CVE List - 2025 / September
Showing 2301 - 2400 of 4322 CVEs for September 2025 (Page 24 of 44)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2023-53301 | 2025-09-16 | f2fs: fix kernel crash due to null io->bio |
| CVE-2023-53302 | 2025-09-16 | wifi: iwl4965: Add missing check for create_singlethread_workqueue() |
| CVE-2023-53303 | 2025-09-16 | net: microchip: vcap api: Fix possible memory leak for vcap_dup_rule() |
| CVE-2025-2404 | 2025-09-16 | XSS in Ubit Information Technologies' STOYS |
| CVE-2025-4688 | 2025-09-16 | SQLi in BGS Interactive's SINAV.LINK Exam Result Module |
| CVE-2025-10316 | 2025-09-16 | Cross-Site Scripting in extension "Form to Database" (form_to_database) |
| CVE-2025-26710 | 2025-09-16 | There is an an information disclosure vulnerability in ZTE T5400. Due to improper configuration of the access control mechanism, attackers can obtain information through interfaces without authorization, causing the risk... |
| CVE-2025-26711 | 2025-09-16 | There is an unauthorized access vulnerability in ZTE T5400. Due to improper permission control of the Web module interface, an unauthorized attacker can obtain sensitive information through the interface. |
| CVE-2025-10015 | 2025-09-16 | TCC Bypass via Downloader XPC Service in Sparkle |
| CVE-2025-10016 | 2025-09-16 | Local Privilege Escalation in Sparkle Autoupdate Daemon |
| CVE-2025-41248 | 2025-09-16 | CVE-2025-41248: Spring Security authorization bypass for method security annotations on parameterized types |
| CVE-2025-41249 | 2025-09-16 | CVE-2025-41249: Spring Framework Annotation Detection Vulnerability |
| CVE-2025-8446 | 2025-09-16 | Blaze Demo Importer <= 1.0.12 - Missing Authorization to Authenticated (Subscriber+) Limited Plugin Install |
| CVE-2024-12913 | 2025-09-16 | SQLi in Megatek Communication System's Azora Wireless Network Management |
| CVE-2025-6575 | 2025-09-16 | XSS in Dolusoft's Omaspot |
| CVE-2025-7744 | 2025-09-16 | SQLi in Dolusoft's Omaspot |
| CVE-2025-7743 | 2025-09-16 | Sensitive Data Exposure in Dolusoft's Omaspot |
| CVE-2025-55109 | 2025-09-16 | BMC Control-M/Agent default SSL/TLS configuration authenticated bypass |
| CVE-2025-55110 | 2025-09-16 | BMC Control-M/Agent hardcoded default keystore password |
| CVE-2025-55111 | 2025-09-16 | BMC Control-M/Agent insecure default file permissions |
| CVE-2025-10546 | 2025-09-16 | Cross-Site Scripting (XSS) Vulnerability in PPC XPON ONT Wi-Fi Router |
| CVE-2025-55112 | 2025-09-16 | BMC Control-M/Agent hardcoded Blowfish keys |
| CVE-2025-55113 | 2025-09-16 | BMC Control-M/Agent unescaped NULL byte in access control list checks |
| CVE-2025-55114 | 2025-09-16 | BMC Control-M/Agent improper IP address filtering order |
| CVE-2025-55115 | 2025-09-16 | BMC Control-M/Agent path traversal local privilege escalation |
| CVE-2025-55116 | 2025-09-16 | BMC Control-M/Agent buffer overflow local privilege escalation |
| CVE-2025-55117 | 2025-09-16 | BMC Control-M/Agent buffer overflow in SSL/TLS communication |
| CVE-2025-55118 | 2025-09-16 | BMC Control-M/Agent memory corruption in SSL/TLS communication |
| CVE-2025-10533 | 2025-09-16 | Integer overflow in the SVG component |
| CVE-2025-10527 | 2025-09-16 | Sandbox escape due to use-after-free in the Graphics: Canvas2D component |
| CVE-2025-10528 | 2025-09-16 | Sandbox escape due to undefined behavior, invalid pointer in the Graphics: Canvas2D component |
