Lista CVE - 2025 / Giugno

Visualizzazione 3101 - 3200 di 3683 CVE per Giugno 2025 (Pagina 32 di 37)

Torna alla Lista Precedente Successivo

ID CVE	Data	Titolo
CVE-2025-52483	2025-06-25	Registrator.jl Vulnerable to Argument Injection and Command Injection
CVE-2025-52569	2025-06-25	GitHub.jl lacks validation for user-provided fields
CVE-2025-52576	2025-06-25	Kanboard vulnerable to Username Enumeration via Login Behavior and Bruteforce Protection Bypass
CVE-2025-52889	2025-06-25	Incus vulnerable to DoS through antispoofing nftables firewall rule bypass on bridge networks with ACLs
CVE-2025-52890	2025-06-25	Incus vulnerable to antispoofing nftables firewall rule bypass on bridge networks with ACLs
CVE-2025-6442	2025-06-25	Ruby WEBrick read_header HTTP Request Smuggling Vulnerability
CVE-2025-52893	2025-06-25	OpenBao May Leak Sensitive Information in Logs When Processing Malformed Data
CVE-2025-52894	2025-06-25	OpenBao Vulnerable to Unauthenticated Rekey Operation Cancellation
CVE-2025-6617	2025-06-25	D-Link DIR-619L formAdvanceSetup stack-based overflow
CVE-2025-52999	2025-06-25	jackson-core Has Potential for StackoverflowError if user parses an input file that contains very deeply nested data
CVE-2025-6618	2025-06-25	TOTOLINK CA300-PoE wps.so SetWLanApcliSettings os command injection
CVE-2025-6619	2025-06-25	TOTOLINK CA300-PoE upgrade.so setUpgradeFW os command injection
CVE-2025-49549	2025-06-25	Adobe Commerce \| Incorrect Authorization (CWE-863)
CVE-2025-6444	2025-06-25	ServiceStack GetErrorResponse Improper Input Validation NTLM Relay Vulnerability
CVE-2025-49550	2025-06-25	Adobe Commerce \| Incorrect Authorization (CWE-863)
CVE-2025-6445	2025-06-25	ServiceStack FindType Directory Traversal Remote Code Execution Vulnerability
CVE-2025-5832	2025-06-25	Pioneer DMH-WT7600NEX Software Update Signing Insufficient Verification of Data Authenticity Vulnerability
CVE-2025-5834	2025-06-25	Pioneer DMH-WT7600NEX Missing Immutable Root of Trust in Hardware Local Privilege Escalation Vulnerability
CVE-2025-5833	2025-06-25	Pioneer DMH-WT7600NEX Root Filesystem Insufficient Verification of Data Authenticity Vulnerability
CVE-2025-5824	2025-06-25	Autel MaxiCharger AC Wallbox Commercial Origin Validation Error Authentication Bypass Vulnerability
CVE-2025-6620	2025-06-25	TOTOLINK CA300-PoE upgrade.so setUpgradeUboot os command injection
CVE-2025-6621	2025-06-25	TOTOLINK CA300-PoE ap.so QuickSetting os command injection
CVE-2025-5826	2025-06-25	Autel MaxiCharger AC Wallbox Commercial ble_process_esp32_msg Misinterpretation of Input Vulnerability
CVE-2025-5828	2025-06-25	Autel MaxiCharger AC Wallbox Commercial wLength Buffer Overflow Remote Code Execution Vulnerability
CVE-2025-5822	2025-06-25	Autel MaxiCharger AC Wallbox Commercial Technician API Incorrect Authorization Privilege Escalation Vulnerability
CVE-2025-5827	2025-06-25	Autel MaxiCharger AC Wallbox Commercial ble_process_esp32_msg Stack-based Buffer Overflow Remote Code Execution Vulnerability
CVE-2025-5823	2025-06-25	Autel MaxiCharger AC Wallbox Commercial Serial Number Exposed Dangerous Method Information Disclosure Vulnerability
CVE-2025-5829	2025-06-25	Autel MaxiCharger AC Wallbox Commercial autocharge Stack-based Buffer Overflow Remote Code Execution Vulnerability
CVE-2025-5830	2025-06-25	Autel MaxiCharger AC Wallbox Commercial DLB_SlaveRegister Heap-based Buffer Overflow Remote Code Execution Vulnerability
CVE-2025-6678	2025-06-25	Autel MaxiCharger AC Wallbox Commercial PIN Missing Authentication Information Disclosure Vulnerability
CVE-2025-5825	2025-06-25	Autel MaxiCharger AC Wallbox Commercial Firmware Downgrade Remote Code Execution Vulnerability
CVE-2025-6627	2025-06-25	TOTOLINK A702R HTTP POST Request formIpv6Setup buffer overflow
CVE-2025-6664	2025-06-25	CodeAstro Patient Record Management System cross-site request forgery
