CVE List - 2025 / September
Showing 2901 - 3000 of 4322 CVEs for September 2025 (Page 30 of 44)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2025-59717 | 2025-09-19 | In the @digitalocean/do-markdownit package through 1.16.1 (in npm), the callout and fence_environment plugins perform .includes substring matching if allowedClasses or allowedEnvironments is a string (instead of an array). |
| CVE-2025-6198 | 2025-09-19 | Supermicro BMC firmware update validation bypass |
| CVE-2025-7937 | 2025-09-19 | Supermicro BMC firmware update validation bypass |
| CVE-2025-10690 | 2025-09-19 | Goza - Nonprofit Charity WordPress Theme <= 3.2.2 - Missing Authorization to Unauthenticated Arbitrary File Upload via Plugin Installation |
| CVE-2025-8487 | 2025-09-19 | Kubio AI Page Builder <= 2.6.3 - Missing Authorization to Authenticated (Subscriber+) Limited Plugin Installation |
| CVE-2025-10146 | 2025-09-19 | Download Manager <= 3.3.23 - Reflected Cross-Site Scripting via `user_ids` Parameter |
| CVE-2025-5955 | 2025-09-19 | Service Finder SMS System <= 2.0.0 - Authentication Bypass |
| CVE-2025-10457 | 2025-09-19 | Bluetooth: Out-Of-Context le_conn_rsp Handling |
| CVE-2025-7403 | 2025-09-19 | Bluetooth: bt_conn_tx_processor unsafe handling |
| CVE-2025-10458 | 2025-09-19 | Bluetooth: le_conn_rsp does not sanitize CID, MTU, MPS values |
| CVE-2025-10456 | 2025-09-19 | Bluetooth: Semi-Arbitrary ability to make the BLE Target send disconnection requests |
| CVE-2025-5948 | 2025-09-19 | Service Finder Bookings <= 6.0 - Unauthenticated Privilege Escalation via claim_business |
| CVE-2025-7702 | 2025-09-19 | Open Redirect in PUSULA's Manageable Email Sending System |
| CVE-2025-9906 | 2025-09-19 | Arbitrary Code execution in Keras Safe Mode |
| CVE-2025-9905 | 2025-09-19 | Arbitary Code execution in Keras load_model() |
| CVE-2025-10647 | 2025-09-19 | Embed PDF for WPForms <= 1.1.5 - Authenticated (Subscriber+) Arbitrary File Upload |
| CVE-2025-8531 | 2025-09-19 | Improper Handling of Length Parameter Inconsistency vulnerability in Mitsubishi Electric Corporation MELSEC-Q Series Q03UDVCPU, Q04UDVCPU, Q06UDVCPU, Q13UDVCPU, Q26UDVCPU, Q04UDPVCPU, Q06UDPVCPU, Q13UDPVCPU, and Q26UDPVCPU with the first 5 digits of serial... |
| CVE-2025-10630 | 2025-09-19 | Regex DoS in Grafana Zabbix Plugin |
| CVE-2025-10719 | 2025-09-19 | WisdomGarden|Tronclass - Insecure Direct Object Reference |
| CVE-2025-10468 | 2025-09-19 | Path Traversal in Beyaz Computer's CityPLus |
| CVE-2025-9969 | 2025-09-19 | Reflected XSS in Vizly Web Design's Real Estate Packages |
| CVE-2025-10707 | 2025-09-19 | JeecgBoot sendMsg improper authorization |
| CVE-2025-10708 | 2025-09-19 | Four-Faith Water Conservancy Informatization Platform historyDownload.do;usrlogout.do path traversal |
| CVE-2025-10709 | 2025-09-19 | Four-Faith Water Conservancy Informatization Platform historyDownload.do;otheruserLogin.do;getfile path traversal |
| CVE-2025-7665 | 2025-09-19 | Miniorange OTP Verification with Firebase 3.1.0 - 3.6.2 - Unauthenticated Privilege Escalation |
| CVE-2025-10710 | 2025-09-19 | 07FLYCMS/07FLY-CMS/07FlyCRM index.php cross site scripting |
| CVE-2025-10711 | 2025-09-19 | 07FLYCMS/07FLY-CMS/07FlyCRM Login cross site scripting |
| CVE-2025-46703 | 2025-09-19 | Potential XSS in Extension:AtMentions |
| CVE-2025-48007 | 2025-09-19 | Potential XSS in Extension:BlueSpiceAvatars |
| CVE-2025-57880 | 2025-09-19 | Potential XSS in Extension:BlueSpiceWhoIsOnline |
| CVE-2025-58114 | 2025-09-19 | Potential XSS in Extension:CognitiveProcessDesigner |
| CVE-2025-10712 | 2025-09-19 | 07FLYCMS/07FLY-CMS/07FlyCRM login sql injection |
| CVE-2025-10715 | 2025-09-19 | APEUni PTE Exam Practice App com.ape_edication AndroidManifest.xml improper export of android application components |
| CVE-2025-8532 | 2025-09-19 | IDOR in Bimser's eBA Document and Workflow Management System |
