Lista CVE - 2025 / Aprile
Visualizzazione 2201 - 2300 di 4033 CVE per Aprile 2025 (Pagina 23 di 41)
| ID CVE | Data | Titolo |
|---|---|---|
| CVE-2025-21588 | 2025-04-15 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network... |
| CVE-2025-30681 | 2025-04-15 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with... |
| CVE-2025-30682 | 2025-04-15 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows low privileged attacker with... |
| CVE-2025-30683 | 2025-04-15 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with... |
| CVE-2025-30684 | 2025-04-15 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with... |
| CVE-2025-30685 | 2025-04-15 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with... |
| CVE-2025-30686 | 2025-04-15 | Vulnerability in the Oracle Hospitality Simphony product of Oracle Food and Beverage Applications (component: EMC). Supported versions that are affected are 19.1-19.7. Easily exploitable vulnerability allows low privileged attacker with... |
| CVE-2025-30687 | 2025-04-15 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows low privileged attacker with... |
| CVE-2025-30688 | 2025-04-15 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows low privileged attacker with... |
| CVE-2025-30689 | 2025-04-15 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with... |
| CVE-2025-30690 | 2025-04-15 | Vulnerability in the Oracle Solaris product of Oracle Systems (component: Filesystem). The supported version that is affected is 11. Difficult to exploit vulnerability allows high privileged attacker with logon to... |
| CVE-2025-30691 | 2025-04-15 | Vulnerability in Oracle Java SE (component: Compiler). Supported versions that are affected are Oracle Java SE: 21.0.6, 24; Oracle GraalVM for JDK: 21.0.6 and 24. Difficult to exploit vulnerability allows... |
| CVE-2025-30692 | 2025-04-15 | Vulnerability in the Oracle iSupplier Portal product of Oracle E-Business Suite (component: Attachments). Supported versions that are affected are 12.2.7-12.2.14. Easily exploitable vulnerability allows low privileged attacker with network access... |
| CVE-2025-30693 | 2025-04-15 | Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network... |
| CVE-2025-30694 | 2025-04-15 | Vulnerability in the XML Database component of Oracle Database Server. Supported versions that are affected are 19.3-19.26, 21.3-21.17 and 23.4-23.7. Easily exploitable vulnerability allows low privileged attacker having User Account... |
| CVE-2025-30695 | 2025-04-15 | Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network... |
| CVE-2025-30696 | 2025-04-15 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: PS). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with... |
| CVE-2025-30697 | 2025-04-15 | Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Panel Processor). Supported versions that are affected are 8.60, 8.61 and 8.62. Easily exploitable vulnerability allows low privileged attacker... |
| CVE-2025-30698 | 2025-04-15 | Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: 2D). Supported versions that are affected are Oracle Java SE:... |
| CVE-2025-30699 | 2025-04-15 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Stored Procedure). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker... |
| CVE-2025-30700 | 2025-04-15 | Vulnerability in the Oracle Solaris product of Oracle Systems (component: Pluggable authentication module). The supported version that is affected is 11. Easily exploitable vulnerability allows low privileged attacker with network... |
| CVE-2025-30701 | 2025-04-15 | Vulnerability in the RAS Security component of Oracle Database Server. Supported versions that are affected are 19.3-19.26, 21.3-21.17 and 23.4-23.7. Easily exploitable vulnerability allows low privileged attacker having User Account... |
| CVE-2025-30703 | 2025-04-15 | Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with network... |
| CVE-2025-30704 | 2025-04-15 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Components Services). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Difficult to exploit vulnerability allows high privileged... |
| CVE-2025-30705 | 2025-04-15 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: PS). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker with... |
