CVE.report search for "CVE-2025-23501"
Listed below are 50 relevant search results for "CVE-2025-23501" based on Vendor, Software, and CVE description
These results are gathered from attempted matches with listed vendor and software data, as well as a keyword search in the description of all known CVEs.
If you notice a "Not Listed" in either the vendor or software columns, the underlying source record does not currently include normalized affected-product data.
Search Results
| CVE ID | Vendor | Software | Description |
|---|---|---|---|
| CVE-2026-40046 | Integer Overflow or Wraparound vulnerability in Apache ActiveMQ, Apache ActiveMQ All, Apache ActiveMQ MQTT. The fix for "CVE... | ||
| CVE-2026-40035 | Unfurl through 2025.08 contains an improper input validation vulnerability in config parsing that enables Flask debug mode by... | ||
| CVE-2026-39414 | MinIO is a high-performance object storage system. From RELEASE.2018-08-18T03-49-57Z to before RELEASE.2025-12-20T04-58-37Z, ... | ||
| CVE-2026-39337 | Churchcrm | Churchcrm | ChurchCRM is an open-source church management system. Prior to 7.1.0, critical pre-authentication remote code execution vulne... |
| CVE-2026-35177 | Vim is an open source, command line text editor. Prior to 9.2.0280, a path traversal bypass in Vim's zip.vim plugin allows ov... | ||
| CVE-2026-34477 | The fix for CVE-2025-68161 https://logging.apache.org/security.html#CVE-2025-68161 was incomplete: it addressed hostname ve... | ||
| CVE-2026-33693 | Lemmy is a link aggregator and forum for the fediverse. Prior to version 0.7.0-beta.9, the `v4_is_invalid()` function in `act... | ||
| CVE-2026-33045 | Home-assistant | Home-assistant | Home Assistant is open source home automation software that puts local control and privacy first. Starting in version 2025.02... |
| CVE-2026-32990 | Improper Input Validation vulnerability in Apache Tomcat due to an incomplete fix of CVE-2025-66614. This issue affects Apac... | ||
| CVE-2026-26477 | Dokuwiki | Dokuwiki | An issue in Dokuwiki v.2025-05-14b "Librarian" [56.2] allows a remote attacker to cause a denial of service via the media_upl... |
| CVE-2026-23198 | Linux | Linux Kernel | In the Linux kernel, the following vulnerability has been resolved: KVM: Don't clobber irqfd routing type when deassigning i... |
| CVE-2026-21618 | Hex | Hexpm | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in hexpm hexpm/hexp... |
| CVE-2026-5709 | Amazon | Research And Engineering Studio | Unsanitized input in the FileBrowser API in AWS Research and Engineering Studio (RES) version 2024.10 through 2025.12.01 migh... |
| CVE-2026-5707 | Amazon | Research And Engineering Studio | Unsanitized input in an OS command in the virtual desktop session name handling in AWS Research and Engineering Studio (RES)�... |
| CVE-2026-5600 | A new API endpoint introduced in pretix 2025 that is supposed to return all check-in events of a specific event in fact retu... | ||
| CVE-2026-5082 | Amon2::Plugin::Web::CSRFDefender versions from 7.00 through 7.03 for Perl generate an insecure session id. The generate_sess... | ||
| CVE-2026-5031 | A vulnerability was found in BichitroGan ISP Billing Software 2025.3.20. Impacted is an unknown function of the file /?_route... | ||
| CVE-2026-4989 | Devolutions | Devolutions Server | Improper input validation in the gateway health check feature in Devolutions Server allows a low-privileged authenticated use... |
| CVE-2026-4965 | A vulnerability was detected in letta-ai letta 0.16.4. This issue affects the function resolve_type of the file letta/functio... | ||
| CVE-2026-4963 | A weakness has been identified in huggingface smolagents 1.25.0.dev0. This affects the function evaluate_augassign/evaluate_c... | ||
| CVE-2026-4761 | Codra | Panorama Collaborative Operation Execution | When a certificate and its private key are installed in the Windows machine certificate store using Network and Security tool... |