| CVE-2025-10716 | 2025-09-19 | Creality Cloud App com.cxsw.sdprinter AndroidManifest.xml improper export of android application components |
| CVE-2025-10717 | 2025-09-19 | intsig CamScanner App com.intsig.camscanner AndroidManifest.xml improper export of android application components |
| CVE-2025-8664 | 2025-09-19 | XSS in Saysis Computer Systems' StarCities |
| CVE-2025-59344 | 2025-09-19 | AliasVault Vulnerable to Server-Side Request Forgery via Favicon Extraction |
| CVE-2025-39837 | 2025-09-19 | platform/x86: asus-wmi: Fix racy registrations |
| CVE-2025-39838 | 2025-09-19 | cifs: prevent NULL pointer dereference in UTF16 conversion |
| CVE-2025-39839 | 2025-09-19 | batman-adv: fix OOB read/write in network-coding decode |
| CVE-2025-39840 | 2025-09-19 | audit: fix out-of-bounds read in audit_compare_dname_path() |
| CVE-2025-39841 | 2025-09-19 | scsi: lpfc: Fix buffer free/clear order in deferred receive path |
| CVE-2025-39842 | 2025-09-19 | ocfs2: prevent release journal inode after journal shutdown |
| CVE-2025-39843 | 2025-09-19 | mm: slub: avoid wake up kswapd in set_track_prepare |
| CVE-2025-39844 | 2025-09-19 | mm: move page table sync declarations to linux/pgtable.h |
| CVE-2025-39845 | 2025-09-19 | x86/mm/64: define ARCH_PAGE_TABLE_SYNC_MASK and arch_sync_kernel_mappings() |
| CVE-2025-39846 | 2025-09-19 | pcmcia: Fix a NULL pointer dereference in __iodyn_find_io_region() |
| CVE-2025-39847 | 2025-09-19 | ppp: fix memory leak in pad_compress_skb |
| CVE-2025-39848 | 2025-09-19 | ax25: properly unshare skbs in ax25_kiss_rcv() |
| CVE-2025-39849 | 2025-09-19 | wifi: cfg80211: sme: cap SSID length in __cfg80211_connect_result() |
| CVE-2025-39850 | 2025-09-19 | vxlan: Fix NPD in {arp,neigh}_reduce() when using nexthop objects |
| CVE-2025-39851 | 2025-09-19 | vxlan: Fix NPD when refreshing an FDB entry with a nexthop object |
| CVE-2025-39852 | 2025-09-19 | net/tcp: Fix socket memory leak in TCP-AO failure handling for IPv6 |
| CVE-2025-39853 | 2025-09-19 | i40e: Fix potential invalid access when MAC list is empty |
| CVE-2025-39854 | 2025-09-19 | ice: fix NULL access of tx->in_use in ice_ll_ts_intr |
| CVE-2025-39855 | 2025-09-19 | ice: fix NULL access of tx->in_use in ice_ptp_ts_irq |
| CVE-2025-39856 | 2025-09-19 | net: ethernet: ti: am65-cpsw-nuss: Fix null pointer dereference for ndev |
| CVE-2025-39857 | 2025-09-19 | net/smc: fix one NULL pointer dereference in smc_ib_is_sg_need_sync() |
| CVE-2025-39858 | 2025-09-19 | eth: mlx4: Fix IS_ERR() vs NULL check bug in mlx4_en_create_rx_ring |
| CVE-2025-39859 | 2025-09-19 | ptp: ocp: fix use-after-free bugs causing by ptp_ocp_watchdog |
| CVE-2025-39860 | 2025-09-19 | Bluetooth: Fix use-after-free in l2cap_sock_cleanup_listen() |
| CVE-2025-39861 | 2025-09-19 | Bluetooth: vhci: Prevent use-after-free by removing debugfs files early |
| CVE-2025-39862 | 2025-09-19 | wifi: mt76: mt7915: fix list corruption after hardware restart |
| CVE-2025-39863 | 2025-09-19 | wifi: brcmfmac: fix use-after-free when rescheduling brcmf_btcoex_info work |
| CVE-2025-39864 | 2025-09-19 | wifi: cfg80211: fix use-after-free in cmp_bss() |
| CVE-2025-39865 | 2025-09-19 | tee: fix NULL pointer dereference in tee_shm_put |
| CVE-2025-39866 | 2025-09-19 | fs: writeback: fix use-after-free in __mark_inode_dirty() |
| CVE-2025-59427 | 2025-09-19 | Cloudflare vite plugin exposes secrets over the built-in dev server |
| CVE-2025-10718 | 2025-09-19 | Ooma Office Business Phone App com.ooma.office2 improper export of android application components |
| CVE-2025-36248 | 2025-09-19 | IBM Copy Services Manager cross-site scripting |
| CVE-2025-10721 | 2025-09-19 | Webull Investing & Trading App AndroidManifest.xml improper export of android application components |
| CVE-2025-10722 | 2025-09-19 | SKTLab Mukbee App com.dw.android.mukbee AndroidManifest.xml improper export of android application components |
