Lista CVE - 2025 / Febbraio
Visualizzazione 1001 - 1100 di 3676 CVE per Febbraio 2025 (Pagina 11 di 37)
| ID CVE | Data | Titolo |
|---|---|---|
| CVE-2025-21410 | 2025-02-11 | Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability |
| CVE-2025-21190 | 2025-02-11 | Windows Telephony Service Remote Code Execution Vulnerability |
| CVE-2025-21200 | 2025-02-11 | Windows Telephony Service Remote Code Execution Vulnerability |
| CVE-2025-21201 | 2025-02-11 | Windows Telephony Server Remote Code Execution Vulnerability |
| CVE-2025-21198 | 2025-02-11 | Microsoft High Performance Compute (HPC) Pack Remote Code Execution Vulnerability |
| CVE-2025-21337 | 2025-02-11 | Windows NTFS Elevation of Privilege Vulnerability |
| CVE-2025-21347 | 2025-02-11 | Windows Deployment Services Denial of Service Vulnerability |
| CVE-2025-21349 | 2025-02-11 | Windows Remote Desktop Configuration Service Tampering Vulnerability |
| CVE-2025-21350 | 2025-02-11 | Windows Kerberos Denial of Service Vulnerability |
| CVE-2025-21358 | 2025-02-11 | Windows Core Messaging Elevation of Privileges Vulnerability |
| CVE-2025-21359 | 2025-02-11 | Windows Kernel Security Feature Bypass Vulnerability |
| CVE-2025-21367 | 2025-02-11 | Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability |
| CVE-2025-21371 | 2025-02-11 | Windows Telephony Service Remote Code Execution Vulnerability |
| CVE-2025-21377 | 2025-02-11 | NTLM Hash Disclosure Spoofing Vulnerability |
| CVE-2025-21381 | 2025-02-11 | Microsoft Excel Remote Code Execution Vulnerability |
| CVE-2025-21386 | 2025-02-11 | Microsoft Excel Remote Code Execution Vulnerability |
| CVE-2025-21387 | 2025-02-11 | Microsoft Excel Remote Code Execution Vulnerability |
| CVE-2025-21390 | 2025-02-11 | Microsoft Excel Remote Code Execution Vulnerability |
| CVE-2025-21392 | 2025-02-11 | Microsoft Office Remote Code Execution Vulnerability |
| CVE-2025-21394 | 2025-02-11 | Microsoft Excel Remote Code Execution Vulnerability |
| CVE-2025-21397 | 2025-02-11 | Microsoft Office Remote Code Execution Vulnerability |
| CVE-2025-21400 | 2025-02-11 | Microsoft SharePoint Server Remote Code Execution Vulnerability |
| CVE-2025-21179 | 2025-02-11 | DHCP Client Service Denial of Service Vulnerability |
| CVE-2025-21181 | 2025-02-11 | Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability |
| CVE-2025-21184 | 2025-02-11 | Windows Core Messaging Elevation of Privileges Vulnerability |
| CVE-2025-21212 | 2025-02-11 | Internet Connection Sharing (ICS) Denial of Service Vulnerability |
| CVE-2025-21216 | 2025-02-11 | Internet Connection Sharing (ICS) Denial of Service Vulnerability |
| CVE-2025-21254 | 2025-02-11 | Internet Connection Sharing (ICS) Denial of Service Vulnerability |
| CVE-2025-21322 | 2025-02-11 | Microsoft PC Manager Elevation of Privilege Vulnerability |
| CVE-2025-21414 | 2025-02-11 | Windows Core Messaging Elevation of Privileges Vulnerability |
| CVE-2025-21373 | 2025-02-11 | Windows Installer Elevation of Privilege Vulnerability |
| CVE-2025-24042 | 2025-02-11 | Visual Studio Code JS Debug Extension Elevation of Privilege Vulnerability |
| CVE-2025-25202 | 2025-02-11 | Ash Authentication has flawed token revocation checking logic in actions generated by `mix ash_authentication.install` |
| CVE-2025-0899 | 2025-02-11 | PDF-XChange Editor AcroForm Use-After-Free Remote Code Execution Vulnerability |
| CVE-2024-12833 | 2025-02-11 | Paessler PRTG Network Monitor SNMP Cross-Site Scripting Authentication Bypass Vulnerability |
