CVE List - 2025 / August
Showing 801 - 900 of 3631 CVEs for August 2025 (Page 9 of 37)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2025-8759 | 2025-08-09 | TRENDnet TN-200 Lighttpd hard-coded key |
| CVE-2025-8763 | 2025-08-09 | Ruijie EG306MG strongSwan strongswan.conf missing encryption |
| CVE-2025-8764 | 2025-08-09 | linlinjava litemall upload unrestricted upload |
| CVE-2025-8765 | 2025-08-09 | Datacom DM955 5GT 1200 Wireless Basic Settings cross site scripting |
| CVE-2025-8772 | 2025-08-09 | Vinades NukeViet Module index.php server-side request forgery |
| CVE-2025-8773 | 2025-08-09 | Dinstar Monitoring Platform 甘肃省危险品库监控平台 login_getPasswordErrorNum.action sql injection |
| CVE-2025-8774 | 2025-08-09 | riscv-boom SonicBOOM L1 Data Cache timing discrepancy |
| CVE-2025-8775 | 2025-08-09 | Qiyuesuo Eelectronic Signature Platform Scheduled Task upload execute unrestricted upload |
| CVE-2025-8784 | 2025-08-09 | Portabilis i-Educar Cadastrar Vínculo funcionario_vinculo_cad.php cross site scripting |
| CVE-2025-8785 | 2025-08-09 | Portabilis i-Educar educar_usuario_lst.php cross site scripting |
| CVE-2025-52136 | 2025-08-10 | In EMQX before 5.8.6, administrators can install arbitrary novel plugins via the Dashboard web interface. NOTE: the Supplier's position is that this is the intended behavior; however, 5.8.6 adds a... |
| CVE-2025-8786 | 2025-08-10 | Portabilis i-Diario Registro das atividades registros-de-conteudos-por-areas-de-conhecimento cross site scripting |
| CVE-2025-8787 | 2025-08-10 | Portabilis i-Diario Registro das atividades registros-de-conteudos-por-disciplina cross site scripting |
| CVE-2025-8788 | 2025-08-10 | Portabilis i-Diario Informações adicionais planos-de-aula-por-areas-de-conhecimento cross site scripting |
| CVE-2025-8789 | 2025-08-10 | Portabilis i-Educar API Endpoint Diario authorization |
| CVE-2025-8790 | 2025-08-10 | Portabilis i-Educar API Endpoint pessoa improper authorization |
| CVE-2025-8791 | 2025-08-10 | LitmusChaos Litmus list_projects improper authorization |
| CVE-2025-8792 | 2025-08-10 | LitmusChaos Litmus client-side enforcement of server-side security |
| CVE-2025-8793 | 2025-08-10 | LitmusChaos Litmus resource injection |
| CVE-2025-8794 | 2025-08-10 | LitmusChaos Litmus LocalStorage authorization |
| CVE-2025-8795 | 2025-08-10 | LitmusChaos Litmus login access control |
| CVE-2025-8796 | 2025-08-10 | LitmusChaos Litmus Delete Request delete_project authorization |
| CVE-2025-8797 | 2025-08-10 | LitmusChaos Litmus LocalStorage permission |
| CVE-2025-8798 | 2025-08-10 | oitcode samarium Create Product product unrestricted upload |
| CVE-2025-8799 | 2025-08-10 | Open5GS AMF npcf-build.c amf_nsmf_pdusession_build_create_sm_context denial of service |
| CVE-2025-8800 | 2025-08-10 | Open5GS AMF esm-handler.c esm_handle_pdn_connectivity_request denial of service |
| CVE-2025-8801 | 2025-08-10 | Open5GS AMF gmm-sm.c gmm_state_exception denial of service |
| CVE-2025-8802 | 2025-08-10 | Open5GS SMF smf-sm.c smf_state_operational denial of service |
| CVE-2025-8803 | 2025-08-10 | Open5GS AMF gmm-sm.c gmm_state_exception denial of service |
| CVE-2025-8804 | 2025-08-10 | Open5GS AMF ngap_build_downlink_nas_transport assertion |
| CVE-2025-8805 | 2025-08-10 | Open5GS SMF gsm-sm.c smf_gsm_state_wait_pfcp_deletion denial of service |
| CVE-2025-8806 | 2025-08-10 | zhilink 智互联(深圳)科技有限公司 ADP Application Developer Platform 应用开发者平台 treeData sql injection |
| CVE-2025-8807 | 2025-08-10 | xujeff tianti 天梯 save authorization |
| CVE-2025-8808 | 2025-08-10 | xujeff tianti 天梯 com.jeff.tianti.controller save exportOrder csv injection |
| CVE-2025-8809 | 2025-08-10 | code-projects Online Medicine Guide addelidetails.php sql injection |
