CVE List - 2025 / August
Showing 1601 - 1700 of 3631 CVEs for August 2025 (Page 17 of 37)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2025-54701 | 2025-08-14 | WordPress Unicamp Theme <= 2.6.3 - Local File Inclusion Vulnerability |
| CVE-2025-54702 | 2025-08-14 | WordPress Ebook Store Plugin plugin <= 5.8013 - Cross Site Request Forgery (CSRF) Vulnerability |
| CVE-2025-54703 | 2025-08-14 | WordPress Integrate Google Drive Plugin plugin <= 1.5.2 - Cross Site Request Forgery (CSRF) Vulnerability |
| CVE-2025-54704 | 2025-08-14 | WordPress Easy Elementor Addons Plugin plugin <= 2.2.6 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-54705 | 2025-08-14 | WordPress WpEvently Plugin plugin <= 4.4.6 - Broken Access Control Vulnerability |
| CVE-2025-54706 | 2025-08-14 | WordPress Magical Posts Display Plugin plugin <= 1.2.52 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-54707 | 2025-08-14 | WordPress MDTF Plugin <= 1.3.3.7 - SQL Injection Vulnerability |
| CVE-2025-8958 | 2025-08-14 | Tenda TX3 fast_setting_wifi_set stack-based overflow |
| CVE-2025-8960 | 2025-08-14 | Campcodes Online Flight Booking Management System save_airlines.php sql injection |
| CVE-2025-8961 | 2025-08-14 | LibTIFF tiffcrop tiffcrop.c main memory corruption |
| CVE-2025-8713 | 2025-08-14 | PostgreSQL optimizer statistics can expose sampled data within a view, partition, or child table |
| CVE-2025-8714 | 2025-08-14 | PostgreSQL pg_dump lets superuser of origin server execute arbitrary code in psql client |
| CVE-2025-8715 | 2025-08-14 | PostgreSQL pg_dump newline in object name executes arbitrary code in psql client and in restore target server |
| CVE-2025-8963 | 2025-08-14 | jeecgboot JimuReport Data Large Screen Template testConnection deserialization |
| CVE-2025-55673 | 2025-08-14 | Apache Superset: Metadata exposure in embedded charts |
| CVE-2025-55672 | 2025-08-14 | Apache Superset: Stored XSS on charts metadata |
| CVE-2025-55674 | 2025-08-14 | Apache Superset: Improper SQL authorisation, parse not checking for specific engine functions |
| CVE-2025-55675 | 2025-08-14 | Apache Superset: Incorrect datasource authorization on REST API |
| CVE-2025-7353 | 2025-08-14 | Rockwell Automation ControlLogix® Ethernet Remote Code Execution Vulnerability |
| CVE-2025-9036 | 2025-08-14 | Rockwell Automation FactoryTalk® Action Manager v1.0.0 Runtime Vulnerability |
| CVE-2025-7774 | 2025-08-14 | Rockwell Automation ArmorBlock 5000 I/O – Web Server Vulnerabilities |
| CVE-2025-7773 | 2025-08-14 | Rockwell Automation ArmorBlock 5000 I/O – Web Server Vulnerabilities |
| CVE-2025-7973 | 2025-08-14 | Rockwell Automation FactoryTalk® ViewPoint Privilege Escalation Vulnerability |
| CVE-2025-36581 | 2025-08-14 | Dell PowerEdge Platform version(s) 14G AMD BIOS v1.25.0 and prior, contain(s) an Access of Memory Location After End of Buffer vulnerability. A low privileged attacker with local access could potentially... |
| CVE-2025-9041 | 2025-08-14 | Rockwell Automation FLEX 5000 I/O - Module Fault |
| CVE-2025-9042 | 2025-08-14 | Rockwell Automation FLEX 5000 I/O - Module Fault |
| CVE-2025-26484 | 2025-08-14 | Dell CloudLink, versions 8.0 through 8.1.1, contains an Improper Restriction of XML External Entity Reference vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to... |
| CVE-2025-38745 | 2025-08-14 | Dell OpenManage Enterprise, versions 3.10, 4.0, 4.1, and 4.2, contains an Insertion of Sensitive Information into Log File vulnerability in the Backup and Restore. A low privileged attacker with remote... |
| CVE-2025-8962 | 2025-08-14 | code-projects Hostel Management System Login Form hostel_manage.exe stack-based overflow |
| CVE-2025-38738 | 2025-08-14 | SupportAssist for Home PCs Installer exe version(s) 4.8.2.29006 and prior, contain(s) an Incorrect Privilege Assignment vulnerability in the Installer. A low privileged attacker with local access could potentially exploit this... |
| CVE-2025-36612 | 2025-08-14 | SupportAssist for Business PCs, version(s) 4.5.3 and prior, contain(s) an Incorrect Privilege Assignment vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to elevation of... |
| CVE-2025-36613 | 2025-08-14 | SupportAssist for Home PCs versions 4.6.3 and prior and SupportAssist for Business PCs versions 4.5.3 and prior, contain(s) an Incorrect Privilege Assignment vulnerability. A low privileged attacker with local access... |
| CVE-2025-7972 | 2025-08-14 | Rockwell Automation FactoryTalk® Linx Network Browser Security Bypass Vulnerability |
