0 through 7.2.10, and before 7.0.16 & FortiProxy version 7.6.0 through 7.6.1,... |
| CVE-2025-6995 | 2025-07-08 | Improper Encryption in Ivanti Endpoint Manager |
| CVE-2025-6996 | 2025-07-08 | Improper Encryption in Ivanti Endpoint Manager |
| CVE-2025-3630 | 2025-07-08 | IBM Sterling B2B Integrator and IBM Sterling File Gateway cross-site scripting |
| CVE-2025-53372 | 2025-07-08 | node-code-sandbox-mcp has a Sandbox Escape via Command Injection |
| CVE-2025-7037 | 2025-07-08 | SQL injection in Ivanti Endpoint Manager |
| CVE-2025-53480 | 2025-07-08 | CheckUser: Reflected Cross-Site Scripting (XSS) in Special:Investigate (Account information tab) via unsanitized i18n messages |