| CVE-2025-8810 | 2025-08-10 | Tenda AC20 SetFirewallCfg strcpy stack-based overflow |
| CVE-2025-8811 | 2025-08-10 | code-projects Simple Art Gallery registration.php sql injection |
| CVE-2025-8812 | 2025-08-10 | atjiu pybbs Admin Panel settings cross site scripting |
| CVE-2025-8813 | 2025-08-10 | atjiu pybbs IndexController.java changeLanguage redirect |
| CVE-2025-8814 | 2025-08-10 | atjiu pybbs CookieUtil.java setCookie cross-site request forgery |
| CVE-2025-8815 | 2025-08-10 | 猫宁i Morning Shiro Configuration index path traversal |
| CVE-2025-8816 | 2025-08-10 | Linksys RE6250/RE6300/RE6350/RE6500/RE7000/RE9000 setOpMode stack-based overflow |
| CVE-2025-8817 | 2025-08-10 | Linksys RE6250/RE6300/RE6350/RE6500/RE7000/RE9000 setLan stack-based overflow |
| CVE-2025-8818 | 2025-08-10 | Linksys RE6250/RE6300/RE6350/RE6500/RE7000/RE9000 setLan setDFSSetting os command injection |
| CVE-2025-8819 | 2025-08-10 | Linksys RE6250/RE6300/RE6350/RE6500/RE7000/RE9000 setWan stack-based overflow |
| CVE-2025-8820 | 2025-08-10 | Linksys RE6250/RE6300/RE6350/RE6500/RE7000/RE9000 wirelessBasic stack-based overflow |
| CVE-2025-45146 | 2025-08-11 | ModelCache for LLM through v0.2.0 was discovered to contain an deserialization vulnerability via the component /manager/data_manager.py. This vulnerability allows attackers to execute arbitrary code via supplying crafted data. |
| CVE-2025-51823 | 2025-08-11 | libcsp 2.0 is vulnerable to Buffer Overflow in the csp_eth_init() function due to improper handling of the ifname parameter. The function uses strcpy to copy the interface name into a... |
| CVE-2025-51824 | 2025-08-11 | libcsp 2.0 is vulnerable to Buffer Overflow in the csp_usart_open() function at drivers/usart/zephyr.c. |
| CVE-2025-8821 | 2025-08-11 | Linksys RE6250/RE6300/RE6350/RE6500/RE7000/RE9000 RP_setBasic os command injection |
| CVE-2025-8822 | 2025-08-11 | Linksys RE6250/RE6300/RE6350/RE6500/RE7000/RE9000 setOpMode algDisable stack-based overflow |
| CVE-2025-8823 | 2025-08-11 | Linksys RE6250/RE6300/RE6350/RE6500/RE7000/RE9000 setDeviceName os command injection |
| CVE-2025-8824 | 2025-08-11 | Linksys RE6250/RE6300/RE6350/RE6500/RE7000/RE9000 setRIP stack-based overflow |
| CVE-2025-8825 | 2025-08-11 | Linksys RE6250/RE6300/RE6350/RE6500/RE7000/RE9000 RP_setBasicAuto os command injection |
| CVE-2025-8826 | 2025-08-11 | Linksys RE6250/RE6300/RE6350/RE6500/RE7000/RE9000 RP_setBasicAuto um_rp_autochannel stack-based overflow |
| CVE-2025-27577 | 2025-08-11 | liteos_a has a race condition vulnerability |
| CVE-2025-25278 | 2025-08-11 | liteos_a has a race condition vulnerability |
| CVE-2025-24298 | 2025-08-11 | liteos_a has an UAF vulnerability |
| CVE-2025-24925 | 2025-08-11 | applications_settings has a missing release of memory vulnerability |
| CVE-2025-26690 | 2025-08-11 | communication dsoftbus has a NULL pointer vulnerability |
| CVE-2025-27536 | 2025-08-11 | arkcompiler_ets_runtime has a type confusion vulnerability |
| CVE-2025-24844 | 2025-08-11 | communication_dsoftbus has a missing release of memory vulnerability |
| CVE-2025-25212 | 2025-08-11 | pasteboard has an improper input vulnerability |
| CVE-2025-27128 | 2025-08-11 | liteos_a has an UAF vulnerability |
| CVE-2025-27562 | 2025-08-11 | communication_dsoftbus has a missing release of memory vulnerability |
| CVE-2025-8827 | 2025-08-11 | Linksys RE6250/RE6300/RE6350/RE6500/RE7000/RE9000 RP_setBasicAuto um_inspect_cross_band os command injection |
| CVE-2025-8828 | 2025-08-11 | Linksys RE6250/RE6300/RE6350/RE6500/RE7000/RE9000 setIpv6 ipv6cmd os command injection |
| CVE-2025-8829 | 2025-08-11 | Linksys RE6250/RE6300/RE6350/RE6500/RE7000/RE9000 RP_setBasicAuto um_red os command injection |