| CVE-2025-8876 | 2025-08-14 | Command Injection Vulnerability |
| CVE-2025-8875 | 2025-08-14 | Insecure Deserialization Vulnerability |
| CVE-2025-7971 | 2025-08-14 | Studio 5000 Logix Designer® – Arbitrary Code Execution Vulnerability |
| CVE-2025-8964 | 2025-08-14 | code-projects Hostel Management System Login hostel_manage.exe improper authentication |
| CVE-2025-40758 | 2025-08-14 | A vulnerability has been identified in Mendix SAML (Mendix 10.12 compatible) (All versions < V4.0.3), Mendix SAML (Mendix 10.21 compatible) (All versions < V4.1.2), Mendix SAML (Mendix 9.24 compatible) (All... |
| CVE-2025-53631 | 2025-08-14 | flaskBlog XSS Vulnerability in postContent |
| CVE-2025-8965 | 2025-08-14 | linlinjava litemall Endpoint AdminStorageController.java create unrestricted upload |
| CVE-2025-8966 | 2025-08-14 | itsourcecode Online Tour and Travel Management System tax.php sql injection |
| CVE-2025-36047 | 2025-08-14 | IBM WebSphere Application Server Liberty denial of service |
| CVE-2025-33142 | 2025-08-14 | IBM WebSphere Application Server information disclosure |
| CVE-2025-54409 | 2025-08-14 | AIDE null pointer dereference when reading incorrectly encoded xattr attributes from database (local DoS) |
| CVE-2025-54389 | 2025-08-14 | AIDE improper output neutralization vulnerability |
| CVE-2025-8967 | 2025-08-14 | itsourcecode Online Tour and Travel Management System packages.php sql injection |
| CVE-2025-54867 | 2025-08-14 | Youki Symlink Following Vulnerability |
| CVE-2025-9039 | 2025-08-14 | Information Disclosure in Amazon ECS Container Agent |
| CVE-2025-9043 | 2025-08-14 | The service executable path in Seagate Toolkit on Versions prior to 2.34.0.33 on Windows allows an attacker with Admin privileges to exploit a vulnerability as classified under CWE-428: Unquoted Search... |
| CVE-2025-20134 | 2025-08-14 | Cisco Adaptive Security Appliance and Firepower Threat Defense Software SSL/TLS Certificate Denial of Service Vulnerability |
| CVE-2025-20133 | 2025-08-14 | Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software Remote Access SSL VPN Authentication Targeted Denial of Service Vulnerability |
| CVE-2025-20127 | 2025-08-14 | Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software for Firepower 3100 and 4200 Series TLS Cipher Denial of Service Vulnerability |
| CVE-2025-20135 | 2025-08-14 | Cisco Adaptive Security Appliance and Firepower Threat Defense Software DHCP Denial of Service Vulnerability |
| CVE-2025-20136 | 2025-08-14 | Cisco Adaptive Security Appliance and Firepower Threat Defense Software Network Address Translation DNS Inspection Denial of Service Vulnerability |
| CVE-2025-20148 | 2025-08-14 | Cisco Secure Firewall Management Center HTML Injection Vulnerability |
| CVE-2025-20217 | 2025-08-14 | Cisco Firepower Threat Defense Intrusion Detection Denial of Service Vulnerability |
| CVE-2025-20218 | 2025-08-14 | Cisco Secure Firepower Management Center Software XPATH Injection Vulnerability |
| CVE-2025-20219 | 2025-08-14 | Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software Access Control Bypass Vulnerability |
| CVE-2025-20222 | 2025-08-14 | Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Buffer Vulnerability |
| CVE-2025-20224 | 2025-08-14 | A vulnerability in the Internet Key Exchange Version 2 (IKEv2) module of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Secure Firewall Threat Defense (FTD) Software could allow an... |
| CVE-2025-20235 | 2025-08-14 | Cisco Secure Firewall Management Center Software Cross-Site Scripting Vulnerability |
| CVE-2025-20225 | 2025-08-14 | A vulnerability in the Internet Key Exchange Version 2 (IKEv2) feature of Cisco IOS Software, IOS XE Software, Secure Firewall Adaptive Security Appliance (ASA) Software, and Secure Firewall Threat Defense... |
| CVE-2025-20238 | 2025-08-14 | A vulnerability in Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary commands on... |
| CVE-2025-20237 | 2025-08-14 | A vulnerability in Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary commands on... |
| CVE-2025-20239 | 2025-08-14 | A vulnerability in the Internet Key Exchange Version 2 (IKEv2) feature of Cisco IOS Software, IOS XE Software, Secure Firewall Adaptive Security Appliance (ASA) Software, and Secure Firewall Threat Defense... |
| CVE-2025-20243 | 2025-08-14 | Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software Remote Access SSL VPN Denial of Service Vulnerability |
