Lista CVE - 2025 / Aprile

Visualizzazione 701 - 800 di 4038 CVE per Aprile 2025 (Pagina 8 di 41)

Torna alla Lista Precedente Successivo

ID CVE	Data	Titolo
CVE-2025-31489	2025-04-03	MinIO performs incomplete signature validation for unsigned-trailer uploads
CVE-2025-3177	2025-04-03	FastCMS JWT hard-coded key
CVE-2025-3178	2025-04-03	projectworlds Online Doctor Appointment Booking System deleteappointment.php sql injection
CVE-2025-3179	2025-04-03	projectworlds Online Doctor Appointment Booking System deletepatient.php sql injection
CVE-2025-3180	2025-04-03	projectworlds Online Doctor Appointment Booking System deleteschedule.php sql injection
CVE-2025-3181	2025-04-03	projectworlds Online Doctor Appointment Booking System appointment.php sql injection
CVE-2025-3182	2025-04-03	projectworlds Online Doctor Appointment Booking System getschedule.php sql injection
CVE-2025-0279	2025-04-03	HCL Traveler is affected by generation of error messages containing sensitive information
CVE-2025-3183	2025-04-03	projectworlds Online Doctor Appointment Booking System patientupdateprofile.php sql injection
CVE-2025-30370	2025-04-03	jupyterlab-git has a command injection vulnerability in "Open Git Repository in Terminal"
CVE-2025-0278	2025-04-03	An internal path disclosure vulnerability affects HCL Traveler
CVE-2025-3184	2025-04-03	projectworlds Online Doctor Appointment Booking System profile.php sql injection
CVE-2025-3185	2025-04-03	projectworlds Online Doctor Appointment Booking System patientupdateprofile.php sql injection
CVE-2025-3186	2025-04-03	projectworlds Online Doctor Appointment Booking System invoice.php sql injection
CVE-2025-25000	2025-04-03	Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
CVE-2025-28146	2025-04-04	Edimax AC1200 Wave 2 Dual-Band Gigabit Router BR-6478AC V3 1.0.15...
CVE-2025-29476	2025-04-04	Buffer Overflow vulnerability in compress_chunk_fuzzer with oss-fuzz on commit 16450518afddcb3139de627157208e49bfef6987...
CVE-2025-29477	2025-04-04	An issue in fluent-bit v.3.7.2 allows a local attacker to...
CVE-2025-32111	2025-04-04	The Docker image from acme.sh before 40b6db6 is based on...
CVE-2025-25001	2025-04-04	Microsoft Edge for iOS Spoofing Vulnerability
CVE-2025-29815	2025-04-04	Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
CVE-2025-29796	2025-04-04	Microsoft Edge for iOS Spoofing Vulnerability
CVE-2025-3187	2025-04-04	PHPGurukul e-Diary Management System login.php sql injection
CVE-2025-3188	2025-04-04	PHPGurukul e-Diary Management System add-notes.php sql injection
CVE-2025-3195	2025-04-04	itsourcecode Online Blood Bank Management System bbms.php sql injection
CVE-2025-3196	2025-04-04	Open Asset Import Library Assimp Malformed File MD2Loader.cpp InternReadFile stack-based overflow
CVE-2025-3198	2025-04-04	GNU Binutils objdump bucomm.c display_info memory leak
CVE-2025-3199	2025-04-04	ageerle ruoyi-ai API Interface SysModelController.java improper authorization
CVE-2025-24310	2025-04-04	Improper restriction of rendered UI layers or frames issue exists...
CVE-2025-24317	2025-04-04	Allocation of resources without limits or throttling issue exists in...
CVE-2025-25061	2025-04-04	Unintended proxy or intermediary ('Confused Deputy') issue exists in HMI...
CVE-2025-26401	2025-04-04	Weak encoding for password vulnerability exists in HMI ViewJet C-more...
