CVE List - 2025 / September
Showing 3701 - 3800 of 4322 CVEs for September 2025 (Page 38 of 44)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2025-59833 | 2025-09-24 | FlagForgeCTF Hint Exposure via API |
| CVE-2025-10894 | 2025-09-24 | Nx: nx/devkit: malicious versions of nx and plugins published to npm |
| CVE-2025-54520 | 2025-09-24 | Improper Protection Against Voltage and Clock Glitches in FPGA devices, could allow an attacker with physical access to undervolt the platform resulting in a loss of confidentiality. |
| CVE-2025-26278 | 2025-09-25 | A prototype pollution in the lib.set function of dref v0.1.2 allows attackers to cause a Denial of Service (DoS) via supplying a crafted payload. |
| CVE-2025-29155 | 2025-09-25 | An issue in petstore v.1.0.7 allows a remote attacker to execute arbitrary code via the DELETE endpoint |
| CVE-2025-29156 | 2025-09-25 | Cross Site Scripting vulnerability in petstore v.1.0.7 allows a remote attacker to execute arbitrary code via a crafted script to the /api/v3/pet |
| CVE-2025-29157 | 2025-09-25 | An issue in petstore v.1.0.7 allows a remote attacker to execute arbitrary code via accessing a non-existent endpoint/cart, the server returns a 404-error page exposing sensitive information including the Servlet... |
| CVE-2025-46148 | 2025-09-25 | In PyTorch through 2.6.0, when eager is used, nn.PairwiseDistance(p=2) produces incorrect results. |
| CVE-2025-46149 | 2025-09-25 | In PyTorch before 2.7.0, when inductor is used, nn.Fold has an assertion error. |
| CVE-2025-46150 | 2025-09-25 | In PyTorch before 2.7.0, when torch.compile is used, FractionalMaxPool2d has inconsistent results. |
| CVE-2025-46152 | 2025-09-25 | In PyTorch before 2.7.0, bitwise_right_shift produces incorrect output for certain out-of-bounds values of the "other" argument. |
| CVE-2025-46153 | 2025-09-25 | PyTorch before 3.7.0 has a bernoulli_p decompose function in decompositions.py even though it lacks full consistency with the eager CPU implementation, negatively affecting nn.Dropout1d, nn.Dropout2d, and nn.Dropout3d for fallback_random=True. |
| CVE-2025-48707 | 2025-09-25 | An issue was discovered in Stormshield Network Security (SNS) before 5.0.1. TPM authentication information could, in some HA use cases, be shared among administrators, which can cause secret sharing. |
| CVE-2025-55551 | 2025-09-25 | An issue in the component torch.linalg.lu of pytorch v2.8.0 allows attackers to cause a Denial of Service (DoS) when performing a slice operation. |
| CVE-2025-55552 | 2025-09-25 | pytorch v2.8.0 was discovered to display unexpected behavior when the components torch.rot90 and torch.randn_like are used together. |
| CVE-2025-55553 | 2025-09-25 | A syntax error in the component proxy_tensor.py of pytorch v2.7.0 allows attackers to cause a Denial of Service (DoS). |
| CVE-2025-55554 | 2025-09-25 | pytorch v2.8.0 was discovered to contain an integer overflow in the component torch.nan_to_num-.long(). |
| CVE-2025-55556 | 2025-09-25 | TensorFlow v2.18.0 was discovered to output random results when compiling Embedding, leading to unexpected behavior in the application. |
| CVE-2025-55557 | 2025-09-25 | A Name Error occurs in pytorch v2.7.0 when a PyTorch model consists of torch.cummin and is compiled by Inductor, leading to a Denial of Service (DoS). |
| CVE-2025-55558 | 2025-09-25 | A buffer overflow occurs in pytorch v2.7.0 when a PyTorch model consists of torch.nn.Conv2d, torch.nn.functional.hardshrink, and torch.Tensor.view-torch.mv() and is compiled by Inductor, leading to a Denial of Service (DoS). |
