Lista CVE - 2025 / Marzo
Visualizzazione 1501 - 1600 di 4018 CVE per Marzo 2025 (Pagina 16 di 41)
| ID CVE | Data | Titolo |
|---|---|---|
| CVE-2025-1527 | 2025-03-12 | ShopLentor – WooCommerce Builder for Elementor & Gutenberg +20 Modules – All in One Solution (formerly WooLentor) <= 3.1.0 - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via Flash Sale Countdown Module |
| CVE-2024-13872 | 2025-03-12 | Bitdefender Box Insecure Update Mechanism Vulnerability in libboxhermes.so |
| CVE-2024-13871 | 2025-03-12 | Unauthenticated Command Injection in Bitdefender BOX v1 |
| CVE-2024-13870 | 2025-03-12 | Unauthenticated Firmware Downgrade in Bitdefender Box v1 |
| CVE-2025-29903 | 2025-03-12 | In JetBrains Runtime before 21.0.6b872.80 arbitrary dynamic library execution due... |
| CVE-2025-29904 | 2025-03-12 | In JetBrains Ktor before 3.1.1 an HTTP Request Smuggling was... |
| CVE-2024-10838 | 2025-03-12 | Integer Underflow in DDS_Security_Deserialize_ methods may lead to OOB read |
| CVE-2025-27788 | 2025-03-12 | Ruby JSON Parser has Out-of-bounds Read |
| CVE-2025-21590 | 2025-03-12 | Junos OS: An local attacker with shell access can execute arbitrary code |
| CVE-2025-27794 | 2025-03-12 | Flarum Vulnerable to Session Hijacking via Authoritative Subdomain Cookie Overwrite |
| CVE-2024-52362 | 2025-03-12 | IBM App Connect Enterprise Certified Container denial of service |
| CVE-2025-29891 | 2025-03-12 | Apache Camel: Camel Message Header Injection through request parameters |
| CVE-2025-2240 | 2025-03-12 | Smallrye-fault-tolerance: smallrye fault tolerance |
| CVE-2025-0884 | 2025-03-12 | Privilege Escalation vulnerability has been discovered in OpenText™ Service Manager. |
| CVE-2025-0883 | 2025-03-12 | vulnerability has been discovered in OpenText™ Service Manager. |
| CVE-2025-2002 | 2025-03-12 | CWE-532: Insertion of Sensitive Information into Log Files vulnerability exists... |
| CVE-2025-1683 | 2025-03-12 | Symbolic Link Exploit in 1E Client's - Nomad module allows Arbitrary File Deletion |
| CVE-2025-1984 | 2025-03-12 | Local Privilege Escalation on Xerox® Desktop Print Experience® v8.5 |
| CVE-2025-0813 | 2025-03-12 | CWE-287: Improper Authentication vulnerability exists that could cause an Authentication... |
| CVE-2025-1960 | 2025-03-12 | CWE-1188: Initialization of a Resource with an Insecure Default vulnerability... |
| CVE-2025-27867 | 2025-03-12 | Apache Felix HTTP Webconsole Plugin: XSS in HTTP Webconsole Plugin |
| CVE-2025-20115 | 2025-03-12 | Cisco IOS XR Software Border Gateway Protocol Denial of Service Vulnerability |
| CVE-2025-20138 | 2025-03-12 | Cisco IOS XR Software CLI Privilege Escalation Vulnerability |
| CVE-2025-20141 | 2025-03-12 | Cisco IOS XR Software Release 7.9.2 Denial of Service Vulnerabillity |
| CVE-2025-20142 | 2025-03-12 | Cisco IOS XR Software for ASR 9000 Series Routers L2VPN Denial of Service Vulnerability |
| CVE-2025-20143 | 2025-03-12 | Cisco IOS XR Software Secure Boot Bypass Vulnerability |
| CVE-2025-20144 | 2025-03-12 | Cisco IOS XR Software Access Control List Bypass Vulnerability |
| CVE-2025-20145 | 2025-03-12 | Cisco IOS XR Software Access Control List Bypass Vulnerability |
| CVE-2025-20146 | 2025-03-12 | Cisco IOS XR Software for ASR 9000 Series Routers Layer 3 Multicast Routing Denial of Service Vulnerability |
| CVE-2025-20177 | 2025-03-12 | Cisco IOS XR Software Image Verification Bypass Vulnerability |
| CVE-2025-20209 | 2025-03-12 | Cisco IOS XR Software Internet Key Exchange Version 2 Denial of Service Vulnerability |
| CVE-2025-27017 | 2025-03-12 | Apache NiFi: Potential Insertion of MongoDB Password in Provenance Record |
