CVE List - 2025 / August
Showing 3001 - 3100 of 3631 CVEs for August 2025 (Page 31 of 37)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2025-7775 | 2025-08-26 | Memory overflow vulnerability leading to Remote Code Execution and/or Denial of Service |
| CVE-2025-7776 | 2025-08-26 | Memory overflow vulnerability leading to unpredictable or erroneous behavior and Denial of Service |
| CVE-2025-38676 | 2025-08-26 | iommu/amd: Avoid stack buffer overflow from kernel cmdline |
| CVE-2025-8424 | 2025-08-26 | Improper access control on the NetScaler Management Interface |
| CVE-2025-9481 | 2025-08-26 | Linksys RE6250/RE6300/RE6350/RE6500/RE7000/RE9000 setIpv6 stack-based overflow |
| CVE-2025-9482 | 2025-08-26 | Linksys RE6250/RE6300/RE6350/RE6500/RE7000/RE9000 portRangeForwardAdd stack-based overflow |
| CVE-2025-9483 | 2025-08-26 | Linksys RE6250/RE6300/RE6350/RE6500/RE7000/RE9000 singlePortForwardAdd stack-based overflow |
| CVE-2025-6366 | 2025-08-26 | Event List <= 2.0.4 - Authenticated (Subscriber+) Privilege Escalation |
| CVE-2025-57810 | 2025-08-26 | jsPDF Parsing of Corrupt PNGs Leads to Potential Denial of Service (DoS) |
| CVE-2025-57813 | 2025-08-26 | Insertion of Sensitive Information into Log File in github.com/traPtitech/traQ |
| CVE-2025-9491 | 2025-08-26 | Microsoft Windows LNK File UI Misrepresentation Remote Code Execution Vulnerability |
| CVE-2025-36729 | 2025-08-26 | RACOM M!DGE2 Privilege Escalation via SDK Testing Endpoint |
| CVE-2025-55212 | 2025-08-26 | ImageMagick affected by divide-by-zero in ThumbnailImage via montage -geometry ":" leads to crash |
| CVE-2025-1494 | 2025-08-26 | IBM Cognos Command Center clickjacking |
| CVE-2025-2697 | 2025-08-26 | IBM Cognos Command Center HTTP Open Redirect |
| CVE-2025-1994 | 2025-08-26 | IBM Cognos Command Center code execution |
| CVE-2025-55298 | 2025-08-26 | ImageMagick Format String Bug in InterpretImageFilename leads to arbitrary code execution |
| CVE-2025-57803 | 2025-08-26 | ImageMagick (WriteBMPImage): 32-bit integer overflow when writing BMP scanline stride → heap buffer overflow |
| CVE-2025-57818 | 2025-08-26 | Firecrawl SSRF Vulnerability via malicious webhook |
| CVE-2025-23307 | 2025-08-26 | NVIDIA NeMo Curator for all platforms contains a vulnerability where a malicious file created by an attacker could allow code injection. A successful exploit of this vulnerability might lead to... |
| CVE-2025-23312 | 2025-08-26 | NVIDIA NeMo Framework for all platforms contains a vulnerability in the retrieval services component, where malicious data created by an attacker could cause a code injection. A successful exploit of... |
| CVE-2025-23313 | 2025-08-26 | NVIDIA NeMo Framework for all platforms contains a vulnerability in the NLP component, where malicious data created by an attacker could cause a code injection issue. A successful exploit of... |
| CVE-2025-23314 | 2025-08-26 | NVIDIA NeMo Framework for all platforms contains a vulnerability in the NLP component, where malicious data created by an attacker could cause a code injection issue. A successful exploit of... |
| CVE-2025-23315 | 2025-08-26 | NVIDIA NeMo Framework for all platforms contains a vulnerability in the export and deploy component, where malicious data created by an attacker could cause a code injection issue. A successful... |
| CVE-2025-9478 | 2025-08-26 | Use after free in ANGLE in Google Chrome prior to 139.0.7258.154 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical) |
| CVE-2025-9492 | 2025-08-26 | Campcodes Online Water Billing System addclient1.php sql injection |
| CVE-2025-35113 | 2025-08-26 | Agiloft improper neutralization in EUI template engine |
| CVE-2025-35114 | 2025-08-26 | Agiloft local privilege escalation via default credentials |
| CVE-2025-35115 | 2025-08-26 | Agiloft insecure download of system packages |
| CVE-2025-35112 | 2025-08-26 | Agiloft XML external entity local path traversal |
| CVE-2025-9277 | 2025-08-26 | SiteSEO – SEO Simplified <= 1.2.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Broken Regex Expression |
| CVE-2025-57820 | 2025-08-26 | Svelte devalue vulnerable to prototype pollution |
| CVE-2023-21125 | 2025-08-26 | In btif_hh_hsdata_rpt_copy_cb of bta_hh.cc, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege over Bluetooth with no... |
