Lista CVE - 2025 / Settembre
Visualizzazione 2101 - 2200 di 4322 CVE per Settembre 2025 (Pagina 22 di 44)
| ID CVE | Data | Titolo |
|---|---|---|
| CVE-2022-50330 | 2025-09-15 | crypto: cavium - prevent integer overflow loading firmware |
| CVE-2022-50331 | 2025-09-15 | wwan_hwsim: fix possible memory leak in wwan_hwsim_dev_new() |
| CVE-2022-50332 | 2025-09-15 | video/aperture: Call sysfb_disable() before removing PCI devices |
| CVE-2022-50333 | 2025-09-15 | fs: jfs: fix shift-out-of-bounds in dbDiscardAG |
| CVE-2022-50334 | 2025-09-15 | hugetlbfs: fix null-ptr-deref in hugetlbfs_parse_param() |
| CVE-2022-50335 | 2025-09-15 | 9p: set req refcount to zero to avoid uninitialized usage |
| CVE-2022-50336 | 2025-09-15 | fs/ntfs3: Add null pointer check to attr_load_runs_vcn |
| CVE-2022-50337 | 2025-09-15 | ocxl: fix pci device refcount leak when calling get_function_0() |
| CVE-2025-10459 | 2025-09-15 | PHPGurukul Beauty Parlour Management System all-appointment.php sql injection |
| CVE-2025-6202 | 2025-09-15 | Phoenix: Rowhammer attack on Hynix DDR5 devices |
| CVE-2025-36082 | 2025-09-15 | IBM OpenPages information disclosure |
| CVE-2025-43793 | 2025-09-15 | Liferay Portal 7.4.0 through 7.4.3.105, and older unsupported versions, and Liferay DXP 2023.Q4.0, 2023.Q3.1 through 2023.Q3.4, 7.4 GA through update 92, 7.3 GA through update 35, and older unsupported versions... |
| CVE-2025-58045 | 2025-09-15 | Dataease server-side request forgery via unfiltered DB2 JDBC ldap parameter |
| CVE-2025-58046 | 2025-09-15 | Dataease has a JDBC attack vulnerability in the Impala datasource |
| CVE-2025-10491 | 2025-09-15 | MongoDB Windows installation MSI may leave ACLs unset on custom installation directories |
| CVE-2025-58748 | 2025-09-15 | Dataease H2 data source JDBC URL validation bypass leads to remote code execution |
| CVE-2025-43792 | 2025-09-15 | Remote staging in Liferay Portal 7.4.0 through 7.4.3.105, and older unsupported versions, and Liferay DXP 2023.Q4.0, 2023.Q3.1 through 2023.Q3.4, 7.4 GA through update 92, 7.3 GA through update 35, and... |
| CVE-2025-59328 | 2025-09-15 | Apache Fory: Denial of Service (DoS) due to Deserialization of Untrusted malicious large Data |
| CVE-2025-10203 | 2025-09-15 | Relative Path Traversal Vulnerability in Digilent WaveForms |
| CVE-2025-10471 | 2025-09-15 | ZKEACMS MediaController.cs Proxy server-side request forgery |
| CVE-2025-58172 | 2025-09-15 | drawnix debug logging cross-site scripting vulnerability |
| CVE-2025-58177 | 2025-09-15 | n8n stored cross-site scripting in LangChain Chat Trigger node initialMessages parameter |
| CVE-2025-59155 | 2025-09-15 | hackmd-mcp server-side request forgery in HTTP transport mode |
| CVE-2025-43791 | 2025-09-15 | Multiple cross-site scripting (XSS) vulnerabilities in Liferay Portal 7.3.0 through 7.4.3.111, and Liferay DXP 2023.Q4.0, 2023.Q3.1 through 2023.Q3.4, 7.4 GA through update 92 and 7.3 GA through update 36 allow... |
| CVE-2025-10472 | 2025-09-15 | harry0703 MoneyPrinterTurbo URL video.py stream_video path traversal |
| CVE-2025-10473 | 2025-09-15 | yangzongzhuan RuoYi Blacklist SqlUtil.java filterKeyword sql injection |
| CVE-2025-43800 | 2025-09-15 | Cross-site scripting (XSS) vulnerability in Objects in Liferay Portal 7.4.3.20 through 7.4.3.111, and Liferay DXP 2023.Q4.0, 2023.Q3.1 through 2023.Q3.4 and 7.4 GA through update 92 allows remote attackers to inject... |
| CVE-2025-59140 | 2025-09-15 | [email protected] contains malware after npm account takeover |
| CVE-2025-59141 | 2025-09-15 | [email protected] contains malware after npm account takeover |
| CVE-2025-59143 | 2025-09-15 | [email protected] contains malware after npm account takeover |