CVE-2025-6665	2025-06-25	code-projects Inventory Management System editBrand.php sql injection
CVE-2025-36038	2025-06-25	IBM WebSphere Application Server code execution
CVE-2025-6443	2025-06-25	Mikrotik RouterOS VXLAN Source IP Improper Access Control Vulnerability
CVE-2025-6662	2025-06-25	PDF-XChange Editor PRC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
CVE-2025-6661	2025-06-25	PDF-XChange Editor App Object Use-After-Free Remote Code Execution Vulnerability
CVE-2025-6660	2025-06-25	PDF-XChange Editor GIF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
CVE-2025-6659	2025-06-25	PDF-XChange Editor PRC File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
CVE-2025-6658	2025-06-25	PDF-XChange Editor PRC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
CVE-2025-6657	2025-06-25	PDF-XChange Editor PRC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
CVE-2025-6656	2025-06-25	PDF-XChange Editor PRC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
CVE-2025-6655	2025-06-25	PDF-XChange Editor PRC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
CVE-2025-6654	2025-06-25	PDF-XChange Editor PRC File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
CVE-2025-6653	2025-06-25	PDF-XChange Editor PRC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
CVE-2025-6652	2025-06-25	PDF-XChange Editor PRC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
CVE-2025-6651	2025-06-25	PDF-XChange Editor JP2 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
CVE-2025-6650	2025-06-25	PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
CVE-2025-6649	2025-06-25	PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
CVE-2025-6648	2025-06-25	PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
CVE-2025-6647	2025-06-25	PDF-XChange Editor U3D File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
CVE-2025-6646	2025-06-25	PDF-XChange Editor U3D File Parsing Use-After-Free Information Disclosure Vulnerability
CVE-2025-6645	2025-06-25	PDF-XChange Editor U3D File Parsing Use-After-Free Remote Code Execution Vulnerability
CVE-2025-6644	2025-06-25	PDF-XChange Editor U3D File Parsing Use-After-Free Remote Code Execution Vulnerability
CVE-2025-6643	2025-06-25	PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
CVE-2025-6642	2025-06-25	PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
CVE-2025-6641	2025-06-25	PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
CVE-2025-6640	2025-06-25	PDF-XChange Editor U3D File Parsing Use-After-Free Remote Code Execution Vulnerability
CVE-2025-6667	2025-06-25	code-projects Car Rental System add_cars.php unrestricted upload
CVE-2025-6668	2025-06-25	code-projects Inventory Management System fetchSelectedBrand.php sql injection
CVE-2025-6669	2025-06-25	gooaclok819 sublinkX jwt.go hard-coded key
CVE-2024-52928	2025-06-26	Arc before 1.26.1 on Windows has a bypass issue in the site settings that allows websites (with previously granted permissions) to add new permissions when the user clicks anywhere on...
CVE-2024-56915	2025-06-26	Netbox Community v4.1.7 and fixed in v.4.2.2 is vulnerable to Cross Site Scripting (XSS) via the RSS feed widget.
CVE-2025-29331	2025-06-26	An issue in MHSanaei 3x-ui before v.2.5.3 and before allows a remote attacker to execute arbitrary code via the management script x-ui passes the no check certificate option to wget...
CVE-2025-30131	2025-06-26	An issue was discovered on IROAD Dashcam FX2 devices. An unauthenticated file upload endpoint can be leveraged to execute arbitrary commands by uploading a CGI-based webshell. Once a file is...
CVE-2025-44141	2025-06-26	A Cross-Site Scripting (XSS) vulnerability exists in the node creation form of Backdrop CMS 1.30.
CVE-2025-49603	2025-06-26	Northern.tech Mender Server before 3.7.11 and 4.x before 4.0.1 has Incorrect Access Control.
