CVE List - 2025 / August
Showing 3501 - 3600 of 3631 CVEs for August 2025 (Page 36 of 37)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2025-30270 | 2025-08-29 | QTS, QuTS hero |
| CVE-2025-30271 | 2025-08-29 | QTS, QuTS hero |
| CVE-2025-30272 | 2025-08-29 | QTS, QuTS hero |
| CVE-2025-30273 | 2025-08-29 | QTS, QuTS hero |
| CVE-2025-30274 | 2025-08-29 | QTS, QuTS hero |
| CVE-2025-30275 | 2025-08-29 | Qsync Central |
| CVE-2025-30277 | 2025-08-29 | Qsync Central |
| CVE-2025-30278 | 2025-08-29 | Qsync Central |
| CVE-2025-33032 | 2025-08-29 | QTS, QuTS hero |
| CVE-2025-33033 | 2025-08-29 | Qsync Central |
| CVE-2025-33036 | 2025-08-29 | Qsync Central |
| CVE-2025-33037 | 2025-08-29 | Qsync Central |
| CVE-2025-33038 | 2025-08-29 | Qsync Central |
| CVE-2025-44015 | 2025-08-29 | HybridDesk Station |
| CVE-2025-52856 | 2025-08-29 | VioStor |
| CVE-2025-52861 | 2025-08-29 | VioStor |
| CVE-2025-9377 | 2025-08-29 | Authenticated RCE via Parental Control command injection |
| CVE-2025-9665 | 2025-08-29 | code-projects Simple Grading System Admin Panel edit_student.php sql injection |
| CVE-2025-58158 | 2025-08-29 | Harness Affected by Arbitrary File Write in Gitness LFS server |
| CVE-2025-9666 | 2025-08-29 | code-projects Simple Grading System Admin Panel delete_student.php sql injection |
| CVE-2025-9667 | 2025-08-29 | code-projects Simple Grading System Admin Panel delete_account.php sql injection |
| CVE-2025-43773 | 2025-08-29 | Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q2.0, 2025.Q1.0 through 2025.Q1.14, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.0 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.18 and 7.4 GA through update 92... |
| CVE-2025-9669 | 2025-08-29 | Jinher OA GetTreeDate.aspx sql injection |
| CVE-2025-9670 | 2025-08-29 | mixmark-io turndown commonmark-rules.js redos |
| CVE-2025-9671 | 2025-08-29 | UAB Paytend App com.passport.cash AndroidManifest.xml improper export of android application components |
| CVE-2025-9672 | 2025-08-29 | Rejseplanen App de.hafas.android.rejseplanen AndroidManifest.xml improper export of android application components |
| CVE-2025-9673 | 2025-08-29 | Kakao 헤이카카오 Hey Kakao App com.kakao.i.connect AndroidManifest.xml improper export of android application components |
| CVE-2025-9674 | 2025-08-29 | Transbyte Scooper News App com.hatsune.eagleee AndroidManifest.xml improper export of android application components |
| CVE-2025-9675 | 2025-08-29 | Voice Changer App com.tuyangkeji.changevoice AndroidManifest.xml improper export of android application components |
| CVE-2025-58066 | 2025-08-29 | DoS Vulnerability in ntpd-rs |
| CVE-2025-9676 | 2025-08-29 | NCSOFT Universe App com.ncsoft.universeapp AndroidManifest.xml improper export of android application components |
| CVE-2025-9677 | 2025-08-29 | Modo Legend of the Phoenix com.duige.hzw.multilingual AndroidManifest.xml improper export of android application components |
| CVE-2025-58067 | 2025-08-29 | Basecamp's Google Sign-In for Rails allowed redirects to protocol-relative URI |
| CVE-2025-58068 | 2025-08-29 | Eventlet affected by HTTP request smuggling in unparsed trailers |
| CVE-2025-58157 | 2025-08-29 | gnark affected by denial of service when computing scalar multiplication using fake-GLV algorithm |