| CVE-2024-49740 | 2025-08-26 | In multiple locations, there is a possible crash loop due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is... |
| CVE-2025-0074 | 2025-08-26 | In process_service_attr_rsp of sdp_discovery.cc, there is a possible way to execute arbitrary code due to a use after free. This could lead to remote code execution with no additional execution... |
| CVE-2025-0075 | 2025-08-26 | In process_service_search_attr_req of sdp_server.cc, there is a possible way to execute arbitrary code due to a use after free. This could lead to remote code execution with no additional execution... |
| CVE-2025-0078 | 2025-08-26 | In main of main.cpp, there is a possible way to bypass SELinux due to a logic error in the code. This could lead to local escalation of privilege with no... |
| CVE-2025-0079 | 2025-08-26 | In multiple locations, there is a possible way that avdtp and avctp channels could be unencrypted due to a logic error in the code. This could lead to local escalation... |
| CVE-2025-0080 | 2025-08-26 | In multiple locations, there is a possible way to overlay the installation confirmation dialog due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional... |
| CVE-2025-0081 | 2025-08-26 | In dng_lossless_decoder::HuffDecode of dng_lossless_jpeg.cpp, there is a possible way to cause a crash due to uninitialized data. This could lead to remote denial of service with no additional execution privileges... |
| CVE-2025-0082 | 2025-08-26 | In multiple functions of StatusHint.java and TelecomServiceImpl.java, there is a possible way to reveal images across users due to a confused deputy. This could lead to local information disclosure with... |
| CVE-2025-0083 | 2025-08-26 | In multiple locations, there is a possible way to access content across user profiles due to URI double encoding. This could lead to local information disclosure with no additional execution... |
| CVE-2025-0084 | 2025-08-26 | In multiple locations, there is a possible out of bounds write due to a use after free. This could lead to remote code execution over Bluetooth, if HFP support is... |
| CVE-2025-0086 | 2025-08-26 | In onResult of AccountManagerService.java, there is a possible way to overwrite auth token due to a missing permission check. This could lead to local information disclosure with no additional execution... |
| CVE-2025-0092 | 2025-08-26 | In handleBondStateChanged of AdapterService.java, there is a possible permission bypass due to misleading or insufficient UI. This could lead to remote (proximal/adjacent) information disclosure with no additional execution privileges needed.... |
| CVE-2025-0093 | 2025-08-26 | In handleBondStateChanged of AdapterService.java, there is a possible unapproved data access due to a missing permission check. This could lead to remote information disclosure with no additional execution privileges needed.... |
| CVE-2025-22403 | 2025-08-26 | In sdp_snd_service_search_req of sdp_discovery.cc, there is a possible way to execute arbitrary code due to a use after free. This could lead to remote code execution with no additional execution... |
| CVE-2025-22404 | 2025-08-26 | In avct_lcb_msg_ind of avct_lcb_act.cc, there is a possible way to execute arbitrary code due to a use after free. This could lead to local escalation of privilege with no additional... |
| CVE-2025-22405 | 2025-08-26 | In multiple locations, there is a possible way to execute arbitrary code due to a use after free. This could lead to local escalation of privilege with no additional execution... |
| CVE-2025-22406 | 2025-08-26 | In bnepu_check_send_packet of bnep_utils.cc, there is a possible way to achieve code execution due to a use after free. This could lead to local escalation of privilege with no additional... |
| CVE-2025-22407 | 2025-08-26 | In hidd_check_config_done of hidd_conn.cc, there is a possible way to execute arbitrary code due to a use after free. This could lead to local information disclosure with no additional execution... |
| CVE-2025-22408 | 2025-08-26 | In rfc_check_send_cmd of rfc_utils.cc, there is a possible way to execute arbitrary code due to a use after free. This could lead to remote code execution with no additional execution... |
