CVE List - 2025 / September
Showing 1601 - 1700 of 4322 CVEs for September 2025 (Page 17 of 44)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2025-10251 | 2025-09-11 | FoxCMS Images.php batchCope sql injection |
| CVE-2025-10252 | 2025-09-11 | SEAT Queue Ticket Kiosk Java RMI Registry deserialization |
| CVE-2025-8716 | 2025-09-11 | Cache exploitation vulnerability |
| CVE-2025-10253 | 2025-09-11 | openDCIM SVG File uploadifive.php cross site scripting |
| CVE-2025-27466 | 2025-09-11 | Mutiple vulnerabilities in the Viridian interface |
| CVE-2025-58142 | 2025-09-11 | Mutiple vulnerabilities in the Viridian interface |
| CVE-2025-58143 | 2025-09-11 | Mutiple vulnerabilities in the Viridian interface |
| CVE-2025-10193 | 2025-09-11 | Neo4j Cypher MCP server is vulnerable to DNS rebinding attacks |
| CVE-2025-58144 | 2025-09-11 | Arm issues with page refcounting |
| CVE-2025-58145 | 2025-09-11 | Arm issues with page refcounting |
| CVE-2025-10254 | 2025-09-11 | Ascensio System SIA OnlyOffice SVG Image Messages.aspx cross site scripting |
| CVE-2025-10255 | 2025-09-11 | Ascensio System SIA OnlyOffice Comment Messages.aspx cross site scripting |
| CVE-2025-26499 | 2025-09-11 | Under heavy system utilization a random race condition can occur during authentication or token refresh operation. This flaw allows one user to be granted a token intended for another user,... |
| CVE-2025-40300 | 2025-09-11 | x86/vmscape: Add conditional IBPB mitigation |
| CVE-2025-39736 | 2025-09-11 | mm/kmemleak: avoid deadlock by moving pr_warn() outside kmemleak_lock |
| CVE-2025-39737 | 2025-09-11 | mm/kmemleak: avoid soft lockup in __kmemleak_do_cleanup() |
| CVE-2025-39738 | 2025-09-11 | btrfs: do not allow relocation of partially dropped subvolumes |
| CVE-2025-39739 | 2025-09-11 | iommu/arm-smmu-qcom: Add SM6115 MDSS compatible |
| CVE-2025-39740 | 2025-09-11 | drm/xe/migrate: prevent potential UAF |
| CVE-2025-39741 | 2025-09-11 | drm/xe/migrate: don't overflow max copy size |
| CVE-2025-39742 | 2025-09-11 | RDMA: hfi1: fix possible divide-by-zero in find_hw_thread_mask() |
| CVE-2025-39743 | 2025-09-11 | jfs: truncate good inode pages when hard link is 0 |
| CVE-2025-39744 | 2025-09-11 | rcu: Fix rcu_read_unlock() deadloop due to IRQ work |
| CVE-2025-39745 | 2025-09-11 | rcutorture: Fix rcutorture_one_extend_check() splat in RT kernels |
| CVE-2025-39746 | 2025-09-11 | wifi: ath10k: shutdown driver when hardware is unreliable |
| CVE-2025-39747 | 2025-09-11 | drm/msm: Add error handling for krealloc in metadata setup |
| CVE-2025-39748 | 2025-09-11 | bpf: Forget ranges when refining tnum after JSET |
| CVE-2025-39749 | 2025-09-11 | rcu: Protect ->defer_qs_iw_pending from data race |
| CVE-2025-39750 | 2025-09-11 | wifi: ath12k: Correct tid cleanup when tid setup fails |
| CVE-2025-39752 | 2025-09-11 | ARM: rockchip: fix kernel hang during smp initialization |
| CVE-2025-39753 | 2025-09-11 | gfs2: Set .migrate_folio in gfs2_{rgrp,meta}_aops |
| CVE-2025-39754 | 2025-09-11 | mm/smaps: fix race between smaps_hugetlb_range and migration |
| CVE-2025-39756 | 2025-09-11 | fs: Prevent file descriptor table allocations exceeding INT_MAX |
| CVE-2025-39757 | 2025-09-11 | ALSA: usb-audio: Validate UAC3 cluster segment descriptors |
| CVE-2025-39758 | 2025-09-11 | RDMA/siw: Fix the sendmsg byte count in siw_tcp_sendpages |
| CVE-2025-39759 | 2025-09-11 | btrfs: qgroup: fix race between quota disable and quota rescan ioctl |
| CVE-2025-39760 | 2025-09-11 | usb: core: config: Prevent OOB read in SS endpoint companion parsing |
| CVE-2025-39761 | 2025-09-11 | wifi: ath12k: Decrement TID on RX peer frag setup error handling |
| CVE-2025-39762 | 2025-09-11 | drm/amd/display: add null check |
| CVE-2025-39763 | 2025-09-11 | ACPI: APEI: send SIGBUS to current task if synchronous memory error not recovered |
| CVE-2025-39764 | 2025-09-11 | netfilter: ctnetlink: remove refcounting in expectation dumpers |
| CVE-2025-39765 | 2025-09-11 | ALSA: timer: fix ida_free call while not allocated |