| CVE-2025-30706 | 2025-04-15 | Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 9.0.0-9.2.0. Difficult to exploit vulnerability allows low privileged attacker with network access via... |
| CVE-2025-30707 | 2025-04-15 | Vulnerability in the Oracle iStore product of Oracle E-Business Suite (component: User Management). Supported versions that are affected are 12.2.3-12.2.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via... |
| CVE-2025-30708 | 2025-04-15 | Vulnerability in the Oracle User Management product of Oracle E-Business Suite (component: Search and Register Users). Supported versions that are affected are 12.2.4-12.2.14. Easily exploitable vulnerability allows unauthenticated attacker with... |
| CVE-2025-30709 | 2025-04-15 | Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Runtime SEC). Supported versions that are affected are 9.2.0.0-9.2.9.2. Easily exploitable vulnerability allows unauthenticated attacker with... |
| CVE-2025-30710 | 2025-04-15 | Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: NDBCluster Plugin). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker... |
| CVE-2025-30711 | 2025-04-15 | Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite (component: Attachments, File Upload). Supported versions that are affected are 12.2.3-12.2.14. Easily exploitable vulnerability allows low privileged attacker with... |
| CVE-2025-30712 | 2025-04-15 | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is 7.1.6. Easily exploitable vulnerability allows high privileged attacker with logon to... |
| CVE-2025-30713 | 2025-04-15 | Vulnerability in the PeopleSoft Enterprise HCM Talent Acquisition Manager product of Oracle PeopleSoft (component: Job Opening). The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged... |
| CVE-2025-30714 | 2025-04-15 | Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/Python). Supported versions that are affected are 9.0.0-9.2.0. Difficult to exploit vulnerability allows low privileged attacker with network access via... |
| CVE-2025-30715 | 2025-04-15 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Components Services). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Easily exploitable vulnerability allows high privileged attacker... |
| CVE-2025-30716 | 2025-04-15 | Vulnerability in the Oracle Common Applications product of Oracle E-Business Suite (component: CRM User Management Framework). Supported versions that are affected are 12.2.3-12.2.14. Easily exploitable vulnerability allows unauthenticated attacker with... |
| CVE-2025-30717 | 2025-04-15 | Vulnerability in the Oracle Teleservice product of Oracle E-Business Suite (component: Service Diagnostics Scripts). Supported versions that are affected are 12.2.3-12.2.14. Easily exploitable vulnerability allows low privileged attacker with network... |
| CVE-2025-30718 | 2025-04-15 | Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite (component: Attachments, File Upload). Supported versions that are affected are 12.2.3-12.2.14. Easily exploitable vulnerability allows low privileged attacker with... |
| CVE-2025-30719 | 2025-04-15 | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is 7.1.6. Easily exploitable vulnerability allows low privileged attacker with logon to... |
| CVE-2025-30720 | 2025-04-15 | Vulnerability in the Oracle Configurator product of Oracle E-Business Suite (component: Orders). Supported versions that are affected are 12.2.3-12.2.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP... |
| CVE-2025-30721 | 2025-04-15 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: UDF). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Difficult to exploit vulnerability allows high privileged attacker... |
| CVE-2025-30722 | 2025-04-15 | Vulnerability in the MySQL Client product of Oracle MySQL (component: Client: mysqldump). Supported versions that are affected are 8.0.0-8.0.41, 8.4.0-8.4.4 and 9.0.0-9.2.0. Difficult to exploit vulnerability allows low privileged attacker... |
| CVE-2025-30723 | 2025-04-15 | Vulnerability in the Oracle BI Publisher product of Oracle Analytics (component: XML Services). Supported versions that are affected are 7.6.0.0.0 and 12.2.1.4.0. Easily exploitable vulnerability allows low privileged attacker with... |