CVE-2025-3202	2025-04-04	ageerle ruoyi-ai SysNoticeController.java improper authorization
CVE-2025-3203	2025-04-04	Tenda W18E setModules formSetAccountList stack-based overflow
CVE-2025-3204	2025-04-04	CodeAstro Car Rental System returncar.php sql injection
CVE-2025-3205	2025-04-04	CodeAstro Student Grading System studentsubject.php sql injection
CVE-2025-3206	2025-04-04	code-projects Hospital Management System doctor-specilization.php sql injection
CVE-2025-3207	2025-04-04	code-projects Patient Record Management System birthing_form.php sql injection
CVE-2025-2075	2025-04-04	Uncanny Automator <= 6.3.0.2 - Missing Authorization to Authenticated (Subscriber+) Privilege Escalation
CVE-2024-13744	2025-04-04	Booster for WooCommerce 4.0.1 - 7.2.4 - Unauthenticated Arbitrary File Upload
CVE-2025-3208	2025-04-04	code-projects Patient Record Management System xray_print.php sql injection
CVE-2025-3194	2025-04-04	Versions of the package bigint-buffer from 0.0.0 are vulnerable to...
CVE-2025-3197	2025-04-04	Versions of the package expand-object from 0.0.0 are vulnerable to...
CVE-2025-3191	2025-04-04	All versions of the package react-draft-wysiwyg are vulnerable to Cross-site...
CVE-2025-3209	2025-04-04	code-projects Patient Record Management System add_patient.php sql injection
CVE-2025-3192	2025-04-04	Versions of the package spatie/browsershot from 0.0.0 are vulnerable to...
CVE-2025-3210	2025-04-04	code-projects Patient Record Management System birthing_pending.php sql injection
CVE-2025-2317	2025-04-04	Product Filter by WBW <= 2.7.9 - Unauthenticated SQL Injection via filtersDataBackend Parameter
CVE-2024-13645	2025-04-04	TagDiv Composer <= 5.3 - Unauthenticated Arbitrary PHP Object Instantiation
CVE-2024-13898	2025-04-04	Simple Banner <= 3.0.4 - Authenticated (Administrator+) Stored Cross-Site Scripting
CVE-2025-2836	2025-04-04	RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login <= 6.0.4.3 - Authenticated (Subscriber+) Stored Cross-Site Scripting
CVE-2025-2270	2025-04-04	Countdown, Coming Soon, Maintenance – Countdown & Clock <= 2.8.9.1 - Unauthenticated Limited Local File Inclusion
CVE-2024-13708	2025-04-04	Booster for WooCommerce 4.0.1 - 7.2.4 - Unauthenticated Stored Cross-Site Scripting
CVE-2024-42208	2025-04-04	HCL Connections is vulnerable to an information disclosure vulnerability
CVE-2025-3211	2025-04-04	code-projects Patient Record Management System birthing_print.php sql injection
CVE-2025-3213	2025-04-04	PHPGurukul e-Diary Management System view-note.php sql injection
CVE-2025-2279	2025-04-04	Maps - Google Maps <= 1.0.6 - Contributor+ Stored XSS
CVE-2025-3214	2025-04-04	JFinal CMS readTemplate engine.getTemplate path traversal
CVE-2025-2159	2025-04-04	Stored XSS in M-Files Admin user interface
CVE-2025-3215	2025-04-04	PHPGurukul Restaurant Table Booking System add-subadmin.php sql injection
CVE-2025-3216	2025-04-04	PHPGurukul e-Diary Management System password-recovery.php sql injection
CVE-2025-3086	2025-04-04	User in anonymous role could create and delete views
CVE-2025-3087	2025-04-04	Stored XSS Vulnerability in M-Files Web
CVE-2025-2797	2025-04-04	Woffice Core <= 5.4.21 - Cross-Site Request Forgery to User Registration Approval
CVE-2025-2780	2025-04-04	Woffice Core <= 5.4.21 - Authenticated (Subscriber+) Arbitrary File Upload
CVE-2025-3217	2025-04-04	PHPGurukul e-Diary Management System registration.php sql injection