CVE-2025-50350	2025-06-26	PHPGurukul Pre-School Enrollment System Project v1.0 is vulnerable to Directory Traversal in manage-classes.php.
CVE-2025-51671	2025-06-26	A SQL injection vulnerability was discovered in the PHPGurukul Dairy Farm Shop Management System 1.3. The vulnerability allows remote attackers to execute arbitrary SQL code via the category and categorycode...
CVE-2025-51672	2025-06-26	A time-based blind SQL injection vulnerability was identified in the PHPGurukul Dairy Farm Shop Management System 1.3. The vulnerability exists in the manage-companies.php file and allows remote attackers to execute...
CVE-2025-5588	2025-06-26	Image Editor by Pixo <= 2.3.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via download Parameter
CVE-2025-5535	2025-06-26	e.nigma buttons <= 1.1.3 - Authenticated (Contributor+) Stored Cross-Site Scripting
CVE-2025-5488	2025-06-26	WP Masonry & Infinite Scroll <= 2.2 - Authenticated (Contributor+) Stored Cross-Site Scripting
CVE-2025-5590	2025-06-26	Owl carousel responsive <= 1.9 - Authenticated (Contributor+) SQL Injection via id Parameter
CVE-2025-3863	2025-06-26	Post Carousel Slider for Elementor <= 1.6.0 - Authenticated (Subscriber+) Missing Authorization via process_wbelps_promo_form Function
CVE-2025-6538	2025-06-26	Post Rating and Review <= 1.3.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via class Parameter
CVE-2025-6378	2025-06-26	Responsive Food and Drink Menu <= 2.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via display_pdf_menus Shortcode
CVE-2025-5812	2025-06-26	VG WORT METIS <= 2.0.0 - Missing Authorization to Authenticated (Subscriber+) Limited Settings Update
CVE-2025-6290	2025-06-26	Tournament Bracket Generator <= 1.0.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via bracket Shortcode
CVE-2025-6383	2025-06-26	WP-PhotoNav <= 1.2.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via photonav Shortcode
CVE-2025-4334	2025-06-26	Simple User Registration <= 6.3 - Unauthenticated Privilege Escalation
CVE-2025-5564	2025-06-26	GC Social wall <= 1.15 - Authenticated (Contributor+) Stored Cross-Site Scripting
CVE-2025-6258	2025-06-26	WP SoundSystem <= 3.4.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via wpsstm-track Shortcode
CVE-2025-5540	2025-06-26	Event RSVP and Simple Event Management Plugin <= 4.1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting
CVE-2025-5559	2025-06-26	TimeZoneCalculator <= 3.37 - Authenticated (Contributor+) Stored Cross-Site Scripting
CVE-2025-5929	2025-06-26	The Countdown <= 2.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via clientId Parameter
CVE-2025-5932	2025-06-26	Homerunner <= 1.0.29 - Cross-Site Request Forgery to Settings Update
CVE-2025-6537	2025-06-26	Namasha By Mdesign <= 1.2.00 - Authenticated (Contributor+) Stored Cross-Site Scripting via playicon_title Parameter
CVE-2025-5275	2025-06-26	Charitable <= 1.8.6.1 - Authenticated (Administrator+) Stored Cross-Site Scripting via Plugin's Privacy Settings
CVE-2025-6546	2025-06-26	Drive Folder Embedder <= 1.1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via tablecssclass Parameter
CVE-2025-5813	2025-06-26	Amazon Products to WooCommerce <= 1.2.7 - Missing Authorization to Unauthenticated Arbitrary Product Creation
CVE-2025-6540	2025-06-26	web-cam <= 1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via slug Parameter
CVE-2025-6624	2025-06-26	Versions of the package snyk before 1.1297.3 are vulnerable to Insertion of Sensitive Information into Log File through local Snyk CLI debug logs. Container Registry credentials provided via environment variables...
CVE-2025-37101	2025-06-26	HPE OneView for VMware vCenter (OV4VC), Local Elevation of Privilege
CVE-2025-5846	2025-06-26	Missing Authorization in GitLab
CVE-2025-5315	2025-06-26	Missing Authorization in GitLab
CVE-2025-3279	2025-06-26	Allocation of Resources Without Limits or Throttling in GitLab
CVE-2025-2938	2025-06-26	Business Logic Errors in GitLab
CVE-2025-1754	2025-06-26	Missing Authentication for Critical Function in GitLab