| CVE-2025-27407 | 2025-03-12 | Remote code execution when loading a crafted GraphQL schema |
| CVE-2025-0114 | 2025-03-12 | PAN-OS: Denial of Service (DoS) in GlobalProtect |
| CVE-2025-22870 | 2025-03-12 | HTTP Proxy bypass using IPv6 Zone IDs in golang.org/x/net |
| CVE-2025-0115 | 2025-03-12 | PAN-OS: Authenticated Admin File Read Vulnerability in PAN-OS CLI |
| CVE-2025-0116 | 2025-03-12 | PAN-OS: Firewall Denial of Service (DoS) Using a Specially Crafted LLDP Frame |
| CVE-2025-0117 | 2025-03-12 | GlobalProtect App: Local Privilege Escalation (PE) Vulnerability |
| CVE-2025-0118 | 2025-03-12 | GlobalProtect App: Execution of Unsafe ActiveX Control Vulnerability |
| CVE-2024-26290 | 2025-03-12 | Authenticated Remote Command Injection affecting Avid NEXIS |
| CVE-2025-25293 | 2025-03-12 | ruby-saml vulnerable to Remote Denial of Service (DoS) with compressed SAML responses |
| CVE-2025-25291 | 2025-03-12 | ruby-saml vulnerable to SAML authentication bypass due to DOCTYPE handling (parser differential) |
| CVE-2025-25292 | 2025-03-12 | Ruby SAML vulnerable to SAML authentication bypass due to namespace handling (parser differential) |
| CVE-2020-36843 | 2025-03-13 | The implementation of EdDSA in EdDSA-Java (aka ed25519-java) through 0.3.0... |
| CVE-2024-22880 | 2025-03-13 | Cross Site Scripting vulnerability in Zadarma Zadarma extension v.1.0.11 allows... |
| CVE-2024-28803 | 2025-03-13 | Cross-site scripting (XSS) vulnerability in Italtel S.p.A. i-MCS NFV v.12.1.0-20211215... |
| CVE-2024-53406 | 2025-03-13 | Espressif Esp idf v5.3.0 is vulnerable to Insecure Permissions resulting... |
| CVE-2024-55060 | 2025-03-13 | A cross-site scripting (XSS) vulnerability in the component index.php of... |
| CVE-2024-55198 | 2025-03-13 | User Enumeration via Discrepancies in Error Messages in the Celk... |
| CVE-2024-57062 | 2025-03-13 | An issue in SoundCloud IOS application v.7.65.2 allows a local... |
| CVE-2024-57348 | 2025-03-13 | Cross Site Scripting vulnerability in PecanProject pecan through v.1.8.0 allows... |
| CVE-2025-25363 | 2025-03-13 | An authenticated stored cross-site scripting (XSS) vulnerability in The Plugin... |
| CVE-2025-25598 | 2025-03-13 | Incorrect access control in the scheduled tasks console of Inova... |
| CVE-2025-25625 | 2025-03-13 | A stored cross-site scripting vulnerability exists in FS model S3150-8T2F... |
| CVE-2025-28010 | 2025-03-13 | A cross-site scripting (XSS) vulnerability has been identified in MODX... |
| CVE-2025-28011 | 2025-03-13 | A SQL Injection was found in loginsystem/change-password.php in PHPGurukul User... |
| CVE-2025-28015 | 2025-03-13 | A HTML Injection vulnerability was found in loginsystem/edit-profile.php of the... |
| CVE-2025-29357 | 2025-03-13 | Tenda RX3 US_RX3V1.0br_V16.03.13.11_multi_TDE01 is vulnerable to Buffer Overflow via the... |
| CVE-2025-29358 | 2025-03-13 | Tenda RX3 US_RX3V1.0br_V16.03.13.11_multi_TDE01 is vulnerable to Buffer Overflow via the... |
| CVE-2025-29359 | 2025-03-13 | Tenda RX3 US_RX3V1.0br_V16.03.13.11_multi_TDE01 is vulnerable to Buffer Overflow via the... |
| CVE-2025-29360 | 2025-03-13 | Tenda RX3 US_RX3V1.0br_V16.03.13.11_multi_TDE01 is vulnerable to Buffer Overflow via the... |
| CVE-2025-29361 | 2025-03-13 | Tenda RX3 US_RX3V1.0br_V16.03.13.11_multi_TDE01 is vulnerable to Buffer Overflow via the... |
| CVE-2025-29362 | 2025-03-13 | Tenda RX3 US_RX3V1.0br_V16.03.13.11_multi_TDE01 is vulnerable to Buffer Overflow via the... |
| CVE-2025-29363 | 2025-03-13 | Tenda RX3 US_RX3V1.0br_V16.03.13.11_multi_TDE01 is vulnerable to buffer overflow via the... |
| CVE-2025-2106 | 2025-03-13 | Arielbrailovsky-Viralad <= 1.0.8 - Unauthenticated SQL Injection |