| CVE-2025-8854 | 2025-08-11 | bullet3 VHACD utility: stack-based buffer overflow in OFF parser (LoadOFF) |
| CVE-2025-8830 | 2025-08-11 | Linksys RE6250/RE6300/RE6350/RE6500/RE7000/RE9000 setWan sub_3517C os command injection |
| CVE-2025-8831 | 2025-08-11 | Linksys RE6250/RE6300/RE6350/RE6500/RE7000/RE9000 remoteManagement stack-based overflow |
| CVE-2025-8832 | 2025-08-11 | Linksys RE6250/RE6300/RE6350/RE6500/RE7000/RE9000 setDMZ stack-based overflow |
| CVE-2025-7965 | 2025-08-11 | CBX Restaurant Booking <= 1.2.1 - Plugin Reset via CSRF |
| CVE-2025-8833 | 2025-08-11 | Linksys RE6250/RE6300/RE6350/RE6500/RE7000/RE9000 langSwitchBack stack-based overflow |
| CVE-2025-8834 | 2025-08-11 | JCG Link-net LW-N915R Wireless Basic Settings basic.asp cross site scripting |
| CVE-2025-8835 | 2025-08-11 | JasPer Image Color Space Conversion jas_image.c jas_image_chclrspc null pointer dereference |
| CVE-2025-8660 | 2025-08-11 | Privilege Escalation in Symantec PGP Encryption 11.0.1 |
| CVE-2025-8747 | 2025-08-11 | Keras safe_mode bypass allows arbitrary code execution when loading a malicious model. |
| CVE-2025-8836 | 2025-08-11 | JasPer JPEG2000 Encoder jpc_enc.c jpc_floorlog2 assertion |
| CVE-2025-8661 | 2025-08-11 | Stored Cross-Site Scripting in Symantec PGP Encryption 11.0.1 |
| CVE-2025-8837 | 2025-08-11 | JasPer JPEG2000 File jpc_dec.c jpc_dec_dump use after free |
| CVE-2025-8838 | 2025-08-11 | WinterChenS my-site Backend admin preHandle improper authentication |
| CVE-2025-8839 | 2025-08-11 | jshERP Endpoint addUser improper authorization |
| CVE-2025-8853 | 2025-08-11 | 2100 Technology|Official Document Management System - Authentication Bypass |
| CVE-2025-8840 | 2025-08-11 | jshERP Endpoint deleteBatch improper authorization |
| CVE-2025-8841 | 2025-08-11 | zlt2000 microservices-platform FileController.java upload unrestricted upload |
| CVE-2025-8842 | 2025-08-11 | NASM Netwide Assember preproc.c do_directive use after free |
| CVE-2025-8843 | 2025-08-11 | NASM Netwide Assember outmacho.c macho_no_dead_strip heap-based overflow |
| CVE-2025-8844 | 2025-08-11 | NASM Netwide Assember preproc.c parse_smacro_template null pointer dereference |
| CVE-2025-8845 | 2025-08-11 | NASM Netwide Assember nasm.c assemble_file stack-based overflow |
| CVE-2025-8672 | 2025-08-11 | TCC Bypass via Inherited Permissions in Bundled Interpreter in GIMP.app |
| CVE-2025-8846 | 2025-08-11 | NASM Netwide Assember parser.c parse_line stack-based overflow |
| CVE-2025-8862 | 2025-08-11 | YugabyteDB has been collecting diagnostics information from YugabyteDB servers, which may include sensitive gflag configurations. To mitigate this, we recommend upgrading the database to a version where this information is... |
| CVE-2025-8847 | 2025-08-11 | yangzongzhuan RuoYi edit cross site scripting |
| CVE-2025-8863 | 2025-08-11 | YugabyteDB diagnostic information was transmitted over HTTP, which could expose sensitive data during transmission |
| CVE-2025-8864 | 2025-08-11 | Shared Access Signature token is not masked in the backup configuration response and is also exposed in the yb_backup logs |
| CVE-2025-8851 | 2025-08-11 | LibTIFF tiffcrop tiffcrop.c readSeparateStripsetoBuffer stack-based overflow |
| CVE-2025-8852 | 2025-08-11 | WuKongOpenSource WukongCRM API Response upload information exposure |
| CVE-2025-8865 | 2025-08-11 | The YugabyteDB tablet server contains a flaw in its YCQL query handling that can trigger a null pointer dereference when processing certain malformed inputs. An authenticated attacker could exploit this... |
| CVE-2025-8859 | 2025-08-11 | code-projects eBlog Site File Upload save-slider.php unrestricted upload |