| CVE-2025-10529 | 2025-09-16 | Same-origin policy bypass in the Layout component |
| CVE-2025-10532 | 2025-09-16 | Incorrect boundary conditions in the JavaScript: GC component |
| CVE-2025-10536 | 2025-09-16 | Information disclosure in the Networking: Cache component |
| CVE-2025-10537 | 2025-09-16 | Memory safety bugs fixed in Firefox ESR 140.3, Thunderbird ESR 140.3, Firefox 143 and Thunderbird 143 |
| CVE-2025-10530 | 2025-09-16 | Spoofing issue in the WebAuthn component in Firefox for Android |
| CVE-2025-10531 | 2025-09-16 | Mitigation bypass in the Web Compatibility: Tooling component |
| CVE-2025-10534 | 2025-09-16 | Spoofing issue in the Site Permissions component |
| CVE-2025-10535 | 2025-09-16 | Information disclosure, mitigation bypass in the Privacy component in Firefox for Android |
| CVE-2025-10290 | 2025-09-16 | Opening links via the contextual menu in Focus for iOS would not update the toolbar UI correctly, allowing attackers to spoof websites |
| CVE-2025-7355 | 2025-09-16 | IDOR in Beefull Energy Technologies' Beefull App |
| CVE-2025-39805 | 2025-09-16 | net: macb: fix unregister_netdev call order in macb_remove() |
| CVE-2025-39806 | 2025-09-16 | HID: multitouch: fix slab out-of-bounds access in mt_report_fixup() |
| CVE-2025-39807 | 2025-09-16 | drm/mediatek: Add error handling for old state CRTC in atomic_disable |
| CVE-2025-39808 | 2025-09-16 | HID: hid-ntrig: fix unable to handle page fault in ntrig_report_version() |
| CVE-2025-39809 | 2025-09-16 | HID: intel-thc-hid: intel-quicki2c: Fix ACPI dsd ICRS/ISUB length |
| CVE-2025-39810 | 2025-09-16 | bnxt_en: Fix memory corruption when FW resources change during ifdown |
| CVE-2025-39811 | 2025-09-16 | drm/xe/vm: Clear the scratch_pt pointer on error |
| CVE-2025-39812 | 2025-09-16 | sctp: initialize more fields in sctp_v6_from_sk() |
| CVE-2025-39813 | 2025-09-16 | ftrace: Fix potential warning in trace_printk_seq during ftrace_dump |
| CVE-2025-39814 | 2025-09-16 | ice: fix NULL pointer dereference in ice_unplug_aux_dev() on reset |
| CVE-2025-39815 | 2025-09-16 | RISC-V: KVM: fix stack overrun when loading vlenb |
| CVE-2025-39816 | 2025-09-16 | io_uring/kbuf: always use READ_ONCE() to read ring provided buffer lengths |
| CVE-2025-39817 | 2025-09-16 | efivarfs: Fix slab-out-of-bounds in efivarfs_d_compare |
| CVE-2025-39818 | 2025-09-16 | HID: intel-thc-hid: intel-thc: Fix incorrect pointer arithmetic in I2C regs save |
| CVE-2025-39819 | 2025-09-16 | fs/smb: Fix inconsistent refcnt update |
| CVE-2025-39820 | 2025-09-16 | drm/msm/dpu: Add a null ptr check for dpu_encoder_needs_modeset |
| CVE-2025-39821 | 2025-09-16 | perf: Avoid undefined behavior from stopping/starting inactive events |
| CVE-2025-39822 | 2025-09-16 | io_uring/kbuf: fix signedness in this_len calculation |
| CVE-2025-39823 | 2025-09-16 | KVM: x86: use array_index_nospec with indices that come from guest |
| CVE-2025-39824 | 2025-09-16 | HID: asus: fix UAF via HID_CLAIMED_INPUT validation |
| CVE-2025-39825 | 2025-09-16 | smb: client: fix race with concurrent opens in rename(2) |
| CVE-2025-39826 | 2025-09-16 | net: rose: convert 'use' field to refcount_t |
| CVE-2025-39827 | 2025-09-16 | net: rose: include node references in rose_neigh refcount |
| CVE-2025-39828 | 2025-09-16 | atm: atmtcp: Prevent arbitrary write in atmtcp_recv_control(). |
