CVE List - 2025 / September
Showing 3501 - 3600 of 4322 CVEs for September 2025 (Page 36 of 44)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2025-39874 | 2025-09-23 | macsec: sync features on RTM_NEWLINK |
| CVE-2025-39875 | 2025-09-23 | igb: Fix NULL pointer dereference in ethtool loopback test |
| CVE-2025-39876 | 2025-09-23 | net: fec: Fix possible NPD in fec_enet_phy_reset_after_clk_enable() |
| CVE-2025-39877 | 2025-09-23 | mm/damon/sysfs: fix use-after-free in state_show() |
| CVE-2025-39878 | 2025-09-23 | ceph: fix crash after fscrypt_encrypt_pagecache_blocks() error |
| CVE-2025-39879 | 2025-09-23 | ceph: always call ceph_shift_unused_folios_left() |
| CVE-2025-39880 | 2025-09-23 | libceph: fix invalid accesses to ceph_connection_v1_info |
| CVE-2025-39881 | 2025-09-23 | kernfs: Fix UAF in polling when open file is released |
| CVE-2025-39882 | 2025-09-23 | drm/mediatek: fix potential OF node use-after-free |
| CVE-2025-39883 | 2025-09-23 | mm/memory-failure: fix VM_BUG_ON_PAGE(PagePoisoned(page)) when unpoison memory |
| CVE-2025-39884 | 2025-09-23 | btrfs: fix subvolume deletion lockup caused by inodes xarray race |
| CVE-2025-39885 | 2025-09-23 | ocfs2: fix recursive semaphore deadlock in fiemap call |
| CVE-2025-39886 | 2025-09-23 | bpf: Tell memcg to use allow_spinning=false path in bpf_timer_init() |
| CVE-2025-39887 | 2025-09-23 | tracing/osnoise: Fix null-ptr-deref in bitmap_parselist() |
| CVE-2025-39888 | 2025-09-23 | fuse: Block access to folio overlimit |
| CVE-2025-10842 | 2025-09-23 | code-projects Online Bidding System wew.php sql injection |
| CVE-2025-10843 | 2025-09-23 | Reservation Online Hotel Reservation System paypalpayout.php sql injection |
| CVE-2025-10844 | 2025-09-23 | Portabilis i-Educar aluno sql injection |
| CVE-2025-10845 | 2025-09-23 | Portabilis i-Educar view sql injection |
| CVE-2025-10548 | 2025-09-23 | Missing Certificate Validation in CleverControl Installer Allows Remote Code Execution |
| CVE-2025-10846 | 2025-09-23 | Portabilis i-Educar edit sql injection |
| CVE-2025-10848 | 2025-09-23 | Campcodes Society Membership Information System check_student.php sql injection |
| CVE-2025-9588 | 2025-09-23 | OS Command Injection in Iron Mountain's enVision |
| CVE-2025-10851 | 2025-09-23 | Campcodes Gym Management System ajax.php sql injection |
| CVE-2025-10147 | 2025-09-23 | Podlove Podcast Publisher <= 4.2.6 - Unauthenticated Arbitrary File Upload |
| CVE-2025-10857 | 2025-09-23 | Campcodes Point of Sale System POS login.php sql injection |
| CVE-2025-9798 | 2025-09-23 | Stored XSS in Netcad Software's Netigma |
| CVE-2025-9342 | 2025-09-23 | IDOR in Anadolu Hayat Emeklilik's AHE Mobile |
| CVE-2025-10412 | 2025-09-23 | Product Options and Price Calculation Formulas for WooCommerce – Uni CPO (Premium) <= 4.9.54 - Unauthenticated Arbitrary File Upload via 'uni_cpo_upload_file' |
| CVE-2025-7106 | 2025-09-23 | Authorization Bypass due to Incorrect Access Control in danny-avila/librechat |
| CVE-2024-4598 | 2025-09-23 | Information Disclosure in Multiple WSO2 Products Due to Improper Handling in Enrich Mediator |
| CVE-2025-9962 | 2025-09-23 | Unauthenticated Buffer Overflow |
| CVE-2025-9963 | 2025-09-23 | Path Traversal |
| CVE-2025-10244 | 2025-09-23 | HTML Payload Stored Cross-Site Scripting (XSS) Vulnerability |
| CVE-2025-9964 | 2025-09-23 | Weak Authentication for Root User |
| CVE-2025-9965 | 2025-09-23 | UDP Service Weak Authentication |