| CVE-2025-55559 | 2025-09-25 | An issue was discovered TensorFlow v2.18.0. A Denial of Service (DoS) occurs when padding is set to 'valid' in tf.keras.layers.Conv2D. |
| CVE-2025-55560 | 2025-09-25 | An issue in pytorch v2.7.0 can lead to a Denial of Service (DoS) when a PyTorch model consists of torch.Tensor.to_sparse() and torch.Tensor.to_dense() and is compiled by Inductor. |
| CVE-2025-56769 | 2025-09-25 | An issue was discovered in chinabugotech hutool before 5.8.4 allowing attackers to execute arbitrary expressions that lead to arbitrary method invocation and potentially remote code execution (RCE) via the QLExpressEngine... |
| CVE-2025-57317 | 2025-09-25 | apidoc-core is the core parser library to generate apidoc result following the apidoc-spec. A Prototype Pollution vulnerability in the preProcess function of apidoc-core versions thru 0.15.0 allows attackers to inject... |
| CVE-2025-57446 | 2025-09-25 | An issue in O-RAN Near Realtime RIC ric-plt-submgr in the J-Release environment, allows remote attackers to cause a denial of service (DoS) via a crafted request to the Subscription Manager... |
| CVE-2025-57623 | 2025-09-25 | A NULL pointer dereference in TOTOLINK N600R firmware v4.3.0cu.7866_B2022506 allows attackers to cause a Denial of Service. |
| CVE-2025-57632 | 2025-09-25 | libsmb2 6.2+ is vulnerable to Buffer Overflow. When processing SMB2 chained PDUs (NextCommand), libsmb2 repeatedly calls smb2_add_iovector() to append to a fixed-size iovec array without checking the upper bound of... |
| CVE-2025-59402 | 2025-09-25 | Flock Safety Bravo Edge AI Compute Device BRAVO_00.00_local_20241017 accepts the default Thundercomm TurboX 6490 Firehose loader in EDL/QDL mode. This enables attackers with physical access to flash arbitrary firmware, dump... |
| CVE-2025-59404 | 2025-09-25 | Flock Safety Bravo Edge AI Compute Device BRAVO_00.00_local_20241017 ships with its bootloader unlocked. This permits bypass of Android Verified Boot (AVB) and allows direct modification of partitions. |
| CVE-2025-59408 | 2025-09-25 | Flock Safety Bravo Edge AI Compute Device BRAVO_00.00_local_20241017 ships with Secure Boot disabled. This allows an attacker to flash modified firmware with no cryptographic protections. |
| CVE-2025-60249 | 2025-09-25 | vulnerability-lookup 2.16.0 allows XSS in bundle.py, comment.py, and user.py, by a user on a vulnerability-lookup instance who can add bundles, comments, or sightings. A cross-site scripting (XSS) vulnerability was discovered... |
| CVE-2025-21056 | 2025-09-25 | Improper input validation in Retail Mode prior to version 5.59.4 allows self attackers to execute privileged commands on their own devices. |
| CVE-2025-10438 | 2025-09-25 | Path Traversal in Yordam BT's Yordam Katalog |
| CVE-2025-10940 | 2025-09-25 | Total.js CMS Layout admin layouts_save cross site scripting |
| CVE-2025-10941 | 2025-09-25 | Topaz SERVCore Teller Installer SERVCoreTeller_2.0.40D.msi permission |
| CVE-2025-10942 | 2025-09-25 | H3C Magic B3 aspForm EditMacList buffer overflow |
| CVE-2025-40698 | 2025-09-25 | SQL injection vulnerability in Prevengos |
| CVE-2025-10957 | 2025-09-25 | Unrestricted FTP Access Vulnerability in Syrotech Router |
| CVE-2025-10943 | 2025-09-25 | MikeCen WeChat-Face-Recognition wx.php valid cross site scripting |
| CVE-2025-10944 | 2025-09-25 | yi-ge get-header-ip ip.php cross site scripting |
| CVE-2025-10945 | 2025-09-25 | nuz007 smsboom d.php cross site scripting |