| CVE-2025-39766 | 2025-09-11 | net/sched: Make cake_enqueue return NET_XMIT_CN when past buffer_limit |
| CVE-2025-39767 | 2025-09-11 | LoongArch: Optimize module load time by optimizing PLT/GOT counting |
| CVE-2025-39768 | 2025-09-11 | net/mlx5: HWS, fix complex rules rehash error flow |
| CVE-2025-39769 | 2025-09-11 | bnxt_en: Fix lockdep warning during rmmod |
| CVE-2025-39770 | 2025-09-11 | net: gso: Forbid IPv6 TSO with extensions on devices with only IPV6_CSUM |
| CVE-2025-39771 | 2025-09-11 | regulator: pca9450: Use devm_register_sys_off_handler |
| CVE-2025-39772 | 2025-09-11 | drm/hisilicon/hibmc: fix the hibmc loaded failed bug |
| CVE-2025-39773 | 2025-09-11 | net: bridge: fix soft lockup in br_multicast_query_expired() |
| CVE-2025-39774 | 2025-09-11 | iio: adc: rzg2l_adc: Set driver data before enabling runtime PM |
| CVE-2025-39775 | 2025-09-11 | mm/mremap: fix WARN with uffd that has remap events disabled |
| CVE-2025-39776 | 2025-09-11 | mm/debug_vm_pgtable: clear page table entries at destroy_args() |
| CVE-2025-39777 | 2025-09-11 | crypto: acomp - Fix CFI failure due to type punning |
| CVE-2025-39779 | 2025-09-11 | btrfs: subpage: keep TOWRITE tag until folio is cleaned |
| CVE-2025-39780 | 2025-09-11 | sched/ext: Fix invalid task state transitions on class switch |
| CVE-2025-39781 | 2025-09-11 | parisc: Drop WARN_ON_ONCE() from flush_cache_vmap |
| CVE-2025-39782 | 2025-09-11 | jbd2: prevent softlockup in jbd2_log_do_checkpoint() |
| CVE-2025-39783 | 2025-09-11 | PCI: endpoint: Fix configfs group list head handling |
| CVE-2025-39784 | 2025-09-11 | PCI: Fix link speed calculation on retrain failure |
| CVE-2025-39785 | 2025-09-11 | drm/hisilicon/hibmc: fix irq_request()'s irq name variable is local |
| CVE-2025-39786 | 2025-09-11 | iio: adc: ad7173: fix channels index for syscalib_mode |
| CVE-2025-39787 | 2025-09-11 | soc: qcom: mdt_loader: Ensure we don't read past the ELF header |
| CVE-2025-39788 | 2025-09-11 | scsi: ufs: exynos: Fix programming of HCI_UTRL_NEXUS_TYPE |
| CVE-2025-39789 | 2025-09-11 | crypto: x86/aegis - Add missing error checks |
| CVE-2025-39790 | 2025-09-11 | bus: mhi: host: Detect events pointing to unexpected TREs |
| CVE-2025-39791 | 2025-09-11 | dm: dm-crypt: Do not partially accept write BIOs with zoned targets |
| CVE-2025-58060 | 2025-09-11 | cups has Authentication bypass with AuthType Negotiate |
| CVE-2025-58364 | 2025-09-11 | cups: Remote DoS via null dereference |
| CVE-2025-43782 | 2025-09-11 | Insecure Direct Object Reference (IDOR) vulnerability in Liferay Portal 7.4.0 through 7.4.3.124, and Liferay DXP 2024.Q2.0 through 2024.Q2.7, 2024.Q1.1 through 2024.Q1.12, and 7.4 GA through update 92 allows remote authenticated... |
| CVE-2025-43790 | 2025-09-11 | Insecure Direct Object Reference (IDOR) vulnerability in Liferay Portal 7.4.0 through 7.4.3.124, and Liferay DXP 2024.Q2.0 through 2024.Q2.6, 2024.Q1.1 through 2024.Q1.12 and 7.4 GA through update 92 allows remote authenticated... |
| CVE-2025-58065 | 2025-09-11 | Flask App Builder has an Authentication Bypass vulnerability when using non AUTH_DB methods |
| CVE-2025-59047 | 2025-09-11 | matrix-sdk-base has panic in the `RoomMember::normalized_power_level()` method |
| CVE-2025-59053 | 2025-09-11 | AIRI's character card/chat UI is vulnerable to XSS and can lead to RCE |
| CVE-2025-9201 | 2025-09-11 | A potential DLL hijacking vulnerability was discovered in Lenovo Browser during an internal security assessment that could allow a local user to execute code with elevated privileges. |
| CVE-2025-9319 | 2025-09-11 | A potential vulnerability was reported in the Lenovo Wallpaper Client that could allow arbitrary code execution under certain conditions. |
| CVE-2025-9214 | 2025-09-11 | A missing authentication vulnerability was reported in some Lenovo printers that could allow a user to view limited device information or modify network settings via the CUPS service. |