| CVE-2025-9966 | 2025-09-23 | Execution with Unnecessary Privileges |
| CVE-2025-9846 | 2025-09-23 | Unrestricted File Upload in TaletSys Inka.Net |
| CVE-2025-10184 | 2025-09-23 | OnePlus OxygenOS Telephony provider permission bypass |
| CVE-2025-9844 | 2025-09-23 | Uncontrolled Search Path Element vulnerability in Salesforce Salesforce CLI on Windows allows Replace Trusted Executable.This issue affects Salesforce CLI: before 2.106.6. |
| CVE-2025-8354 | 2025-09-23 | RFA File Parsing Type Confusion Vulnerability |
| CVE-2025-6921 | 2025-09-23 | Regular Expression Denial of Service (ReDoS) in huggingface/transformers |
| CVE-2017-20200 | 2025-09-23 | Coinomi cleartext transmission |
| CVE-2025-4760 | 2025-09-23 | Authenticated Stored Cross-Site Scripting (XSS) in Multiple WSO2 Products via API Document Upload in Publisher |
| CVE-2025-5717 | 2025-09-23 | Authenticated Remote Code Execution in Multiple WSO2 Products via Event Processor Admin Service |
| CVE-2025-9900 | 2025-09-23 | Libtiff: libtiff write-what-where |
| CVE-2024-6429 | 2025-09-23 | Content Spoofing in Multiple WSO2 Products via Error Message Injection |
| CVE-2025-0663 | 2025-09-23 | Potential cross-tenant account takeover vulnerability in Multiple WSO2 Products via Adaptive Authentication and Auto-Login |
| CVE-2025-0209 | 2025-09-23 | Reflected Cross-Site Scripting (XSS) in WSO2 Identity Server Account Registration Flow |
| CVE-2025-58246 | 2025-09-23 | WordPress <= 6.8.2 - (Contributor+) Sensitive Data Exposure Vulnerability |
| CVE-2025-0672 | 2025-09-23 | Authentication Bypass in Multiple WSO2 Products via Stale FIDO Credential Association |
| CVE-2025-59539 | 2025-09-23 | DNN affected by Stored Cross-Site Scripting (XSS) in Profile Biography field |
| CVE-2025-59545 | 2025-09-23 | DNN Vulnerable to Stored Cross-Site Scripting (XSS) in the Prompt module |
| CVE-2025-59546 | 2025-09-23 | DNN Vulnerable to Stored XSS Using Backend Admin Credentials |
| CVE-2025-59821 | 2025-09-23 | DNN vulnerable to Reflected Cross-Site Scripting (XSS) using url to profile |
| CVE-2025-1255 | 2025-09-23 | Untrusted Pointer Dereference vulnerability in RTI Connext Professional (Core Libraries) allows Pointer Manipulation. |
| CVE-2025-4582 | 2025-09-23 | Buffer Over-read, Off-by-one Error vulnerability in RTI Connext Professional (Core Libraries) allows File Manipulation. |
| CVE-2025-4993 | 2025-09-23 | Untrusted Pointer Dereference vulnerability in RTI Connext Professional (Core Libraries) allows Pointer Manipulation. |
| CVE-2025-8410 | 2025-09-23 | Use After Free vulnerability in RTI Connext Professional (Security Plugins) allows File Manipulation. |
| CVE-2025-52905 | 2025-09-23 | TOTOLINK X6000R Argument Injection Vulnerability |
| CVE-2025-59547 | 2025-09-23 | DNN's CKEditor File Uploader functionality vulnerable through Unicode obfuscation |
| CVE-2025-59548 | 2025-09-23 | DNN Vulnerable to Reflected Cross-Site Scripting (XSS) in CKEditor File Browser |
| CVE-2025-54081 | 2025-09-23 | SunshineService Has Unquoted Service Path That Allows Local SYSTEM Code Execution |
| CVE-2025-59534 | 2025-09-23 | CryptoLib command Injection vulnerability in initialize_kerberos_keytab_file_login() |
| CVE-2025-58674 | 2025-09-23 | WordPress <= 6.8.2 - (Author+) Cross Site Scripting (XSS) Vulnerability |
| CVE-2025-59822 | 2025-09-23 | Http4s vulnerable to HTTP Request Smuggling due to improper handling of HTTP trailer section |
| CVE-2025-59825 | 2025-09-23 | astral-tokio-tar has a path traversal in tar extraction |