| CVE-2025-30724 | 2025-04-15 | Vulnerability in the Oracle BI Publisher product of Oracle Analytics (component: XML Services). Supported versions that are affected are 7.6.0.0.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network... |
| CVE-2025-30725 | 2025-04-15 | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is 7.1.6. Difficult to exploit vulnerability allows high privileged attacker with logon... |
| CVE-2025-30726 | 2025-04-15 | Vulnerability in the Oracle Application Object Library product of Oracle E-Business Suite (component: Core). Supported versions that are affected are 12.2.3-12.2.14. Easily exploitable vulnerability allows unauthenticated attacker with network access... |
| CVE-2025-30727 | 2025-04-15 | Vulnerability in the Oracle Scripting product of Oracle E-Business Suite (component: iSurvey Module). Supported versions that are affected are 12.2.3-12.2.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via... |
| CVE-2025-30728 | 2025-04-15 | Vulnerability in the Oracle Configurator product of Oracle E-Business Suite (component: Core). Supported versions that are affected are 12.2.3-12.2.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP... |
| CVE-2025-30729 | 2025-04-15 | Vulnerability in the Oracle Communications Order and Service Management product of Oracle Communications Applications (component: Security). Supported versions that are affected are 7.4.0, 7.4.1 and 7.5.0. Easily exploitable vulnerability allows... |
| CVE-2025-30730 | 2025-04-15 | Vulnerability in the Oracle Application Object Library product of Oracle E-Business Suite (component: Core). Supported versions that are affected are 12.2.5-12.2.14. Easily exploitable vulnerability allows unauthenticated attacker with network access... |
| CVE-2025-30731 | 2025-04-15 | Vulnerability in the Oracle Applications Technology Stack product of Oracle E-Business Suite (component: Configuration). Supported versions that are affected are 12.2.3-12.2.14. Difficult to exploit vulnerability allows unauthenticated attacker with logon... |
| CVE-2025-30732 | 2025-04-15 | Vulnerability in the Oracle Application Object Library product of Oracle E-Business Suite (component: Core). Supported versions that are affected are 12.2.3-12.2.14. Easily exploitable vulnerability allows unauthenticated attacker with network access... |
| CVE-2025-30733 | 2025-04-15 | Vulnerability in the RDBMS Listener component of Oracle Database Server. Supported versions that are affected are 19.3-19.26, 21.3-21.17 and 23.4-23.7. Easily exploitable vulnerability allows unauthenticated attacker with network access via... |
| CVE-2025-30735 | 2025-04-15 | Vulnerability in the PeopleSoft Enterprise CC Common Application Objects product of Oracle PeopleSoft (component: Page and Field Configuration). The supported version that is affected is 9.2. Easily exploitable vulnerability allows... |
| CVE-2025-30736 | 2025-04-15 | Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 19.3-19.26, 21.3-21.17 and 23.4-23.7. Difficult to exploit vulnerability allows unauthenticated attacker with network access... |
| CVE-2025-30737 | 2025-04-15 | Vulnerability in the Oracle Smart View for Office product of Oracle Hyperion (component: Core Smart View). The supported version that is affected is 24.200. Difficult to exploit vulnerability allows high... |
| CVE-2025-30740 | 2025-04-15 | Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Runtime SEC). Supported versions that are affected are 9.2.0.0-9.2.9.2. Easily exploitable vulnerability allows low privileged attacker... |
| CVE-2025-24487 | 2025-04-15 | Growatt Cloud portal Authorization Bypass Through User-Controlled Key |
| CVE-2025-31499 | 2025-04-15 | Jellyfin Vulnerable to Argument Injection in FFmpeg |
| CVE-2025-32021 | 2025-04-15 | Weblate VCS credentials included in URL parameters are potentially logged and saved into browser history as plaintext |
| CVE-2025-30702 | 2025-04-15 | Vulnerability in the Fleet Patching and amp; Provisioning component of Oracle Database Server. Supported versions that are affected are 19.3-19.26. Easily exploitable vulnerability allows unauthenticated attacker with network access via... |
