Lista CVE - 2025 / Settembre
Visualizzazione 4001 - 4100 di 4322 CVE per Settembre 2025 (Pagina 41 di 44)
| ID CVE | Data | Titolo |
|---|---|---|
| CVE-2025-11039 | 2025-09-26 | Campcodes Computer Sales and Inventory System us_edit1.php sql injection |
| CVE-2025-11040 | 2025-09-26 | code-projects Hostel Management System index.php sql injection |
| CVE-2025-11041 | 2025-09-26 | itsourcecode Open Source Job Portal index.php sql injection |
| CVE-2025-11045 | 2025-09-26 | WAYOS LQ_04/LQ_05/LQ_06/LQ_07/LQ_09 usb_paswd.asp command injection |
| CVE-2025-11046 | 2025-09-26 | Tencent WeKnora test testEmbeddingModel server-side request forgery |
| CVE-2025-10657 | 2025-09-26 | Docker Desktop with ECI Fails to Enforce Socket Command Restrictions |
| CVE-2025-11047 | 2025-09-26 | Portabilis i-Educar aluno improper authorization |
| CVE-2025-11048 | 2025-09-26 | Portabilis i-Educar consulta-dispensas improper authorization |
| CVE-2025-59845 | 2025-09-26 | Apollo Embedded Sandbox and Explorer vulnerable to CSRF via window.postMessage origin-validation bypass |
| CVE-2025-59934 | 2025-09-26 | Formbricks missing JWT signature verification |
| CVE-2025-36144 | 2025-09-27 | IBM watsonx.data information disclosure |
| CVE-2025-59936 | 2025-09-27 | get-jwks poisoned JWKS cache allows post-fetch issuer validation bypass |
| CVE-2025-59938 | 2025-09-27 | Heap buffer overflow in wazuh-analysisd |
| CVE-2025-59939 | 2025-09-27 | WeGIA vulnerable to SQL Injection into method `excluir` of the `ProdutoControle` class in the parameter `id_produto`. |
| CVE-2025-59932 | 2025-09-27 | FlagForgeCTF Unauthenticated Resource Modification/Deletion |
| CVE-2025-59945 | 2025-09-27 | SysReptor Susceptible to Privilege Escalation by Authenticated Users |
| CVE-2024-43192 | 2025-09-27 | IBM Storage TS4500 Library cross-site request forgery |
| CVE-2025-36239 | 2025-09-27 | IBM Storage TS4500 Library cross-site scripting |
| CVE-2025-8440 | 2025-09-27 | Team Members <= 5.3.5 - Authenticated (Contributor+) Stored Cross-Site Scripting |
| CVE-2025-10499 | 2025-09-27 | Ninja Forms – The Contact Form Builder That Grows With You <= 3.12.0 - Cross-Site Request Forgery to Plugin Settings Update |
| CVE-2025-10498 | 2025-09-27 | Ninja Forms – The Contact Form Builder That Grows With You <= 3.12.0 - Cross-Site Request Forgery to Limited File Deletion |
| CVE-2025-11049 | 2025-09-27 | Portabilis i-Educar unificacao-aluno improper authorization |
| CVE-2025-9816 | 2025-09-27 | WP Statistics <= 14.5.4 - Unauthenticated Stored Cross-Site Scripting via User-Agent Header |
| CVE-2025-11050 | 2025-09-27 | Portabilis i-Educar periodo-lancamento improper authorization |
| CVE-2025-10954 | 2025-09-27 | Versions of the package github.com/nyaruka/phonenumbers before 1.2.2 are vulnerable to Improper Validation of Syntactic Correctness of Input in the phonenumbers.Parse() function. An attacker can cause a panic by providing crafted... |
| CVE-2025-3193 | 2025-09-27 | Versions of the package algoliasearch-helper from 2.0.0-rc1 and before 3.11.2 are vulnerable to Prototype Pollution in the _merge() function in merge.js, which allows constructor.prototype to be written even though doing... |
| CVE-2025-11051 | 2025-09-27 | SourceCodester Pet Grooming Management Software cross-site request forgery |
| CVE-2025-9896 | 2025-09-27 | HidePost <= 2.3.8 - Cross-Site Request Forgery |
| CVE-2025-9894 | 2025-09-27 | Sync Feedly <= 1.0.1 - Cross-Site Request Forgery to Sync Trigger |
| CVE-2025-9899 | 2025-09-27 | Trust Reviews plugin for Google, Tripadvisor, Yelp, Airbnb and other platforms <= 1.0 - Cross-Site Request Forgery |