CVE-2025-3105	2025-04-04	Vehica Core <= 1.0.97 - Authenticated (Subscriber+) Privilege Escalation
CVE-2025-3219	2025-04-04	CodeCanyon Perfex CRM Project Discussions Module 2 cross site scripting
CVE-2025-3220	2025-04-04	PHPGurukul e-Diary Management System dashboard.php sql injection
CVE-2025-3229	2025-04-04	PHPGurukul Restaurant Table Booking System edit-subadmin.php sql injection
CVE-2025-3231	2025-04-04	PHPGurukul Zoo Management System aboutus.php sql injection
CVE-2025-3235	2025-04-04	PHPGurukul Old Age Home Management System profile.php sql injection
CVE-2025-3236	2025-04-04	Tenda FH1202 Web Management Interface VirSerDMZ access control
CVE-2025-2244	2025-04-04	Insecure PHP deserialization issue in GravityZone Console (VA-12634)
CVE-2025-1865	2025-04-04	Local Privilege Escalation in Virtual CloneDrive Kernel Driver
CVE-2025-2243	2025-04-04	SSRF in GravityZone Console via DNS Truncation (VA-12634)
CVE-2025-2245	2025-04-04	Server Side Request Forgery in GravityZone Update Server Using Null Bytes (VA-12646)
CVE-2025-3237	2025-04-04	Tenda FH1202 wrlwpsset access control
CVE-2025-3238	2025-04-04	PHPGurukul Online Fire Reporting System search-request.php sql injection
CVE-2025-3239	2025-04-04	PHPGurukul Online Fire Reporting System edit-guard-detail.php sql injection
CVE-2025-3240	2025-04-04	PHPGurukul Online Fire Reporting System search.php sql injection
CVE-2025-22282	2025-04-04	WordPress ez Form Calculator - WordPress plugin plugin <= 2.14.1.2 - Reflected Cross Site Scripting (XSS) vulnerability
CVE-2025-3241	2025-04-04	zhangyanbo2007 youkefu XML Document CallCenterRouterController.java xml external entity reference
CVE-2025-3242	2025-04-04	PHPGurukul e-Diary Management System search-result.php sql injection
CVE-2025-3243	2025-04-04	code-projects Patient Record Management System dental_form.php sql injection
CVE-2025-3244	2025-04-04	SourceCodester Web-based Pharmacy Product Management System Create User Page add-admin.php unrestricted upload
CVE-2025-3245	2025-04-04	itsourcecode Library Management System Forgot.java search sql injection
CVE-2025-3189	2025-04-04	Stored Cross-Site Scripting (XSS) in DoWISP
CVE-2025-31421	2025-04-04	WordPress Srbtranslatin plugin <= 3.2.0 - Sensitive Data Exposure vulnerability
CVE-2025-31420	2025-04-04	WordPress wpForo Forum plugin <= 2.4.2 - Privilege Escalation vulnerability
CVE-2025-31418	2025-04-04	WordPress Gravel theme <= 1.6 - Reflected Cross Site Scripting (XSS) vulnerability
CVE-2025-31416	2025-04-04	WordPress Awesome Event Booking plugin <= 2.8.4 - Reflected Cross Site Scripting (XSS) vulnerability
CVE-2025-31407	2025-04-04	WordPress Tiger theme <= 2.0 - Cross Site Scripting (XSS) vulnerability
CVE-2025-31405	2025-04-04	WordPress Fami WooCommerce Compare plugin <= 1.0.5 - Local File Inclusion vulnerability
CVE-2025-31403	2025-04-04	WordPress Booking Calendar and Notification plugin <= 4.0.3 - SQL Injection vulnerability
CVE-2025-31389	2025-04-04	WordPress Sequel plugin <= 1.0.11 - Cross Site Scripting (XSS) vulnerability
CVE-2025-31384	2025-04-04	WordPress Videos plugin <= 1.0.5 - Cross Site Scripting (XSS) vulnerability
CVE-2025-2798	2025-04-04	Woffice <= 5.4.21 - Authentication Bypass via Registration Role
CVE-2025-31381	2025-04-04	WordPress Booking Calendar and Notification plugin <= 4.0.3 - Broken Authentication vulnerability
CVE-2024-51800	2025-04-04	WordPress Homey theme <= 2.4.1 - Privilege Escalation vulnerability