| CVE-2024-12551 | 2025-02-11 | Tungsten Automation Power PDF JP2 File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| CVE-2024-12550 | 2025-02-11 | Tungsten Automation Power PDF JP2 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| CVE-2024-12549 | 2025-02-11 | Tungsten Automation Power PDF JP2 File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| CVE-2024-12548 | 2025-02-11 | Tungsten Automation Power PDF JP2 File Parsing Use-After-Free Information Disclosure Vulnerability |
| CVE-2024-12547 | 2025-02-11 | Tungsten Automation Power PDF JPF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| CVE-2025-1052 | 2025-02-11 | Mintty Sixel Image Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| CVE-2025-1044 | 2025-02-11 | Logsign Unified SecOps Platform Authentication Bypass Vulnerability |
| CVE-2024-21966 | 2025-02-11 | A DLL hijacking vulnerability in the AMD Ryzen™ Master Utility could allow an attacker to achieve privilege escalation, potentially resulting in arbitrary code execution. |
| CVE-2025-0901 | 2025-02-11 | PDF-XChange Editor Doc Object Out-Of-Bounds Read Remote Code Execution Vulnerability |
| CVE-2025-0902 | 2025-02-11 | PDF-XChange Editor XPS File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| CVE-2025-0903 | 2025-02-11 | PDF-XChange Editor RTF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| CVE-2025-0904 | 2025-02-11 | PDF-XChange Editor XPS File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| CVE-2025-0905 | 2025-02-11 | PDF-XChange Editor JB2 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| CVE-2025-0906 | 2025-02-11 | PDF-XChange Editor JB2 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| CVE-2025-0907 | 2025-02-11 | PDF-XChange Editor JB2 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| CVE-2025-0908 | 2025-02-11 | PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| CVE-2025-0909 | 2025-02-11 | PDF-XChange Editor XPS File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| CVE-2025-0910 | 2025-02-11 | PDF-XChange Editor U3D File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| CVE-2025-0911 | 2025-02-11 | PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| CVE-2023-31360 | 2025-02-11 | Incorrect default permissions in the AMD Integrated Management Technology (AIM-T) Manageability Service installation directory could allow an attacker to achieve privilege escalation, potentially resulting in arbitrary code execution. |
| CVE-2023-31361 | 2025-02-11 | A DLL hijacking vulnerability in AMD Integrated Management Technology (AIM-T) Manageability Service could allow an attacker to achieve privilege escalation potentially resulting in arbitrary code execution. |
| CVE-2024-21924 | 2025-02-11 | SMM callout vulnerability within the AmdPlatformRasSspSmm driver could allow a ring 0 attacker to modify boot services handlers, potentially resulting in arbitrary code execution. |
| CVE-2024-21925 | 2025-02-11 | Improper input validation within the AmdPspP2CmboxV2 driver may allow a privileged attacker to overwrite SMRAM, leading to arbitrary code execution. |
| CVE-2024-0179 | 2025-02-11 | SMM Callout vulnerability within the AmdCpmDisplayFeatureSMM driver could allow locally authenticated attackers to overwrite SMRAM, potentially resulting in arbitrary code execution. |
| CVE-2023-20507 | 2025-02-11 | An integer overflow in the ASP could allow a privileged attacker to perform an out-of-bounds write, potentially resulting in loss of data integrity. |
| CVE-2023-20515 | 2025-02-11 | Improper access control in the fTPM driver in the trusted OS could allow a privileged attacker to corrupt system memory, potentially leading to loss of integrity, confidentiality, or availability. |