| CVE-2025-59144 | 2025-09-15 | [email protected] contains malware after npm account takeover |
| CVE-2025-59142 | 2025-09-15 | [email protected] contains malware after npm account takeover |
| CVE-2025-59162 | 2025-09-15 | [email protected] contains malware after npm account takeover |
| CVE-2025-59330 | 2025-09-15 | [email protected] contains malware after npm account takeover |
| CVE-2025-59331 | 2025-09-15 | [email protected] contains malware after npm account takeover |
| CVE-2025-10475 | 2025-09-15 | SpyShelter IOCTL SpyShelter.sys denial of service |
| CVE-2025-59154 | 2025-09-15 | Openfire allows potential identity spoofing via unsafe CN parsing |
| CVE-2025-59332 | 2025-09-15 | 3DAlloy allows stored XSS through attributes provided to the 3d parser tag/function |
| CVE-2025-43799 | 2025-09-15 | Liferay Portal 7.4.0 through 7.4.3.111, and older unsupported versions, and Liferay DXP 2023.Q4.0, 2023.Q3.1 through 2023.Q3.4, 7.4 GA through update 92 and 7.3 GA through update 35, and older unsupported... |
| CVE-2025-10477 | 2025-09-15 | kidaze CourseSelectionSystem eligibility.php sql injection |
| CVE-2025-59145 | 2025-09-15 | [email protected] contains malware after npm account takeover |
| CVE-2025-43798 | 2025-09-15 | Liferay DXP 2023.Q4.0, 2023.Q3.1 through 2023.Q3.4, 7.4 GA through update 92 and 7.3 GA through update 35 allows a time-based one-time password (TOTP) to be used multiple times during the... |
| CVE-2025-55211 | 2025-09-15 | FreePBX Post-Authenticated Command Injection |
| CVE-2025-10479 | 2025-09-15 | SourceCodester Online Student File Management System index.php sql injection |
| CVE-2025-59056 | 2025-09-15 | FreePBX vulnerable to unauthenticated Denial of Service |
| CVE-2025-6999 | 2025-09-15 | WatchGuard Firebox Authentication Portal Request Smuggling Vulnerability |
| CVE-2025-6947 | 2025-09-15 | WatchGuard Firebox Stored Cross-Site-Scripting (XSS) Vulnerability in SIP Proxy Configuration |
| CVE-2025-43797 | 2025-09-15 | In Liferay Portal 7.1.0 through 7.4.3.111, and Liferay DXP 2023.Q4.0, 2023.Q3.1 through 2023.Q3.4, 7.4 GA through update 92, 7.3 GA through update 35, and older unsupported versions, the default membership... |
| CVE-2025-10480 | 2025-09-15 | SourceCodester Online Student File Management System save_file.php unrestricted upload |
| CVE-2025-43802 | 2025-09-15 | Stored cross-site scripting (XSS) vulnerability in a custom object’s /o/c/<object-name> API endpoint in Liferay Portal 7.4.3.51 through 7.4.3.109, and Liferay DXP 2023.Q3.1 through 2023.Q3.4, 7.4 update 51 through update 92,... |
| CVE-2025-10481 | 2025-09-15 | SourceCodester Online Student File Management System remove_file.php sql injection |
| CVE-2025-10482 | 2025-09-15 | SourceCodester Online Student File Management System index.php sql injection |
| CVE-2025-10483 | 2025-09-15 | SourceCodester Online Student File Management System save_user.php sql injection |
| CVE-2025-10485 | 2025-09-15 | pojoin h3blog HTTP Header login ppt_log cross site scripting |
| CVE-2025-43366 | 2025-09-15 | An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Tahoe 26. An app may be able to disclose coprocessor memory. |
| CVE-2025-43331 | 2025-09-15 | A downgrade issue was addressed with additional code-signing restrictions. This issue is fixed in macOS Tahoe 26. An app may be able to access protected user data. |
| CVE-2025-43262 | 2025-09-15 | A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Tahoe 26. USB Restricted Mode may not be applied to accessories connected during boot. |
| CVE-2025-43327 | 2025-09-15 | The issue was addressed by adding additional logic. This issue is fixed in Safari 26. Visiting a malicious website may lead to address bar spoofing. |