| CVE-2025-10449 | 2025-09-25 | Path Traversal in Saysis Computer Systems' Saysis Web Portal |
| CVE-2025-10946 | 2025-09-25 | nuz007 smsboom dy.php cross site scripting |
| CVE-2025-10947 | 2025-09-25 | Sistemas Pleno Gestão de Locação CPF validarCpf authorization |
| CVE-2025-5494 | 2025-09-25 | Privilege Escalation |
| CVE-2025-59422 | 2025-09-25 | Dify Has Broken Access Control on Log Message Endpoint Allows Reading of Chats of Others |
| CVE-2025-10467 | 2025-09-25 | Stored XSS in Proliz Software's OBS |
| CVE-2025-59831 | 2025-09-25 | `git-comiters` Command Injection vulnerability |
| CVE-2025-59834 | 2025-09-25 | Command Injection in adb-mcp MCP Server |
| CVE-2025-27261 | 2025-09-25 | Ericsson Indoor Connect 8855 - Improper Neutralization of Special Elements used in an SQL Command Vulnerability |
| CVE-2025-59839 | 2025-09-25 | Star Citizen EmbedVideo Extension Stored XSS through wikitext caused by usage of non-reserved data attributes |
| CVE-2025-59426 | 2025-09-25 | lobe-chat has an Open Redirect |
| CVE-2025-10948 | 2025-09-25 | MikroTik RouterOS libjson.so print parse_json_element buffer overflow |
| CVE-2025-10540 | 2025-09-25 | Unencrypted and Unauthenticated Communication Allows Data Exposure and Manipulation in iMonitor EAM |
| CVE-2025-59823 | 2025-09-25 | Gardener providers vulnerable to code injection when Terraformer is used for infrastructure provisioning |
| CVE-2025-10541 | 2025-09-25 | Local Privilege Escalation via Insecure Update Mechanism in iMonitor EAM |
| CVE-2025-10949 | 2025-09-25 | Changsha Developer Technology iView Editor Markdown cross site scripting |
| CVE-2025-10950 | 2025-09-25 | geyang ml-logger Ping server.py log_handler deserialization |
| CVE-2025-10542 | 2025-09-25 | Insecure Default Admin Credentials Enable Full Administrative Access in iMonitor EAM |
| CVE-2025-59830 | 2025-09-25 | Rack QueryParser has an unsafe default allowing params_limit bypass via semicolon-separated parameters |
| CVE-2025-36857 | 2025-09-25 | Rapid7 Appspider Broken Access Control Vulnerability |
| CVE-2025-27262 | 2025-09-25 | Ericsson Indoor Connect 8855 - Improper Neutralization of Special Elements used in an OS Command Vulnerability |
| CVE-2025-59832 | 2025-09-25 | Horrila Stored XSS Vulnerability via Ticket Comment section |
| CVE-2020-36851 | 2025-09-25 | Rob--W / cors-anywhere Misconfigured CORS Proxy Allows SSRF |
| CVE-2025-40836 | 2025-09-25 | Ericsson Indoor Connect 8855 - Improper Input Validation Vulnerability |
| CVE-2025-59838 | 2025-09-25 | Monkeytype Vulnerable to Self-XSS on loading saved custom text |
| CVE-2025-40837 | 2025-09-25 | Ericsson Indoor Connect 8855 - Missing Authorization Vulnerability |
| CVE-2025-40838 | 2025-09-25 | Ericsson Indoor Connect 8855 - Insufficiently Protected Credentials Vulnerability |
| CVE-2025-36601 | 2025-09-25 | Dell PowerScale OneFS, versions 9.5.0.0 through 9.11.0.0, contains an exposure of sensitive information to an unauthorized actor vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability, leading to Information... |
| CVE-2025-10951 | 2025-09-25 | geyang ml-logger server.py log_handler path traversal |
| CVE-2024-48014 | 2025-09-25 | Dell BSAFE Micro Edition Suite, versions prior to 5.0.2.3 contain an Out-of-bounds Write vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to denial of service. |
| CVE-2025-33116 | 2025-09-25 | IBM Watson Studio on Cloud Pak for Data cross-site scripting |
| CVE-2025-10911 | 2025-09-25 | Libxslt: use-after-free with key data stored cross-rvt |