| CVE-2025-26514 | 2025-09-19 | CVE-2025-26514 Reflected Cross-Site Scripting Vulnerability in StorageGRID (formerly StorageGRID Webscale) |
| CVE-2025-26515 | 2025-09-19 | CVE-2025-26515 Server-Side Request Forgery Vulnerability in StorageGRID (formerly StorageGRID Webscale) |
| CVE-2025-34203 | 2025-09-19 | Vasion Print (formerly PrinterLogic) Use of Outdated, End-Of-Life, and Vulnerable Third-Party Components |
| CVE-2025-34195 | 2025-09-19 | Vasion Print (formerly PrinterLogic) Unquoted Path During Driver Installation Leads to Execution of C:\Program.exe |
| CVE-2025-34192 | 2025-09-19 | Vasion Print (formerly PrinterLogic) Usage of Outdated and Unsupported OpenSSL Version |
| CVE-2025-34197 | 2025-09-19 | Vasion Print (formerly PrinterLogic) Undocumented Local Account with Hardcoded Password and Passwordless sudo |
| CVE-2025-34198 | 2025-09-19 | Vasion Print (formerly PrinterLogic) Shared / Hardcoded SSH Host Private Keys in Appliance Image |
| CVE-2025-34204 | 2025-09-19 | Vasion Print (formerly PrinterLogic) Processes Running as Root Inside Docker Instances |
| CVE-2025-34200 | 2025-09-19 | Vasion Print (formerly PrinterLogic) Network Account Password Stored in Cleartext |
| CVE-2025-34194 | 2025-09-19 | Vasion Print (formerly PrinterLogic) Local Privilege Escalation via Insecure Temporary File Handling |
| CVE-2025-34188 | 2025-09-19 | Vasion Print (formerly PrinterLogic) Local Log Disclosure of Cleartext Sessions |
| CVE-2025-34201 | 2025-09-19 | Vasion Print (formerly PrinterLogic) Lack of Network Segmentation Between Docker Instances |
| CVE-2025-34193 | 2025-09-19 | Vasion Print (formerly PrinterLogic) Insecure Windows Components Lack Modern Memory Protections and Use Outdated Runtimes |
| CVE-2025-34199 | 2025-09-19 | Vasion Print (formerly PrinterLogic) Insecure SSL Verification Allows Man-in-the-Middle Attacks |
| CVE-2025-34206 | 2025-09-19 | Vasion Print (formerly PrinterLogic) Insecure Shared Storage Permissions |
| CVE-2025-34189 | 2025-09-19 | Vasion Print (formerly PrinterLogic) Insecure Inter-Process Communication Allows Local Session Hijacking |
| CVE-2025-34202 | 2025-09-19 | Vasion Print (formerly PrinterLogic) Insecure Access to Docker Instances WAN |
| CVE-2025-43803 | 2025-09-19 | Insecure direct object reference (IDOR) vulnerability in the Contacts Center widget in Liferay Portal 7.4.0 through 7.4.3.119, and older unsupported versions, and Liferay DXP 2023.Q4.0 through 2023.Q4.6, 2023.Q3.1 through 2023.Q3.10,... |
| CVE-2025-34205 | 2025-09-19 | Vasion Print (formerly PrinterLogic) Dangerous PHP Dead Code Enables RCE |
| CVE-2025-34190 | 2025-09-19 | Vasion Print (formerly PrinterLogic) PrinterInstallerClientService Authentication Bypass via LD_PRELOAD Hooking |
| CVE-2025-26516 | 2025-09-19 | CVE-2025-26516 Denial of Service Vulnerability in StorageGRID (formerly StorageGRID Webscale) |
| CVE-2025-34191 | 2025-09-19 | Vasion Print (formerly PrinterLogic) Arbitrary File Write as Root via Response Path Symlink Follow |
| CVE-2025-26517 | 2025-09-19 | CVE-2025-26517 Privilege Escalation Vulnerability in StorageGRID (formerly StorageGRID Webscale) |
| CVE-2024-13990 | 2025-09-19 | MicroWorld eScan AV Insecure Update Mechanism Allows Man-in-the-Middle Replacement of Updates |
| CVE-2022-4980 | 2025-09-19 | General Bytes Crypto Application Server (CAS) Unauthenticated Creation of Admin Account via Default-installation/First-admin Page |
| CVE-2025-43809 | 2025-09-19 | Cross-Site Request Forgery (CSRF) vulnerability in the server (license) registration page in Liferay Portal 7.4.0 through 7.4.3.111, and older unsupported versions, and Liferay DXP 2023.Q4.0 through 2023.Q4.7, 2023.Q3.1 through 2023.Q3.9,... |
| CVE-2025-9079 | 2025-09-19 | Admin RCE via prepackaged plugins by way of misconfigured imports directory |