| CVE-2025-59826 | 2025-09-23 | FlagForgeCTF Vulnerable to Unauthorized Problem Creation |
| CVE-2025-58354 | 2025-09-23 | Kata Containers coco-tdx malicious host can circumvent initdata verification |
| CVE-2024-21927 | 2025-09-23 | Improper input validation in Satellite Management Controller (SMC) may allow an attacker with privileges to use certain special characters in manipulated Redfish® API commands, causing service processes like OpenBMC to... |
| CVE-2024-21935 | 2025-09-23 | Improper input validation in Satellite Management Controller (SMC) may allow an attacker with privileges to manipulate Redfish® API commands to remove files from the local root directory, potentially resulting in... |
| CVE-2025-54855 | 2025-09-23 | AutomationDirect CLICK PLUS Cleartext Storage of Sensitive Information |
| CVE-2025-58069 | 2025-09-23 | AutomationDirect CLICK PLUS Use of Hard-coded Cryptographic Key |
| CVE-2025-59484 | 2025-09-23 | AutomationDirect CLICK PLUS Use of a Broken or Risky Cryptographic Algorithm |
| CVE-2025-55069 | 2025-09-23 | AutomationDirect CLICK PLUS Predictable Seed in Pseudo-Random Number Generator |
| CVE-2025-58473 | 2025-09-23 | AutomationDirect CLICK PLUS Improper Resource Shutdown or Release |
| CVE-2025-55038 | 2025-09-23 | AutomationDirect CLICK PLUS Missing Authorization |
| CVE-2025-57882 | 2025-09-23 | AutomationDirect CLICK PLUS Improper Resource Shutdown or Release |
| CVE-2025-56241 | 2025-09-24 | Aztech DSL5005EN firmware 1.00.AZ_2013-05-10 and possibly other versions allows unauthenticated attackers to change the administrator password via a crafted POST request to sysAccess.asp. This allows full administrative control of the... |
| CVE-2025-56815 | 2025-09-24 | Datart 1.0.0-rc.3 is vulnerable to Directory Traversal in the POST /viz/image interface, since the server directly uses MultipartFile.transferTo() to save the uploaded file to a path controllable by the user,... |
| CVE-2025-56816 | 2025-09-24 | Datart 1.0.0-rc.3 is vulnerable to Directory Traversal. The configuration file handling of the application allows attackers to upload arbitrary YAML files to the config/jdbc-driver-ext.yml path. The application parses this file... |
| CVE-2025-56819 | 2025-09-24 | An issue in Datart v.1.0.0-rc.3 allows a remote attacker to execute arbitrary code via the INIT connection parameter. |
| CVE-2025-57318 | 2025-09-24 | A Prototype Pollution vulnerability in the toCsv function of csvjson versions thru 5.1.0 allows attackers to inject properties on Object.prototype via supplying a crafted payload, causing denial of service (DoS)... |
| CVE-2025-57319 | 2025-09-24 | fast-redact is a package that provides do very fast object redaction. A Prototype Pollution vulnerability in the nestedRestore function of fast-redact version 3.5.0 and before allows attackers to inject properties... |
| CVE-2025-57320 | 2025-09-24 | json-schema-editor-visual is a package that provides jsonschema editor. A Prototype Pollution vulnerability in the setData and deleteData function of json-schema-editor-visual versions thru 1.1.1 allows attackers to inject or delete properties... |
| CVE-2025-57321 | 2025-09-24 | A Prototype Pollution vulnerability in the util-deps.addFileDepend function of magix-combine-ex versions thru 1.2.10 allows attackers to inject properties on Object.prototype via supplying a crafted payload, causing denial of service (DoS)... |