| CVE-2025-8557 | 2025-09-11 | An internal product security audit of Lenovo XClarity Orchestrator (LXCO) discovered the below vulnerability: An attacker with access to a device on the local Lenovo XClarity Orchestrator (LXCO) network segment... |
| CVE-2025-8061 | 2025-09-11 | A potential insufficient access control vulnerability was reported in the Lenovo Dispatcher 3.0 and Dispatcher 3.1 drivers used by some Lenovo consumer notebooks that could allow an authenticated local user... |
| CVE-2025-59055 | 2025-09-11 | InstantCMS vulnerable to Server-Side Request Forgery via package installer |
| CVE-2025-10127 | 2025-09-11 | Daikin Europe N.V Security Gateway Weak Password Recovery Mechanism for Forgotten Password |
| CVE-2025-36222 | 2025-09-11 | IBM Fusion insecure default configuration |
| CVE-2025-10271 | 2025-09-11 | erjinzhi 10OA finder cross site scripting |
| CVE-2025-10272 | 2025-09-11 | erjinzhi 10OA catalogue cross site scripting |
| CVE-2025-10273 | 2025-09-11 | erjinzhi 10OA file.aspx path traversal |
| CVE-2024-45431 | 2025-09-12 | OpenSynergy BlueSDK (aka Blue SDK) through 6.x has Improper Input Validation. The specific flaw exists within the BlueSDK Bluetooth stack. The issue results from the lack of proper validation of... |
| CVE-2024-45432 | 2025-09-12 | OpenSynergy BlueSDK (aka Blue SDK) through 6.x mishandles a function call. The specific flaw exists within the BlueSDK Bluetooth stack. The issue results from an incorrect variable used as a... |
| CVE-2024-45433 | 2025-09-12 | OpenSynergy BlueSDK (aka Blue SDK) through 6.x has Incorrect Control Flow Scoping. The specific flaw exists within the BlueSDK Bluetooth stack. The issue results from the lack of proper return... |
| CVE-2024-45434 | 2025-09-12 | OpenSynergy BlueSDK (aka Blue SDK) through 6.x has a Use-After-Free. The specific flaw exists within the BlueSDK Bluetooth stack. The issue results from the lack of validating the existence of... |
| CVE-2025-45583 | 2025-09-12 | Incorrect access control in the FTP protocol of Audi UTR 2.0 Universal Traffic Recorder 2.0 allows attackers to authenticate into the service using any combination of username and password. |
| CVE-2025-45584 | 2025-09-12 | Incorrect access control in the web service of Audi UTR 2.0 Universal Traffic Recorder 2.0 allows attackers to download car information without authentication. |
| CVE-2025-45585 | 2025-09-12 | Multiple stored cross-site scripting (XSS) vulnerabilities in Audi UTR 2.0 Universal Traffic Recorder 2.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the... |
| CVE-2025-45586 | 2025-09-12 | An issue in Audi UTR 2.0 Universal Traffic Recorder 2.0 allows attackers to arbitrarily overwrite files via supplying a crafted PUT request. |
| CVE-2025-45587 | 2025-09-12 | A stack overflow in the FTP service of Audi UTR 2.0 Universal Traffic Recorder 2.0 allows attackers to cause a Denial of Service (DoS) via a crafted input. |
| CVE-2025-52074 | 2025-09-12 | PHPGURUKUL Online Shopping Portal 2.1 is vulnerable to Cross Site Scripting (XSS) due to lack of input sanitization in the quantity parameter when adding a product to the cart. |
| CVE-2025-55835 | 2025-09-12 | File Upload vulnerability in SueamCMS v.0.1.2 allows a remote attacker to execute arbitrary code via the lack of filtering. |
| CVE-2025-55996 | 2025-09-12 | Viber Desktop 25.6.0 is vulnerable to HTML Injection via the text parameter of the message compose/forward interface |
| CVE-2025-56467 | 2025-09-12 | An issue was discovered in AXIS BANK LIMITED Axis Mobile App 9.9 that allows attackers to obtain sensitive information without a UPI PIN, such as account information, balances, transaction history,... |
| CVE-2025-57577 | 2025-09-12 | An issue in H3C Device R365V300R004 allows a remote attacker to execute arbitrary code via the default password. NOTE: the Supplier's position is that their "product lines enforce or clearly... |
| CVE-2025-57578 | 2025-09-12 | An issue in H3C Magic M Device M2V100R006 allows a remote attacker to execute arbitrary code via the default password |