Lista CVE 2025/0xxx

CVE nel gruppo: 0xxx

CVE-2025-0145 (N/A)

CVE-2025-0146 (Zoom Workplace Apps for Windows – Untrusted Search Path)

CVE-2025-0147 (Zoom Workplace app for macOS – Symlink Following)

CVE-2025-0148 (Zoom Workplace App for Linux – Type Confusion)

CVE-2025-0149 (Zoom Jenkins Marketplace plugin – Missing Password Field Masking)

CVE-2025-0150 (Zoom Apps – Insufficient Verification of Data Authenticity)

CVE-2025-0151 (Zoom Workplace Apps for iOS – Incorrect Behavior Order)

CVE-2025-0158 (Zoom Apps – Use After Free)

CVE-2025-0159 (IBM EntireX denial of service)

CVE-2025-0160 (IBM FlashSystem authentication bypass)

CVE-2025-0161 (IBM FlashSystem code execution)

CVE-2025-0162 (IBM Security Verify Access Appliance code injection)

CVE-2025-0167 (IBM Aspera Shares XML external entity injection)

CVE-2025-0168 (netrc and default credential leak)

CVE-2025-0169 (code-projects Job Recruitment _feedback_system.php sql injection)

CVE-2025-0170 (DWT – Directory & Listing WordPress Theme <=3.3.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode)

CVE-2025-0171 (DWT – Directory & Listing WordPress Theme <= 3.3.3 - Reflected Cross-Site Scripting)

CVE-2025-0172 (code-projects Chat System deleteuser.php sql injection)

CVE-2025-0173 (code-projects Chat System deleteroom.php sql injection)

CVE-2025-0174 (SourceCodester Online Eyewear Shop view_order.php sql injection)

CVE-2025-0175 (code-projects Point of Sales and Inventory Management System Parameter search_result2.php sql injection)

CVE-2025-0176 (code-projects Online Shop view.php cross site scripting)

CVE-2025-0177 (code-projects Point of Sales and Inventory Management System add_cart.php sql injection)

CVE-2025-0178 (Javo Core <= 3.0.0.080 - Unauthenticated Privilege Escalation in ajax_signup)

CVE-2025-0180 (WatchGaurd Firebox Host Header Injection Vulnerability)

CVE-2025-0181 (WP Foodbakery <= 4.7 - Unauthenticated Privilege Escalation in foodbakery_registration_validation)

CVE-2025-0182 (WP Foodbakery <= 4.7 - Authentication Bypass in foodbakery_parse_request)

CVE-2025-0183 (Denial of Service in danswer-ai/danswer)

CVE-2025-0184 (Stored XSS in binary-husky/gpt_academic)

CVE-2025-0185 (Server-Side Request Forgery (SSRF) in langgenius/dify)

CVE-2025-0187 (Pandas Query Injection in langgenius/dify)

CVE-2025-0188 (Denial of Service (DoS) by Sending Large Filename at File Upload Endpoint in gradio-app/gradio)

CVE-2025-0189 (SSRF in gaizhenbiao/chuanhuchatgpt)

CVE-2025-0190 (Denial of Service in aimhubio/aim)

CVE-2025-0191 (Denial of Service in aimhubio/aim)

CVE-2025-0192 (Denial of Service in gaizhenbiao/chuanhuchatgpt)

CVE-2025-0193 (Stored Cross-site Scripting (XSS) in wandb/openui)

CVE-2025-0194 (Stored Cross-site Scripting (XSS) Vulnerability in the MGate 5121/5122/5123 Series)

CVE-2025-0195 (Insertion of Sensitive Information into Externally-Accessible File or Directory in GitLab)

CVE-2025-0196 (code-projects Point of Sales and Inventory Management System del_product.php sql injection)

CVE-2025-0197 (code-projects Point of Sales and Inventory Management System plist.php sql injection)

CVE-2025-0198 (code-projects Point of Sales and Inventory Management System search.php sql injection)

CVE-2025-0199 (code-projects Point of Sales and Inventory Management System search_result.php sql injection)

CVE-2025-0200 (code-projects Point of Sales and Inventory Management System minus_cart.php sql injection)

CVE-2025-0201 (code-projects Point of Sales and Inventory Management System search_num.php sql injection)

CVE-2025-0202 (code-projects Point of Sales and Inventory Management System update_account.php sql injection)

CVE-2025-0203 (TCS BaNCS REPORTS_SHOW_FILE.jsp file inclusion)

CVE-2025-0204 (code-projects Student Management System DbFunction.php showSubject1 sql injection)

CVE-2025-0205 (code-projects Online Shoe Store details.php sql injection)

CVE-2025-0206 (code-projects Online Shoe Store details2.php sql injection)

CVE-2025-0207 (code-projects Online Shoe Store index.php access control)

CVE-2025-0208 (code-projects Online Shoe Store login.php sql injection)

CVE-2025-0210 (code-projects Online Shoe Store summary.php sql injection)

CVE-2025-0211 (Campcodes School Faculty Scheduling System ajax.php sql injection)

CVE-2025-0212 (Campcodes School Faculty Scheduling System index.php file inclusion)

CVE-2025-0213 (Campcodes Student Grading System view_students.php sql injection)

CVE-2025-0214 (Campcodes Project Management System update_forms.php unrestricted upload)

CVE-2025-0215 (TMD Custom Header Menu index.php sql injection)

CVE-2025-0218 (UpdraftPlus – Backup/Restore <= 1.24.12 - Reflected Cross-Site Scripting)

CVE-2025-0219 (pgAgent scheduled batch job scripts are created in a predictable temporary directory potentially allowing a denial of service)