| CVE-2025-9898 | 2025-09-27 | cForms – Light speed fast Form Builder <= 3.0.0 - Cross-Site Request Forgery |
| CVE-2025-9944 | 2025-09-27 | Professional Contact Form <= 1.0.0 - Cross-Site Request Forgery to Test Email Sending |
| CVE-2025-9893 | 2025-09-27 | VM Menu Reorder plugin <= 1.0.0 - Cross-Site Request Forgery to Settings Update |
| CVE-2025-11052 | 2025-09-27 | kidaze CourseSelectionSystem COUNT3s5.php sql injection |
| CVE-2025-11053 | 2025-09-27 | PHPGurukul Small CRM forgot-password.php sql injection |
| CVE-2025-11054 | 2025-09-27 | itsourcecode Open Source Job Portal index.php sql injection |
| CVE-2025-11055 | 2025-09-27 | SourceCodester Online Hotel Reservation System updateaddress.php sql injection |
| CVE-2025-11056 | 2025-09-27 | ProjectsAndPrograms School Management System select-students.php sql injection |
| CVE-2025-11057 | 2025-09-27 | SourceCodester Pet Grooming Management Software print_inv.php sql injection |
| CVE-2025-11061 | 2025-09-27 | Campcodes Online Learning Management System edit_student.php sql injection |
| CVE-2025-11062 | 2025-09-27 | Campcodes Online Learning Management System save_student.php sql injection |
| CVE-2025-11063 | 2025-09-27 | Campcodes Online Learning Management System edit_department.php sql injection |
| CVE-2025-11064 | 2025-09-27 | Campcodes Online Learning Management System teachers.php sql injection |
| CVE-2025-11066 | 2025-09-27 | code-projects Online Bidding System bidlist.php sql injection |
| CVE-2025-11067 | 2025-09-27 | Projectworlds Visitor Management System Add Visitor myform.php cross site scripting |
| CVE-2025-11068 | 2025-09-27 | westboy CicadasCMS save cross site scripting |
| CVE-2025-11069 | 2025-09-27 | westboy CicadasCMS Add Department save cross site scripting |
| CVE-2025-8014 | 2025-09-27 | Allocation of Resources Without Limits or Throttling in GitLab |
| CVE-2025-7647 | 2025-09-27 | Insecure Temporary File Handling in run-llama/llama_index |
| CVE-2025-11070 | 2025-09-27 | Projectworlds Online Shopping System cart_add.php sql injection |
| CVE-2025-11071 | 2025-09-27 | SeaCMS Cron Task Management admin_cron.php sql injection |
| CVE-2025-11073 | 2025-09-27 | Keyfactor RG-EW5100BE HTTP POST Request cmd command injection |
| CVE-2025-11074 | 2025-09-27 | code-projects Project Monitoring System login.php sql injection |
| CVE-2025-11075 | 2025-09-27 | Campcodes Online Learning Management System de_activate.php sql injection |
| CVE-2025-11076 | 2025-09-27 | Campcodes Online Learning Management System edit_teacher.php sql injection |
| CVE-2025-11077 | 2025-09-27 | Campcodes Online Learning Management System add_content.php sql injection |
| CVE-2025-11078 | 2025-09-27 | itsourcecode Open Source Job Portal controller.php unrestricted upload |
| CVE-2025-11079 | 2025-09-27 | Campcodes Farm Management System file information disclosure |
| CVE-2025-11080 | 2025-09-27 | zhuimengshaonian wisdom-education ExamInfoController.java selectStudentExamInfoList improper authorization |
| CVE-2025-11081 | 2025-09-27 | GNU Binutils objdump.c dump_dwarf_section out-of-bounds |
| CVE-2025-11082 | 2025-09-27 | GNU Binutils Linker elf-eh-frame.c _bfd_elf_parse_eh_frame heap-based overflow |
| CVE-2025-11083 | 2025-09-27 | GNU Binutils Linker elfcode.h elf_swap_shdr heap-based overflow |
| CVE-2025-11088 | 2025-09-27 | itsourcecode Open Source Job Portal index.php sql injection |
| CVE-2025-11089 | 2025-09-28 | kidaze CourseSelectionSystem COUNT3s4.php sql injection |