| CVE-2025-58160 | 2025-08-29 | Tracing logging user input may result in poisoning logs with ANSI escape sequences |
| CVE-2025-9678 | 2025-08-29 | Campcodes Online Loan Management System ajax.php sql injection |
| CVE-2025-57822 | 2025-08-29 | Next.js Improper Middleware Redirect Handling Leads to SSRF |
| CVE-2025-58156 | 2025-08-29 | Centurion ERP users can view hashed authentication tokens that belong to other users |
| CVE-2025-55173 | 2025-08-29 | Next.js Content Injection Vulnerability for Image Optimization |
| CVE-2025-57752 | 2025-08-29 | Next.js Affected by Cache Key Confusion for Image Optimization API Routes |
| CVE-2025-58159 | 2025-08-29 | WeGIA Authenticated Arbitrary File Upload Leading To Remote Code Execution (RCE) |
| CVE-2025-34164 | 2025-08-29 | NetSupport Manager < 14.12.0000 Heap-Based Buffer Overflow |
| CVE-2025-34165 | 2025-08-29 | NetSupport Manager < 14.12.0000 Stack-Based Buffer Overflow |
| CVE-2025-9618 | 2025-08-30 | Related Posts Lite <= 1.12 - Cross-Site Request Forgery |
| CVE-2025-4956 | 2025-08-30 | WordPress Pro Bulk Watermark Plugin for WordPress Theme <= 2.0 - Path Traversal Vulnerability |
| CVE-2025-54942 | 2025-08-30 | SUNNET Corporate Training Management System - Missing Authentication for Critical Function |
| CVE-2025-54943 | 2025-08-30 | SUNNET Corporate Training Management System - Missing Authorization |
| CVE-2025-54944 | 2025-08-30 | SUNNET Corporate Training Management System - Unrestricted Upload of File with Dangerous Type |
| CVE-2025-54945 | 2025-08-30 | SUNNET Corporate Training Management System - External Control of File Name or Path |
| CVE-2025-54946 | 2025-08-30 | SUNNET Corporate Training Management System - SQL Injection |
| CVE-2025-9499 | 2025-08-30 | Ocean Extra <= 2.4.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via oceanwp_library Shortcode |
| CVE-2025-9500 | 2025-08-30 | TablePress <= 3.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via shortcode_debug Parameter |
| CVE-2025-9679 | 2025-08-30 | itsourcecode Student Information System course_edit1.php sql injection |
| CVE-2025-9680 | 2025-08-30 | O2OA Personal Profile page cross site scripting |
| CVE-2025-9681 | 2025-08-30 | O2OA Personal Profile agent cross site scripting |
| CVE-2025-38677 | 2025-08-30 | f2fs: fix to avoid out-of-boundary access in dnode page |
| CVE-2025-9682 | 2025-08-30 | O2OA Personal Profile appdict cross site scripting |
| CVE-2025-9683 | 2025-08-30 | O2OA Personal Profile form cross site scripting |
| CVE-2025-9684 | 2025-08-30 | Portabilis i-Educar Formula de Cálculo de Média edit sql injection |
| CVE-2025-9685 | 2025-08-30 | Portabilis i-Educar Listagem de áreas de conhecimento view sql injection |
| CVE-2025-9686 | 2025-08-30 | Portabilis i-Educar Listagem de áreas de conhecimento edit sql injection |
| CVE-2025-9687 | 2025-08-30 | Portabilis i-Educar processamentoApi improper authorization |
| CVE-2025-9688 | 2025-08-30 | Mupen64Plus is_viewer.c write_is_viewer integer overflow |
| CVE-2025-0165 | 2025-08-30 | IBM watsonx Orchestrate Cartridge for IBM Cloud Pak for Data SQL injection |
| CVE-2025-9689 | 2025-08-30 | SourceCodester Advanced School Management System item_select sql injection |
| CVE-2025-9690 | 2025-08-30 | SourceCodester Advanced School Management System vendordetails sql injection |