| CVE-2025-1559 | 2025-03-13 | CC-IMG-Shortcode <= 1.1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting |
| CVE-2024-13703 | 2025-03-13 | CRM and Lead Management by vcita <= 2.7.1 - Missing Authorization to Authenticated (Susbcriber+) Widget Toggle |
| CVE-2025-2107 | 2025-03-13 | Arielbrailovsky-Viralad <= 1.0.8 - Unauthenticated SQL Injection |
| CVE-2024-13887 | 2025-03-13 | Business Directory Plugin - Easy Listing Directories for WordPress <= 6.4.14 - Insecure Direct Object Reference to Listing Arbitrary Image Addition |
| CVE-2025-2250 | 2025-03-13 | WordPress Report Brute Force Attacks and Login Protection ReportAttacks Plugins <= 2.32 - Authenticated (Admin+) SQL Injection |
| CVE-2025-2104 | 2025-03-13 | Page Builder: Pagelayer – Drag and Drop website builder <= 1.9.9 - Missing Authorization to Authenticated (Contributor+) Post Publication |
| CVE-2025-1561 | 2025-03-13 | AppPresser – Mobile App Framework <= 4.4.10 - Unauthenticated Stored Cross-Site Scripting |
| CVE-2025-1503 | 2025-03-13 | WP Recipe Maker <= 9.8.0 - Authenticated (Contributor+) Stored Cross-Site Scripting |
| CVE-2025-0652 | 2025-03-13 | Incorrect Authorization in GitLab |
| CVE-2024-13054 | 2025-03-13 | Allocation of Resources Without Limits or Throttling in GitLab |
| CVE-2024-12380 | 2025-03-13 | Generation of Error Message Containing Sensitive Information in GitLab |
| CVE-2024-8402 | 2025-03-13 | Improper Neutralization of Special Elements used in a Command ('Command Injection') in GitLab |
| CVE-2024-13884 | 2025-03-13 | Limit Bio <= 1.0 - Reflected XSS |
| CVE-2024-13885 | 2025-03-13 | WP E Customers <= 0.0.1 - Reflected XSS |
| CVE-2024-13891 | 2025-03-13 | Schedule <= 1.0.0 - Reflected XSS |
| CVE-2025-1401 | 2025-03-13 | WP Click Info <= 2.7.4 - Reflected XSS |
| CVE-2025-1436 | 2025-03-13 | Limit Bio <= 1.0 - Stored XSS via CSRF |
| CVE-2025-1486 | 2025-03-13 | WoWPth <= 2.0 - Reflected XSS |
| CVE-2025-1487 | 2025-03-13 | WoWPth <= 2.0 - Reflected XSS |
| CVE-2025-1257 | 2025-03-13 | Allocation of Resources Without Limits or Throttling in GitLab |
| CVE-2024-7296 | 2025-03-13 | Incorrect Authorization in GitLab |
| CVE-2025-2271 | 2025-03-13 | IDOR in Issuetrak NewAuditID parameter via Inv_PopTrakXShow.asp |
| CVE-2025-1119 | 2025-03-13 | Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin <= 1.6.8.5 - Unauthenticated Arbitrary Shortcode Execution |
| CVE-2025-1785 | 2025-03-13 | Download Manager <= 3.3.08 - Authenticated (Author+) Path Traversal to Limited File Overwrite |
| CVE-2025-25175 | 2025-03-13 | A vulnerability has been identified in Simcenter Femap V2401 (All... |
| CVE-2025-29994 | 2025-03-13 | Improper Authentication Vulnerability in CAP back office application |
| CVE-2025-29995 | 2025-03-13 | Account Takeover Vulnerability in CAP back office application |
| CVE-2025-29996 | 2025-03-13 | Authentication Bypass Vulnerability in CAP back office application |
| CVE-2025-29997 | 2025-03-13 | Improper Access Control Vulnerability in CAP back office application |
| CVE-2025-29998 | 2025-03-13 | No Rate Limiting Vulnerability in CAP back office application |
| CVE-2025-21104 | 2025-03-13 | Dell NetWorker, versions prior to 19.12.0.1 and versions prior to... |
| CVE-2024-10942 | 2025-03-13 | All in One WP Migration <= 7.89 - Unauthenticated PHP Object Injection |
| CVE-2025-2277 | 2025-03-13 | Exposure of password in web-based SSH authentication component in Devolutions... |
| CVE-2025-1635 | 2025-03-13 | Exposure of sensitive information in hub data source export feature... |
| CVE-2025-1636 | 2025-03-13 | Exposure of sensitive information in My Personal Credentials password history... |