| CVE-2023-20581 | 2025-02-11 | Improper access control in the IOMMU may allow a privileged attacker to bypass RMP checks, potentially leading to a loss of guest memory integrity. |
| CVE-2023-20582 | 2025-02-11 | Improper handling of invalid nested page table entries in the IOMMU may allow a privileged attacker to induce page table entry (PTE) faults to bypass RMP checks in SEV-SNP, potentially... |
| CVE-2022-3180 | 2025-02-11 | WPGateway <= 3.5 - Unauthenticated Privilege Escalation |
| CVE-2023-31331 | 2025-02-11 | Improper access control in the DRTM firmware could allow a privileged attacker to perform multiple driver initializations, resulting in stack memory corruption that could potentially lead to loss of integrity... |
| CVE-2024-32037 | 2025-02-11 | GeoNetwork vulnerable to search end-point information disclosure in response headers |
| CVE-2025-1240 | 2025-02-11 | WinZip 7Z File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| CVE-2023-31342 | 2025-02-11 | Improper input validation in the SMM handler may allow a privileged attacker to overwrite SMRAM, potentially leading to arbitrary code execution. |
| CVE-2023-31343 | 2025-02-11 | Improper input validation in the SMM handler may allow a privileged attacker to overwrite SMRAM, potentially leading to arbitrary code execution. |
| CVE-2023-31352 | 2025-02-11 | A bug in the SEV firmware may allow an attacker with privileges to read unencrypted memory, potentially resulting in loss of guest private data. |
| CVE-2025-25203 | 2025-02-11 | Ctrlpanel has stored XSS vulnerability in TicketsController priority field |
| CVE-2023-20508 | 2025-02-11 | Improper access control in the ASP could allow a privileged attacker to perform an out-of-bounds write to a memory location not controlled by the attacker, potentially leading to loss of... |
| CVE-2024-0112 | 2025-02-11 | NVIDIA Jetson AGX Orin™ and NVIDIA IGX Orin software contain a vulnerability where an attacker can cause an improper input validation issue by escalating certain permissions to a limited degree.... |
| CVE-2023-31345 | 2025-02-11 | Improper input validation in the SMM handler may allow a privileged attacker to overwrite SMRAM, potentially leading to arbitrary code execution. |
| CVE-2020-3432 | 2025-02-11 | Cisco AnyConnect Secure Mobility Client for Mac OS File Corruption Vulnerability |
| CVE-2024-34520 | 2025-02-12 | An authorization bypass vulnerability exists in the Mavenir SCE Application Provisioning Portal, version PORTAL-LBS-R_1_0_24_0, which allows an authenticated 'guest' user to perform unauthorized administrative actions, such as accessing the 'add... |
| CVE-2024-34521 | 2025-02-12 | A directory traversal vulnerability exists in the Mavenir SCE Application Provisioning Portal, version PORTAL-LBS-R_1_0_24_0, which allows an administrative user to access system files with the file permissions of the privileged... |
| CVE-2024-46922 | 2025-02-12 | An issue was discovered in Samsung Mobile Processor Exynos 1480 and 2400. The absence of a null check leads to a Denial of Service at amdgpu_cs_parser_bos in the Xclipse Driver. |
| CVE-2024-46923 | 2025-02-12 | An issue was discovered in Samsung Mobile Processor Exynos 2200, 1480, and 2400. The absence of a null check leads to a Denial of Service at amdgpu_cs_ib_fill in the Xclipse... |
| CVE-2024-51122 | 2025-02-12 | Cross Site Scripting vulnerability in Zertificon Z1 SecureMail Z1 CertServer v.3.16.4-2516-debian12 alllows a remote attacker to execute arbitrary code via the ST, L, O, OU, CN parameters. |