| CVE-2025-39829 | 2025-09-16 | trace/fgraph: Fix the warning caused by missing unregister notifier |
| CVE-2025-39830 | 2025-09-16 | net/mlx5: HWS, Fix memory leak in hws_pool_buddy_init error path |
| CVE-2025-39831 | 2025-09-16 | fbnic: Move phylink resume out of service_task and into open/close |
| CVE-2025-39832 | 2025-09-16 | net/mlx5: Fix lockdep assertion on sync reset unload event |
| CVE-2025-39833 | 2025-09-16 | mISDN: hfcpci: Fix warning when deleting uninitialized timer |
| CVE-2025-39834 | 2025-09-16 | net/mlx5: HWS, Fix memory leak in hws_action_get_shared_stc_nic error flow |
| CVE-2025-39835 | 2025-09-16 | xfs: do not propagate ENODATA disk errors into xattr code |
| CVE-2025-39836 | 2025-09-16 | efi: stmm: Fix incorrect buffer allocation method |
| CVE-2024-12796 | 2025-09-16 | Reflected XSS in Holistic IT, Consultancy Coop.'s Workcube ERP |
| CVE-2025-8276 | 2025-09-16 | HTML Injection in Patika Global Technologies' HumanSuite |
| CVE-2025-8057 | 2025-09-16 | IDOR in Patika Global Technologies' HumanSuite |
| CVE-2024-13149 | 2025-09-16 | SQLi in Arma Store's Armalife |
| CVE-2025-8893 | 2025-09-16 | PDF File Parsing Out-of-Bounds Write Vulnerability |
| CVE-2025-59333 | 2025-09-16 | @executeautomation/database-server does not properly restrict access, bypassing a "read-only" mode |
| CVE-2025-8894 | 2025-09-16 | PDF File Parsing Heap-Based Buffer Overflow Vulnerability |
| CVE-2024-13174 | 2025-09-16 | SQLi in E1 Informatics' Web Application |
| CVE-2009-20005 | 2025-09-16 | InterSystems Caché UtilConfigHome.csp Stack Buffer Overflow |
| CVE-2009-20006 | 2025-09-16 | osCommerce <= 2.2 Admin File Manager Arbitrary PHP Code Execution |
| CVE-2009-20007 | 2025-09-16 | Talkative IRC v0.4.4.16 Response Buffer Overflow |
| CVE-2025-36244 | 2025-09-16 | IBM AIX privilege escalation |
| CVE-2025-59270 | 2025-09-16 | psPAS does not enforce TLS 1.2 within Get-PASSAMLResponse |
| CVE-2025-4953 | 2025-09-16 | Podman: build context bind mount |
| CVE-2025-41243 | 2025-09-16 | Spring Expression Language property modification using Spring Cloud Gateway Server WebFlux |
| CVE-2025-58749 | 2025-09-16 | WAMR runtime hangs or crashes with large memory.fill addresses in LLVM-JIT mode |
| CVE-2025-43801 | 2025-09-16 | Unchecked input for loop condition vulnerability in XML-RPC in Liferay Portal 7.4.0 through 7.4.3.111, and older unsupported versions, and Liferay DXP 2023.Q4.0, 2023.Q3.1 through 2023.Q3.4, 7.4 GA through update 92,... |
| CVE-2022-50339 | 2025-09-16 | Bluetooth: avoid hci_dev_test_and_set_flag() in mgmt_init_hdev() |
| CVE-2022-50340 | 2025-09-16 | media: vimc: Fix wrong function called when vimc_init() fails |
| CVE-2022-50341 | 2025-09-16 | cifs: fix oops during encryption |
| CVE-2022-50342 | 2025-09-16 | floppy: Fix memory leak in do_floppy_init() |
| CVE-2022-50343 | 2025-09-16 | rapidio: fix possible name leaks when rio_add_device() fails |
| CVE-2022-50344 | 2025-09-16 | ext4: fix null-ptr-deref in ext4_write_info |
| CVE-2022-50346 | 2025-09-16 | ext4: init quota for 'old.inode' in 'ext4_rename' |
| CVE-2022-50347 | 2025-09-16 | mmc: rtsx_usb_sdmmc: fix return value check of mmc_add_host() |
| CVE-2022-50348 | 2025-09-16 | nfsd: Fix a memory leak in an error handling path |
| CVE-2022-50349 | 2025-09-16 | misc: tifm: fix possible memory leak in tifm_7xx1_switch_media() |