| CVE-2025-43370 | 2025-09-15 | A path handling issue was addressed with improved validation. This issue is fixed in Xcode 26. Processing an overly large path value may crash a process. |
| CVE-2025-43307 | 2025-09-15 | This issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed in macOS Tahoe 26. An app may be able to access sensitive user data. |
| CVE-2025-31254 | 2025-09-15 | This issue was addressed with improved URL validation. This issue is fixed in Safari 26, iOS 26 and iPadOS 26. Processing maliciously crafted web content may lead to unexpected URL... |
| CVE-2025-43346 | 2025-09-15 | An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in tvOS 26, watchOS 26, iOS 26 and iPadOS 26, visionOS 26, iOS 18.7 and iPadOS... |
| CVE-2025-43203 | 2025-09-15 | The issue was addressed with improved handling of caches. This issue is fixed in iOS 26 and iPadOS 26, iOS 18.7 and iPadOS 18.7. An attacker with physical access to... |
| CVE-2025-43311 | 2025-09-15 | This issue was addressed with additional entitlement checks. This issue is fixed in macOS Sonoma 14.8, macOS Sequoia 15.7. An app may be able to access protected user data. |
| CVE-2025-43297 | 2025-09-15 | A type confusion issue was addressed with improved memory handling. This issue is fixed in macOS Tahoe 26. An app may be able to cause a denial-of-service. |
| CVE-2025-30468 | 2025-09-15 | This issue was addressed through improved state management. This issue is fixed in iOS 26 and iPadOS 26. Private Browsing tabs may be accessed without authentication. |
| CVE-2025-43279 | 2025-09-15 | A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Tahoe 26. An app may be able to access user-sensitive data. |
| CVE-2025-43310 | 2025-09-15 | A configuration issue was addressed with additional restrictions. This issue is fixed in macOS Sonoma 14.8, macOS Sequoia 15.7. An app may be able to trick a user into copying... |
| CVE-2025-43347 | 2025-09-15 | This issue was addressed by removing the vulnerable code. This issue is fixed in visionOS 26, tvOS 26, iOS 26 and iPadOS 26, watchOS 26. An input validation issue was... |
| CVE-2025-31255 | 2025-09-15 | An authorization issue was addressed with improved state management. This issue is fixed in tvOS 26, watchOS 26, macOS Sonoma 14.8, iOS 26 and iPadOS 26, macOS Sequoia 15.7. An... |
| CVE-2025-43371 | 2025-09-15 | This issue was addressed with improved checks. This issue is fixed in Xcode 26. An app may be able to break out of its sandbox. |
| CVE-2025-43263 | 2025-09-15 | The issue was addressed with improved checks. This issue is fixed in Xcode 26. An app may be able to read and write files outside of its sandbox. |
| CVE-2025-43326 | 2025-09-15 | An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Sonoma 14.8, macOS Sequoia 15.7. An app may be able to access sensitive user data. |
| CVE-2025-43330 | 2025-09-15 | This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.7. An app may be able to break out of its sandbox. |
| CVE-2025-43367 | 2025-09-15 | A privacy issue was addressed by moving sensitive data. This issue is fixed in macOS Sonoma 14.8. An app may be able to access protected user data. |
| CVE-2025-43301 | 2025-09-15 | A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Sonoma 14.8, macOS Sequoia 15.7. An app may be able to... |
| CVE-2025-43356 | 2025-09-15 | The issue was addressed with improved handling of caches. This issue is fixed in Safari 26, tvOS 26, watchOS 26, iOS 26 and iPadOS 26, visionOS 26, iOS 18.7 and... |
| CVE-2025-43340 | 2025-09-15 | A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Tahoe 26. An app may be able to break out of its sandbox. |
| CVE-2025-43317 | 2025-09-15 | A permissions issue was addressed with additional restrictions. This issue is fixed in visionOS 26, tvOS 26, iOS 26 and iPadOS 26, watchOS 26. An app may be able to... |