| CVE-2025-57323 | 2025-09-24 | mpregular is a package that provides a small program development framework based on RegularJS. A Prototype Pollution vulnerability in the mp.addEventHandler function of mpregular version 0.2.0 and before allows attackers... |
| CVE-2025-57324 | 2025-09-24 | parse is a package designed to parse JavaScript SDK. A Prototype Pollution vulnerability in the SingleInstanceStateController.initializeState function of parse version 5.3.0 and before allows attackers to inject properties on Object.prototype... |
| CVE-2025-57325 | 2025-09-24 | rollbar is a package designed to effortlessly track and debug errors in JavaScript applications. This package includes advanced error tracking features and an intuitive interface to help you identify and... |
| CVE-2025-57326 | 2025-09-24 | A Prototype Pollution vulnerability in the byGroupAndType function of sassdoc-extras v2.5.1 and before allows attackers to inject properties on Object.prototype via supplying a crafted payload, causing denial of service (DoS)... |
| CVE-2025-57327 | 2025-09-24 | spmrc is a package that provides the rc manager for spm. A Prototype Pollution vulnerability in the set and config function of spmrc version 1.2.0 and before allows attackers to... |
| CVE-2025-57328 | 2025-09-24 | toggle-array is a package designed to enables a property on the object at the specified index, while disabling the property on all other objects. A Prototype Pollution vulnerability in the... |
| CVE-2025-57329 | 2025-09-24 | web3-core-method is a package designed to creates the methods on the web3 modules. A Prototype Pollution vulnerability in the attachToObject function of web3-core-method version 1.10.4 and before allows attackers to... |
| CVE-2025-57330 | 2025-09-24 | The web3-core-subscriptions is a package designed to manages web3 subscriptions. A Prototype Pollution vulnerability in the attachToObject function of web3-core-subscriptions version 1.10.4 and before allows attackers to inject properties on... |
| CVE-2025-57347 | 2025-09-24 | A vulnerability exists in the 'dagre-d3-es' Node.js package version 7.0.9, specifically within the 'bk' module's addConflict function, which fails to properly sanitize user-supplied input during property assignment operations. This flaw... |
| CVE-2025-57348 | 2025-09-24 | The node-cube package (prior to version 5.0.0) contains a vulnerability in its handling of prototype chain initialization, which could allow an attacker to inject properties into the prototype of built-in... |
| CVE-2025-57349 | 2025-09-24 | The messageformat package, an implementation of the Unicode MessageFormat 2 specification for JavaScript, is vulnerable to prototype pollution due to improper handling of message key paths in versions prior to... |
| CVE-2025-57350 | 2025-09-24 | The csvtojson package, a tool for converting CSV data to JSON with customizable parsing capabilities, contains a prototype pollution vulnerability in versions prior to 2.0.10. This issue arises due to... |
| CVE-2025-57351 | 2025-09-24 | A prototype pollution vulnerability exists in the ts-fns package versions prior to 13.0.7, where insufficient validation of user-provided keys in the assign function allows attackers to manipulate the Object.prototype chain.... |
| CVE-2025-57352 | 2025-09-24 | A vulnerability exists in the 'min-document' package prior to version 2.19.0, stemming from improper handling of namespace operations in the removeAttributeNS method. By processing malicious input involving the __proto__ property,... |