| CVE-2008-20001 | 2025-08-30 | activePDF WebGrabber ActiveX Control Buffer Overflow |
| CVE-2009-20009 | 2025-08-30 | Belkin Bulldog Plus Web Service Buffer Overflow |
| CVE-2010-10016 | 2025-08-30 | BS.Player 2.57 Buffer Overflow via M3U Playlist Import |
| CVE-2005-10004 | 2025-08-30 | Cacti graph_view.php RCE via graph_start Parameter Injection |
| CVE-2009-20011 | 2025-08-30 | ContentKeeper Web Appliance < 125.10 RCE via mimencode |
| CVE-2009-20010 | 2025-08-30 | Dogfood CRM spell.php RCE |
| CVE-2009-20008 | 2025-08-30 | Green Dam < 3.174 URL Processing Buffer Overflow |
| CVE-2011-10032 | 2025-08-30 | Sunway Forcecontrol SNMP NetDBServer.exe Opcode 0x57 |
| CVE-2010-10017 | 2025-08-30 | WM Downloader 3.1.2.2 Buffer Overflow via Malformed M3U File |
| CVE-2012-10062 | 2025-08-30 | XAMPP WebDAV PHP Upload Authentication Bypass RCE |
| CVE-2025-9691 | 2025-08-30 | Campcodes Online Shopping System login.php sql injection |
| CVE-2025-9692 | 2025-08-30 | Campcodes Online Shopping System product.php sql injection |
| CVE-2025-9694 | 2025-08-30 | Campcodes Advanced Online Voting System login.php sql injection |
| CVE-2025-9695 | 2025-08-30 | GalleryVault Gallery Vault App com.thinkyeah.galleryvault AndroidManifest.xml improper export of android application components |
| CVE-2025-9699 | 2025-08-30 | SourceCodester Online Polling System Code checklogin.php sql injection |
| CVE-2025-9700 | 2025-08-30 | SourceCodester Online Book Store publisher_list.php sql injection |
| CVE-2025-9701 | 2025-08-30 | SourceCodester Simple Cafe Billing System receipt.php sql injection |
| CVE-2025-9702 | 2025-08-30 | SourceCodester Simple Cafe Billing System sales_report.php sql injection |
| CVE-2025-9704 | 2025-08-30 | SourceCodester Water Billing System viewbill.php sql injection |
| CVE-2025-9705 | 2025-08-30 | SourceCodester Water Billing System paybill.php sql injection |
| CVE-2025-9706 | 2025-08-30 | SourceCodester Water Billing System edit.php sql injection |
| CVE-2025-9715 | 2025-08-31 | O2OA Personal Profile script cross site scripting |
| CVE-2024-32589 | 2025-08-31 | WordPress Barcode Scanner and Inventory manager plugin <= 1.5.3 - Broken Access Control to XSS vulnerability |
| CVE-2024-32832 | 2025-08-31 | WordPress Login with Phone Number plugin <= 1.6.93 - Broken Access Control vulnerability |
| CVE-2025-47696 | 2025-08-31 | WordPress Blog Designer PRO plugin <= 3.4.7 - Unauthenticated Non-Arbitrary Local File Inclusion vulnerability |
| CVE-2025-31100 | 2025-08-31 | WordPress School Management Plugin <= 1.93.1 (02-07-2025) - Arbitrary File Upload Vulnerability |
| CVE-2025-5083 | 2025-08-31 | Amministrazione Trasparente <= 9.0 - Authenticated (Administrator+) Stored Cross-Site Scripting via print_r Function |
| CVE-2025-9716 | 2025-08-31 | O2OA Personal Profile form cross site scripting |
| CVE-2025-9717 | 2025-08-31 | O2OA Personal Profile unit cross site scripting |
| CVE-2025-9718 | 2025-08-31 | O2OA Personal Profile process cross site scripting |
| CVE-2025-9719 | 2025-08-31 | O2OA Personal Profile script cross site scripting |
| CVE-2025-9720 | 2025-08-31 | Portabilis i-Educar Cadastrar tabela de arredondamento edit cross site scripting |
| CVE-2025-9721 | 2025-08-31 | Portabilis i-Educar edit cross site scripting |