| CVE-2025-20244 | 2025-08-14 | Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software Remote Access VPN Web Server Denial of Service Vulnerability |
| CVE-2025-20251 | 2025-08-14 | Cisco Secure Firewall Adaptive Security Appliance and Cisco Secure Firewall Threat Defense Software Authenticated Arbitrary File Deletion |
| CVE-2025-20252 | 2025-08-14 | A vulnerability in the Internet Key Exchange Version 2 (IKEv2) module of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Secure Firewall Threat Defense (FTD) Software could allow an... |
| CVE-2025-20253 | 2025-08-14 | Cisco IOS, IOS XE, Secure Firewall Adaptive Security Appliance, and Secure Firewall Threat Defense Software IKEv2 Denial of Service Vulnerability |
| CVE-2025-20263 | 2025-08-14 | Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Buffer Overflow Denial of Service Vulnerability |
| CVE-2025-20254 | 2025-08-14 | A vulnerability in the Internet Key Exchange Version 2 (IKEv2) module of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Secure Firewall Threat Defense (FTD) Software could allow an... |
| CVE-2025-20265 | 2025-08-14 | Cisco Secure Firewall Management Center Software Radius Remote Code Execution Vulnerability |
| CVE-2025-20268 | 2025-08-14 | Cisco Secure Firewall Threat Defense Software Geolocation Remote Access VPN Bypass Vulnerability |
| CVE-2025-20301 | 2025-08-14 | Cisco Secure Firewall Management Center Software Authorization Bypass Vulnerability |
| CVE-2025-20302 | 2025-08-14 | Cisco Secure Firewall Management Center Software Authorization Bypass Vulnerability |
| CVE-2025-20306 | 2025-08-14 | Cisco Secure Firewall Management Center Software Command Injection Vulnerability |
| CVE-2025-8968 | 2025-08-14 | itsourcecode Online Tour and Travel Management System disapprove_user.php sql injection |
| CVE-2025-8969 | 2025-08-14 | itsourcecode Online Tour and Travel Management System approve_user.php sql injection |
| CVE-2025-55195 | 2025-08-14 | @std/toml Prototype Pollution in Node.js and Browser |
| CVE-2025-20220 | 2025-08-14 | A vulnerability in the CLI of Cisco Secure Firewall Management Center (FMC) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an authenticated, local attacker to execute arbitrary... |
| CVE-2025-55192 | 2025-08-14 | HomeAssistant-Tapo-Control Code Injection Vulnerability in issues.yml Workflow |
| CVE-2025-8970 | 2025-08-14 | itsourcecode Online Tour and Travel Management System booking.php sql injection |
| CVE-2025-8971 | 2025-08-14 | itsourcecode Online Tour and Travel Management System travellers.php sql injection |
| CVE-2024-37945 | 2025-08-14 | WordPress WPBITS Addons For Elementor plugin <= 1.5 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-8972 | 2025-08-14 | itsourcecode Online Tour and Travel Management System page-login.php sql injection |
| CVE-2025-8973 | 2025-08-14 | SourceCodester Cashier Queuing System Actions.php sql injection |
| CVE-2025-8974 | 2025-08-14 | linlinjava litemall JSON Web Token JwtHelper.java hard-coded credentials |
| CVE-2025-21110 | 2025-08-14 | Dell Data Lakehouse, versions prior to 1.5.0.0, contains an Execution with Unnecessary Privileges vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Denial of... |
| CVE-2025-55716 | 2025-08-14 | WordPress WP Statistics Plugin <= 14.15 - Broken Access Control Vulnerability |
| CVE-2025-55714 | 2025-08-14 | WordPress JetElements For Elementor Plugin <= 2.7.9 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-55713 | 2025-08-14 | WordPress Blocksy Theme <= 2.1.6 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-55712 | 2025-08-14 | WordPress The Plus Addons for Elementor Page Builder Lite Plugin <= 6.3.13 - Broken Access Control Vulnerability |
| CVE-2025-55711 | 2025-08-14 | WordPress WP Table Builder Plugin <= 2.0.12 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-55710 | 2025-08-14 | WordPress TaxoPress Plugin <= 3.37.2 - Sensitive Data Exposure Vulnerability |
| CVE-2025-55709 | 2025-08-14 | WordPress Visual Composer Website Builder Plugin < 45.15.0 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-55708 | 2025-08-14 | WordPress Quiz And Survey Master Plugin <= 10.2.4 - SQL Injection Vulnerability |
| CVE-2025-54749 | 2025-08-14 | WordPress JetProductGallery Plugin <= 2.2.0.2 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-54747 | 2025-08-14 | WordPress Templatera Plugin <= 2.3.0 - Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-54746 | 2025-08-14 | WordPress Shortcode Redirect Plugin <= 1.0.02 - Cross Site Scripting (XSS) Vulnerability |