| CVE-2025-22409 | 2025-08-26 | In rfc_send_buf_uih of rfc_ts_frames.cc, there is a possible way to execute arbitrary code due to a use after free. This could lead to local escalation of privilege with no additional... |
| CVE-2025-22410 | 2025-08-26 | In multiple locations, there is a possible way to execute arbitrary code due to a use after free. This could lead to local escalation of privilege with no additional execution... |
| CVE-2025-22411 | 2025-08-26 | In process_service_attr_rsp of sdp_discovery.cc, there is a possible use after free due to a logic error in the code. This could lead to remote (proximal/adjacent) code execution with no additional... |
| CVE-2025-22412 | 2025-08-26 | In multiple functions of sdp_server.cc, there is a possible use after free due to a logic error in the code. This could lead to remote (proximal/adjacent) code execution with no... |
| CVE-2025-22413 | 2025-08-26 | In multiple functions of hyp-main.c, there is a possible privilege escalation due to a logic error in the code. This could lead to local information disclosure with no additional execution... |
| CVE-2025-26417 | 2025-08-26 | In checkWhetherCallingAppHasAccess of DownloadProvider.java, there is a possible bypass of user consent when opening files in shared storage due to a confused deputy. This could lead to local information disclosure... |
| CVE-2025-8490 | 2025-08-26 | All-in-One WP Migration and Backup <= 7.97 - Authenticated (Administrator+) Stored Cross-Site Scripting via Import |
| CVE-2024-37777 | 2025-08-27 | O2OA v9.0.3 was discovered to contain a remote code execution (RCE) vulnerability via the mainOutput() function. |
| CVE-2025-50428 | 2025-08-27 | In RaspAP raspap-webgui 3.3.2 and earlier, a command injection vulnerability exists in the includes/hostapd.php script. The vulnerability is due to improper sanitizing of user input passed via the interface parameter. |
| CVE-2025-50972 | 2025-08-27 | SQL Injection vulnerability in AbanteCart 1.4.2, allows unauthenticated attackers to execute arbitrary SQL commands via the tmpl_id parameter to index.php. Three techniques have been demonstrated: error-based injection using a crafted... |
| CVE-2025-50977 | 2025-08-27 | A template injection vulnerability leading to reflected cross-site scripting (XSS) has been identified in version 1.7.1, requiring authenticated admin access for exploitation. The vulnerability exists in the 'r' parameter and... |
| CVE-2025-50978 | 2025-08-27 | In Gitblit v1.7.1, a reflected cross-site scripting (XSS) vulnerability exists in the way repository path names are handled. By injecting a specially crafted path payload an attacker can cause arbitrary... |
| CVE-2025-50979 | 2025-08-27 | NodeBB v4.3.0 is vulnerable to SQL injection in its search-categories API endpoint (/api/v3/search/categories). The search query parameter is not properly sanitized, allowing unauthenticated, remote attackers to inject boolean-based blind and... |
| CVE-2025-50983 | 2025-08-27 | SQL Injection vulnerability exists in the sortKey parameter of the GET /api/v1/wanted/cutoff API endpoint in readarr 0.4.15.2787. The endpoint fails to properly sanitize user-supplied input, allowing attackers to inject and... |
| CVE-2025-50984 | 2025-08-27 | diskover-web v2.3.0 Community Edition is vulnerable to multiple boolean-based blind SQL injection flaws in its Elasticsearch configuration form. Unsanitized user input in POST parameters such as ES_PASS, ES_MAXSIZE, ES_TRANSLOGSIZE, ES_TIMEOUT,... |
| CVE-2025-50985 | 2025-08-27 | diskover-web v2.3.0 Community Edition is vulnerable to multiple reflected cross-site scripting (XSS) flaws in its web interface. Unsanitized GET parameters including maxage, maxindex, index, path, q (query), and doctype are... |
| CVE-2025-50986 | 2025-08-27 | diskover-web v2.3.0 Community Edition suffers from multiple stored cross-site scripting (XSS) vulnerabilities in its administrative settings interface. Various configuration fields such as ES_HOST, ES_INDEXREFRESH, ES_PORT, ES_SCROLLSIZE, ES_TRANSLOGSIZE, ES_TRANSLOGSYNCINT, EXCLUDES_FILES, FILE_TYPES[],... |
| CVE-2025-50989 | 2025-08-27 | OPNsense before 25.1.8 contains an authenticated command injection vulnerability in its Bridge Interface Edit endpoint (interfaces_bridge_edit.php). The span POST parameter is concatenated into a system-level command without proper sanitization or... |
