Lista CVE 2025/3xxx

CVE nel gruppo: 3xxx

CVE-2025-3022 (N/A)

CVE-2025-3026 (OS Command Injection vulnerability in e-management of e-solutions)

CVE-2025-3027 (Improper Neutralization of Special Elements vulnerability in EJBCA)

CVE-2025-3028 (Open Redirect vulnerability in EJBCA)

CVE-2025-3029 (N/A)

CVE-2025-3030 (N/A)

CVE-2025-3031 (N/A)

CVE-2025-3032 (N/A)

CVE-2025-3033 (N/A)

CVE-2025-3034 (N/A)

CVE-2025-3035 (N/A)

CVE-2025-3036 (N/A)

CVE-2025-3037 (yzk2356911358 StudentServlet-JSP Student Management cross site scripting)

CVE-2025-3038 (yzk2356911358 StudentServlet-JSP cross-site request forgery)

CVE-2025-3039 (code-projects Payroll Management System view_account.php sql injection)

CVE-2025-3040 (code-projects Payroll Management System add_employee.php sql injection)

CVE-2025-3041 (Project Worlds Online Time Table Generator add_student.php unrestricted upload)

CVE-2025-3042 (Project Worlds Online Time Table Generator updatestudent.php unrestricted upload)

CVE-2025-3043 (Project Worlds Online Time Table Generator updateprofile.php unrestricted upload)

CVE-2025-3045 (GuoMinJim PersonManage login preHandle path traversal)

CVE-2025-3047 (oretnom23/SourceCodester Apartment Visitor Management System remove-apartment.php sql injection)

CVE-2025-3048 (Path Traversal in AWS SAM CLI allows file copy to build container)

CVE-2025-3051 (Path Traversal in AWS SAM CLI allows file copy to local cache)

CVE-2025-3057 (Linux::Statm::Tiny for Perl allows untrusted code to be included from the current working directory)

CVE-2025-3059 (Drupal core – Critical – Cross site scripting – SA-CORE-2025-001)

CVE-2025-3060 (Profile Private – Critical – Unsupported – SA-CONTRIB-2025-002)

CVE-2025-3061 (Flattern – Multipurpose Bootstrap Business Profile – Critical – Unsupported – SA-CONTRIB-2025-005)

CVE-2025-3062 (Material Admin – Critical – Unsupported – SA-CONTRIB-2025-006)

CVE-2025-3082 (Drupal Admin LTE theme – Critical – Unsupported – SA-CONTRIB-2025-010)

CVE-2025-3083 (User may override a view’s collation and gain unauthorized access to underlying data)

CVE-2025-3084 (Malformed MongoDB wire protocol messages may cause mongos to crash)

CVE-2025-3085 (MongoDB Server may crash due to improper validation of explain command)