| CVE-2025-27568 | 2025-04-15 | Growatt Cloud portal Authorization Bypass Through User-Controlled Key |
| CVE-2025-1275 | 2025-04-15 | JPG File Parsing Heap-Based Overflow Vulnerability |
| CVE-2025-1276 | 2025-04-15 | DWG File Parsing Out-of-Bounds Write Vulnerability |
| CVE-2025-2497 | 2025-04-15 | DWG File Parsing Stack-Based Buffer Vulnerability |
| CVE-2025-1273 | 2025-04-15 | PDF File Parsing Heap-Based Overflow Vulnerability |
| CVE-2025-1656 | 2025-04-15 | PDF File Parsing Heap-based Overflow Vulnerability |
| CVE-2025-30254 | 2025-04-15 | Growatt Cloud portal Authorization Bypass Through User-Controlled Key |
| CVE-2025-1277 | 2025-04-15 | PDF File Parsing Memory Corruption Vulnerability |
| CVE-2025-1274 | 2025-04-15 | RCS File Parsing Out-of-Bounds Write Vulnerability |
| CVE-2025-27939 | 2025-04-15 | Growatt Cloud portal Authorization Bypass Through User-Controlled Key |
| CVE-2025-27938 | 2025-04-15 | Growatt Cloud portal Authorization Bypass Through User-Controlled Key |
| CVE-2025-30514 | 2025-04-15 | Growatt Cloud portal Authorization Bypass Through User-Controlled Key |
| CVE-2025-31654 | 2025-04-15 | Growatt Cloud portal Authorization Bypass Through User-Controlled Key |
| CVE-2025-27719 | 2025-04-15 | Growatt Cloud portal Authorization Bypass Through User-Controlled Key |
| CVE-2025-26857 | 2025-04-15 | Growatt Cloud portal Authorization Bypass Through User-Controlled Key |
| CVE-2025-31945 | 2025-04-15 | Growatt Cloud portal Authorization Bypass Through User-Controlled Key |
| CVE-2025-31950 | 2025-04-15 | Growatt Cloud portal Authorization Bypass Through User-Controlled Key |
| CVE-2025-27575 | 2025-04-15 | Growatt Cloud portal Authorization Bypass Through User-Controlled Key |
| CVE-2025-27565 | 2025-04-15 | Growatt Cloud portal Authorization Bypass Through User-Controlled Key |
| CVE-2025-25276 | 2025-04-15 | Growatt Cloud portal Authorization Bypass Through User-Controlled Key |
| CVE-2025-24850 | 2025-04-15 | Growatt Cloud portal Authorization Bypass Through User-Controlled Key |
| CVE-2025-30510 | 2025-04-15 | Growatt Cloud portal Insufficient Type Distinction |
| CVE-2025-24297 | 2025-04-15 | Growatt Cloud portal Cross-site Scripting |
| CVE-2025-27927 | 2025-04-15 | Growatt Cloud portal Authorization Bypass Through User-Controlled Key |
| CVE-2025-30512 | 2025-04-15 | Growatt Cloud portal External Control of System or Configuration Setting |
| CVE-2025-31360 | 2025-04-15 | Growatt Cloud portal Authorization Bypass Through User-Controlled Key |
| CVE-2025-31147 | 2025-04-15 | Growatt Cloud portal Authorization Bypass Through User-Controlled Key |
| CVE-2025-22263 | 2025-04-15 | WordPress Global Gallery plugin <= 8.8.0 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-22268 | 2025-04-15 | WordPress Uncanny Toolkit for LearnDash plugin <= 3.7.0.1 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-22269 | 2025-04-15 | WordPress Real Testimonials plugin <= 3.1.6 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-26730 | 2025-04-15 | WordPress Macro Calculator with Admin Email Optin & Data plugin <= 1.0 - Multiple Vulnerabilities vulnerability |
| CVE-2025-26740 | 2025-04-15 | WordPress SpaBiz plugin <= 1.0.18 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-26746 | 2025-04-15 | WordPress Advanced Custom Fields: Link Picker Field plugin <= 1.2.8 - Reflected Cross Site Scripting (XSS) vulnerability |
| CVE-2025-26748 | 2025-04-15 | WordPress Arkhe theme <= 3.11.0 - CSRF to Local File Inclusion vulnerability |
| CVE-2025-26749 | 2025-04-15 | WordPress Additional Custom Product Tabs for WooCommerce plugin <= 1.7.0 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-26870 | 2025-04-15 | WordPress JetEngine plugin <= 3.6.4.1 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-26880 | 2025-04-15 | WordPress SKT Skill Bar plugin <= 2.3 - Cross Site Scripting (XSS) vulnerability |
| CVE-2025-26903 | 2025-04-15 | WordPress InPost Gallery plugin <= 2.1.4.3 - Cross Site Request Forgery (CSRF) vulnerability |
| CVE-2025-26906 | 2025-04-15 | WordPress WP Delete User Accounts plugin <= 1.2.3 - Cross Site Scripting (XSS) vulnerability |