| CVE-2025-51667 | 2025-08-27 | An issue was discovered in simple-admin-core v1.2.0 thru v1.6.7. The /sys-api/role/update interface in the simple-admin-core system has a limited SQL injection vulnerability, which may lead to partial data leakage or... |
| CVE-2025-52122 | 2025-08-27 | Freeform 5.0.0 to before 5.10.16, a plugin for CraftCMS, contains an Server-side template injection (SSTI) vulnerability, resulting in arbitrary code injection for all users that have access to editing a... |
| CVE-2025-54598 | 2025-08-27 | The Bevy Event service through 2025-07-22, as used for eBay Seller Events and other activities, allows CSRF to delete all notifications via the /notifications/delete/ URI. |
| CVE-2025-55422 | 2025-08-27 | In FoxCMS 1.2.6, there is a reflected Cross Site Scripting (XSS) vulnerability in /index.php/plus. |
| CVE-2025-55495 | 2025-08-27 | Tenda AC6 V15.03.06.23_multi was discovered to contain a buffer overflow via the list parameter in the fromSetIpMacBind function. |
| CVE-2025-55582 | 2025-08-27 | D-Link DCS-825L firmware v1.08.01 contains a vulnerability in the watchdog script `mydlink-watch-dog.sh`, which blindly respawns binaries such as `dcp` and `signalc` without verifying integrity, authenticity, or permissions. An attacker with... |
| CVE-2025-55618 | 2025-08-27 | In Hyundai Navigation App STD5W.EUR.HMC.230516.afa908d, an attacker can inject HTML payloads in the profile name field in navigation app which then get rendered. |
| CVE-2025-56694 | 2025-08-27 | Client-side password validation (CWE-602) in lumasoft fotoShare Cloud 2025-03-13 allowing unauthenticated attackers to view password-protected photo albums. |
| CVE-2025-7732 | 2025-08-27 | Lazy Load for Videos <= 2.18.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via data-video-title and href Attributes |
| CVE-2025-9502 | 2025-08-27 | Campcodes Online Loan Management System ajax.php sql injection |
| CVE-2025-9503 | 2025-08-27 | Campcodes Online Loan Management System ajax.php sql injection |
| CVE-2025-49040 | 2025-08-27 | WordPress Backup Bolt plugin <= 1.4.1 - Cross Site Request Forgery (CSRF) vulnerability |
| CVE-2025-49039 | 2025-08-27 | WordPress Link View plugin <= 0.8.0 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-49035 | 2025-08-27 | WordPress Admin Menu Groups plugin <= 0.1.2 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-9504 | 2025-08-27 | Campcodes Online Loan Management System ajax.php sql injection |
| CVE-2025-9505 | 2025-08-27 | Campcodes Online Loan Management System ajax.php sql injection |
| CVE-2025-9506 | 2025-08-27 | Campcodes Online Loan Management System ajax.php sql injection |
| CVE-2025-9507 | 2025-08-27 | itsourcecode Apartment Management System visitor_info.php sql injection |
| CVE-2025-9508 | 2025-08-27 | itsourcecode Apartment Management System rented_info.php sql injection |
| CVE-2025-9509 | 2025-08-27 | itsourcecode Apartment Management System fair_info_all.php sql injection |
| CVE-2025-9510 | 2025-08-27 | itsourcecode Apartment Management System addbranch.php sql injection |
| CVE-2025-48081 | 2025-08-27 | WordPress Printeers Print & Ship plugin <= 1.17.0 - Directory Traversal vulnerability |
| CVE-2025-57846 | 2025-08-27 | Multiple i-フィルター products contain an issue with incorrect default permissions. If this vulnerability is exploited, a local authenticated attacker may replace a service executable on the system where the product... |
| CVE-2025-9511 | 2025-08-27 | itsourcecode Apartment Management System addvisitor.php sql injection |
| CVE-2025-9513 | 2025-08-27 | editso fuso mod.rs PenetrateRsaAndAesHandshake inadequate encryption |
| CVE-2025-57797 | 2025-08-27 | Incorrect privilege assignment vulnerability exists in ScanSnap Manager installers versions prior to V6.5L61. If this vulnerability is exploited, an authenticated local attacker may escalate privileges and execute an arbitrary command. |
| CVE-2025-9514 | 2025-08-27 | macrozheng mall Registration weak password |
| CVE-2021-4459 | 2025-08-27 | SMA: Directory Traversal in Sunny Boy <3.10.27.R |
| CVE-2025-2313 | 2025-08-27 | RCE via Print.pl in uhcPrintServerPrint |
| CVE-2025-30036 | 2025-08-27 | Stored XSS permitting session takeover of arbitrary user |