| CVE-2025-11090 | 2025-09-28 | itsourcecode Open Source Job Portal index.php sql injection |
| CVE-2025-11091 | 2025-09-28 | Tenda AC21 SetStaticRouteCfg sscanf buffer overflow |
| CVE-2025-11092 | 2025-09-28 | D-Link DIR-823X set_switch_settings sub_412E7C command injection |
| CVE-2025-11094 | 2025-09-28 | code-projects E-Commerce Website admin_product_details.php sql injection |
| CVE-2025-11095 | 2025-09-28 | D-Link DIR-823X delete_offline_device command injection |
| CVE-2025-11096 | 2025-09-28 | D-Link DIR-823X diag_traceroute command injection |
| CVE-2025-11097 | 2025-09-28 | D-Link DIR-823X set_device_name command injection |
| CVE-2025-11098 | 2025-09-28 | D-Link DIR-823X set_wifi_blacklists command injection |
| CVE-2025-11099 | 2025-09-28 | D-Link DIR-823X delete_prohibiting uci_del command injection |
| CVE-2025-11100 | 2025-09-28 | D-Link DIR-823X set_wifi_blacklists uci_set command injection |
| CVE-2025-11101 | 2025-09-28 | itsourcecode Open Source Job Portal index.php sql injection |
| CVE-2025-11102 | 2025-09-28 | Campcodes Online Learning Management System edit_content.php sql injection |
| CVE-2025-11103 | 2025-09-28 | Projectworlds Online Tours and Travels change-image.php unrestricted upload |
| CVE-2025-11104 | 2025-09-28 | CodeAstro Electricity Billing System bill.php sql injection |
| CVE-2025-11105 | 2025-09-28 | code-projects Simple Scheduling System addsubject.php sql injection |
| CVE-2025-11106 | 2025-09-28 | code-projects Simple Scheduling System addfaculty.php sql injection |
| CVE-2025-11107 | 2025-09-28 | code-projects Simple Scheduling System addcourse.php sql injection |
| CVE-2025-11108 | 2025-09-28 | code-projects Simple Scheduling System addroom.php sql injection |
| CVE-2025-11109 | 2025-09-28 | Campcodes Computer Sales and Inventory System us_edit.php sql injection |
| CVE-2025-11110 | 2025-09-28 | Campcodes Online Learning Management System school_year.php sql injection |
| CVE-2025-11111 | 2025-09-28 | Campcodes Advanced Online Voting Management System candidates_edit.php sql injection |
| CVE-2025-11112 | 2025-09-28 | PHPGurukul Employee Record Management System myprofile.php cross site scripting |
| CVE-2025-11113 | 2025-09-28 | CodeAstro Online Leave Application signup.php sql injection |
| CVE-2025-11114 | 2025-09-28 | CodeAstro Online Leave Application leaveAplicationForm.php sql injection |
| CVE-2025-11115 | 2025-09-28 | code-projects Simple Scheduling System addtime.php sql injection |
| CVE-2025-11116 | 2025-09-28 | code-projects Simple Scheduling System add.home.php sql injection |
| CVE-2025-11117 | 2025-09-28 | Tenda CH22 GstDhcpSetSer formWrlExtraGet buffer overflow |
| CVE-2025-11118 | 2025-09-28 | CodeAstro Student Grading System adminLogin.php sql injection |
| CVE-2025-11119 | 2025-09-28 | itsourcecode Hostel Management System POST Request index.php cross site scripting |
| CVE-2025-11120 | 2025-09-28 | Tenda AC8 SetServerConfig formSetServerConfig buffer overflow |
| CVE-2025-11121 | 2025-09-28 | Tenda AC18 AdvSetLanip command injection |
| CVE-2025-11122 | 2025-09-28 | Tenda AC18 WizardHandle stack-based overflow |
| CVE-2025-11123 | 2025-09-28 | Tenda AC18 saveAutoQos stack-based overflow |
| CVE-2025-11124 | 2025-09-28 | code-projects Project Monitoring System postjob.php cross site scripting |
| CVE-2025-11125 | 2025-09-28 | langleyfcu Online Banking System Error Message connection_error.php cross site scripting |
| CVE-2024-57412 | 2025-09-29 | An issue in SunOS Omnios v5.11 allows attackers to cause a Denial of Service (DoS) via repeatedly sending crafted TCP packets. |