| CVE-2025-59841 | 2025-09-25 | FlagForgeCTF's Improper Session Handling Allows Access After Logout |
| CVE-2025-26333 | 2025-09-25 | Dell BSAFE Crypto-J generates an error message that includes sensitive information about its environment and associated data. A remote attacker could potentially exploit this vulnerability, leading to information exposure. |
| CVE-2025-43943 | 2025-09-25 | Dell Cloud Disaster Recovery, version(s) prior to 19.20, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A high privileged attacker with local... |
| CVE-2025-10952 | 2025-09-25 | geyang ml-logger File server.py stream_handler information disclosure |
| CVE-2025-60018 | 2025-09-25 | Glib-networking: out of bound reads on glib-networking through tls/openssl/gtlscertificate-openssl.c via "g_tls_certificate_openssl_get_property()" |
| CVE-2025-60019 | 2025-09-25 | Glib-networking: uninitialized memory dereferences on glib-networking through glib-networking/tls/openssl/gtlsbio.c via g_tls_bio_new_from_iostream() and g_tls_bio_new_from_datagram_based() |
| CVE-2025-10953 | 2025-09-25 | UTT 1200GW/1250GW formApMail buffer overflow |
| CVE-2025-20333 | 2025-09-25 | A vulnerability in the VPN web server of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an authenticated, remote attacker... |
| CVE-2025-20362 | 2025-09-25 | Update: On November 5, 2025, Cisco became aware of a new attack variant against devices running Cisco Secure ASA Software or Cisco Secure FTD Software releases that are affected by... |
| CVE-2025-20363 | 2025-09-25 | A vulnerability in the web services of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software, Cisco Secure Firewall Threat Defense (FTD) Software, Cisco IOS Software, Cisco IOS XE Software, and... |
| CVE-2025-10879 | 2025-09-25 | Insufficiently Protected Credentials in Dingtian DT-R002 |
| CVE-2025-10880 | 2025-09-25 | Insufficiently Protected Credentials in Dingtian DT-R002 |
| CVE-2025-34227 | 2025-09-25 | Nagios XI < 2026R1 Configuration Wizard Authenticated Command Injection |
| CVE-2025-10958 | 2025-09-25 | Wavlink NU516U1 AddMac wireless.cgi sub_403010 command injection |
| CVE-2025-10959 | 2025-09-25 | Wavlink NU516U1 firewall.cgi sub_401778 command injection |
| CVE-2025-10960 | 2025-09-25 | Wavlink NU516U1 DeleteMac wireless.cgi sub_402D1C command injection |
| CVE-2025-10961 | 2025-09-25 | Wavlink NU516U1 Delete_Mac_list wireless.cgi sub_4030C0 command injection |
| CVE-2025-10962 | 2025-09-25 | Wavlink NU516U1 SetName wireless.cgi sub_403198 command injection |
| CVE-2025-10963 | 2025-09-25 | Wavlink NU516U1 firewall.cgi sub_4016F0 command injection |
| CVE-2025-59814 | 2025-09-25 | Unauthenticated SQL-injection in password field |
| CVE-2025-59815 | 2025-09-25 | Authenticated Remote Code Execution in the Billing Administration portal |
| CVE-2025-59816 | 2025-09-25 | Authenticated Union based SQL-injection in the search input field |
| CVE-2025-59817 | 2025-09-25 | Authenticated Remote Code Execution in zForm_auto_config |
| CVE-2025-10964 | 2025-09-25 | Wavlink NU516U1 firewall.cgi sub_401B30 command injection |
| CVE-2025-43993 | 2025-09-25 | Dell Wireless 5932e and Qualcomm Snapdragon X62 Firmware and GNSS/GPS Driver, versions prior to 3.2.0.22 contain an Unquoted Search Path or Element vulnerability. A low privileged attacker with local access... |
| CVE-2025-10965 | 2025-09-25 | LazyAGI LazyLLM server.py lazyllm_call deserialization |
| CVE-2025-10967 | 2025-09-25 | MuFen-mker PHP-Usermm chkuser.php sql injection |