| CVE-2024-51123 | 2025-02-12 | An issue in Zertificon Z1 SecureMail Z1 SecureMail Gateway 4.44.2-7240-debian12 allows a remote attacker to obtain sensitive information via the /compose-pdf.xhtml?convid=[id] component. |
| CVE-2024-51376 | 2025-02-12 | Directory Traversal vulnerability in yeqifu carRental v.1.0 allows a remote attacker to obtain sensitive information via the file/downloadFile.action?path= component. |
| CVE-2024-51440 | 2025-02-12 | An issue in Nothing Tech Nothing OS v.2.6 allows a local attacker to escalate privileges via the NtBpfService component. |
| CVE-2024-54160 | 2025-02-12 | dashboards-reporting (aka Dashboards Reports) before 2.19.0.0, as shipped in OpenSearch before 2.19, allows XSS because Markdown is not sanitized when previewing a header or footer. |
| CVE-2024-56938 | 2025-02-12 | LearnDash v6.7.1 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the materials-content class. |
| CVE-2024-56939 | 2025-02-12 | LearnDash v6.7.1 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the ld-comment-body class. |
| CVE-2024-56940 | 2025-02-12 | An issue in the profile image upload function of LearnDash v6.7.1 allows attackers to cause a Denial of Service (DoS) via excessive file uploads. |
| CVE-2024-57601 | 2025-02-12 | Cross Site Scripting vulnerability in Alex Tselegidis EasyAppointments v.1.5.0 allows a remote attacker to execute arbitrary code via the legal_settings parameter. |
| CVE-2024-57602 | 2025-02-12 | An issue in Alex Tselegidis EasyAppointments v.1.5.0 allows a remote attacker to escalate privileges via the index.php file. |
| CVE-2024-57603 | 2025-02-12 | An issue in MaysWind ezBookkeeping 0.7.0 allows a remote attacker to escalate privileges via the lack of rate limiting. |
| CVE-2024-57604 | 2025-02-12 | An issue in MaysWind ezBookkeeping 0.7.0 allows a remote attacker to escalate privileges via the token component. |
| CVE-2024-57605 | 2025-02-12 | Cross Site Scripting vulnerability in Daylight Studio Fuel CMS v.1.5.2 allows an attacker to escalate privileges via the /fuel/blocks/ and /fuel/pages components. |
| CVE-2025-25343 | 2025-02-12 | Tenda AC6 V15.03.05.16 firmware has a buffer overflow vulnerability in the formexeCommand function. |
| CVE-2025-25349 | 2025-02-12 | PHPGurukul Daily Expense Tracker System v1.1 is vulnerable to SQL Injection in /dets/add-expense.php via the costitem parameter. |
| CVE-2025-25351 | 2025-02-12 | PHPGurukul Daily Expense Tracker System v1.1 is vulnerable to SQL Injection in /dets/add-expense.php via the dateexpense parameter. |
| CVE-2025-25741 | 2025-02-12 | D-Link DIR-853 A1 FW1.20B07 was discovered to contain a stack-based buffer overflow vulnerability via the IPv6_PppoePassword parameter in the SetIPv6PppoeSettings module. |
| CVE-2025-25742 | 2025-02-12 | D-Link DIR-853 A1 FW1.20B07 was discovered to contain a stack-based buffer overflow vulnerability via the AccountPassword parameter in the SetSysEmailSettings module. |
| CVE-2025-25743 | 2025-02-12 | D-Link DIR-853 A1 FW1.20B07 was discovered to contain a command injection vulnerability in the SetVirtualServerSettings module. |
| CVE-2025-25744 | 2025-02-12 | D-Link DIR-853 A1 FW1.20B07 was discovered to contain a stack-based buffer overflow vulnerability via the Password parameter in the SetDynamicDNSSettings module. |
| CVE-2025-25746 | 2025-02-12 | D-Link DIR-853 A1 FW1.20B07 was discovered to contain a stack-based buffer overflow vulnerability via the Password parameter in the SetWanSettings module. |