| CVE-2025-24197 | 2025-09-15 | A logic issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.8, macOS Sequoia 15.7. An app may be able to access sensitive user data. |
| CVE-2025-43291 | 2025-09-15 | A permissions issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sonoma 14.8, macOS Sequoia 15.7. An app may be able to modify protected parts... |
| CVE-2025-31268 | 2025-09-15 | A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sonoma 14.8, macOS Sequoia 15.7. An app may be able to access protected user data. |
| CVE-2025-43287 | 2025-09-15 | The issue was addressed with improved memory handling. This issue is fixed in macOS Tahoe 26. Processing a maliciously crafted image may corrupt process memory. |
| CVE-2025-43272 | 2025-09-15 | The issue was addressed with improved memory handling. This issue is fixed in visionOS 26, Safari 26, iOS 26 and iPadOS 26, watchOS 26. Processing maliciously crafted web content may... |
| CVE-2025-43337 | 2025-09-15 | An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Sequoia 15.7.2. An app may be able to access sensitive user data. |
| CVE-2025-43321 | 2025-09-15 | The issue was resolved by blocking unsigned services from launching on Intel Macs. This issue is fixed in macOS Sonoma 14.8, macOS Sequoia 15.7. An app may be able to... |
| CVE-2025-24088 | 2025-09-15 | The issue was addressed by adding additional logic. This issue is fixed in macOS Tahoe 26. An app may be able to override MDM-enforced settings from profiles. |
| CVE-2025-43208 | 2025-09-15 | A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Tahoe 26. An app may be able to read sensitive location information. |
| CVE-2025-43286 | 2025-09-15 | A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sonoma 14.8, macOS Sequoia 15.7. An app may be able to break out of its sandbox. |
| CVE-2025-31269 | 2025-09-15 | A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sonoma 14.8. An app may be able to access protected user data. |
| CVE-2025-43316 | 2025-09-15 | A permissions issue was addressed with additional restrictions. This issue is fixed in visionOS 26. A malicious app may be able to gain root privileges. |
| CVE-2025-43341 | 2025-09-15 | A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sonoma 14.8. An app may be able to gain root privileges. |
| CVE-2025-43204 | 2025-09-15 | This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Tahoe 26. An app may be able to break out of its sandbox. |
| CVE-2025-43357 | 2025-09-15 | This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 26 and iPadOS 26. An app may be able to fingerprint the user. |
| CVE-2025-43285 | 2025-09-15 | A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sonoma 14.8, macOS Sequoia 15.7. An app may be able to access protected user data. |
| CVE-2025-43293 | 2025-09-15 | The issue was addressed with improved input validation. This issue is fixed in macOS Sonoma 14.8, macOS Sequoia 15.7. An app may be able to access sensitive user data. |
| CVE-2025-43315 | 2025-09-15 | This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sonoma 14.8, macOS Sequoia 15.7. An app may be able to access user-sensitive data. |
| CVE-2025-43207 | 2025-09-15 | This issue was addressed with improved entitlements. This issue is fixed in macOS Tahoe 26. An app may be able to access user-sensitive data. |
| CVE-2025-43342 | 2025-09-15 | A correctness issue was addressed with improved checks. This issue is fixed in Safari 26, tvOS 26, watchOS 26, iOS 26 and iPadOS 26, visionOS 26, iOS 18.7 and iPadOS... |
| CVE-2025-43354 | 2025-09-15 | A logging issue was addressed with improved data redaction. This issue is fixed in visionOS 26, tvOS 26, iOS 26 and iPadOS 26, watchOS 26. An app may be able... |