| CVE-2026-4396 | Devolutions | Hub Reporting Service | Improper certificate validation in Devolutions Hub Reporting Service 2025.3.1.1 and earlier allows a network attacker to per... |
| CVE-2026-4315 | A Cross-Site Request Forgery (CSRF) vulnerability in the WatchGuard Fireware OS WebUI could allow a remote attacker to trigge... | ||
| CVE-2026-4266 | An Insecure Deserialization vulnerability in WatchGuard Fireware OS allows an attacker that has obtained write access to the ... | ||
| CVE-2026-3987 | A path traversal vulnerability in the Fireware OS Web UI on WatchGuard Firebox systems may allow a privileged authenticated r... | ||
| CVE-2026-3638 | Devolutions | Devolutions Server | Improper access control in user and role restore API endpoints in Devolutions Server 2025.3.11.0 and earlier allows a low-pri... |
| CVE-2026-3112 | Mattermost | Mattermost Server | Mattermost versions 11.4.x <= 11.4.0, 11.3.x <= 11.3.1, 11.2.x <= 11.2.3, 10.11.x <= 10.11.11 fail to validate Advanced Loggi... |
| CVE-2026-2950 | Lodash | Lodash | Impact: Lodash versions 4.17.23 and earlier are vulnerable to prototype pollution in the _.unset and _.omit functions. The f... |
| CVE-2025-52716 | Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Acat... | ||
| CVE-2025-43529 | Apple | Ipados | A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.2, iOS 18.7.3 and iPad... |
| CVE-2025-39598 | Path Traversal: '.../...//' vulnerability in Quý Lê 91 Administrator Z administrator-z allows Path Traversal.This issue aff... | ||
| CVE-2025-26959 | Missing Authorization vulnerability in Quý Lê 91 Administrator Z administrator-z allows Privilege Escalation.This issue aff... | ||
| CVE-2025-14854 | The WP-CRM System plugin for WordPress is vulnerable to unauthorized access due to missing capability checks on the wpcrm_get... | ||
| CVE-2025-12887 | The Post SMTP plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 3.6.1. This is... | ||
| CVE-2025-12877 | Themeatelier | Idonate | The IDonate – Blood Donation, Request And Donor Management System plugin for WordPress is vulnerable to unauthorized modifi... |
| CVE-2025-12181 | The ContentStudio plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the cst... | ||
| CVE-2025-11877 | The User Activity Log plugin is vulnerable to a limited options update in versions up to, and including, 2.2. The failed-logi... | ||
| CVE-2025-11522 | The Search & Go - Directory WordPress Theme theme for WordPress is vulnerable to Authentication Bypass via account takeover i... | ||
| CVE-2025-11497 | The Advanced Database Cleaner plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and inc... | ||
| CVE-2025-10850 | The Felan Framework plugin for WordPress is vulnerable to improper authentication in versions up to, and including, 1.1.4. Th... | ||
| CVE-2025-8898 | The Taxi Booking Manager for Woocommerce | E-cab plugin for WordPress is vulnerable to privilege escalation via account takeo... | ||
| CVE-2025-8620 | Givewp | Givewp | The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to Information Exposure in all ver... |
| CVE-2025-7369 | The WP Shortcodes Plugin — Shortcodes Ultimate plugin for WordPress is vulnerable to Cross-Site Request Forgery in all vers... | ||
| CVE-2025-7036 | The CleverReach® WP plugin for WordPress is vulnerable to time-based SQL Injection via the ‘title’ parameter in all vers... | ||
| CVE-2025-6079 | The School Management System for Wordpress plugin for WordPress is vulnerable to arbitrary file uploads due to missing file t... | ||
| CVE-2025-5746 | The Drag and Drop Multiple File Upload (Pro) - WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads due t... | ||
| CVE-2025-5394 | The Alone – Charity Multipurpose Non-profit WordPress Theme theme for WordPress is vulnerable to arbitrary file uploads due... | ||
| CVE-2025-5018 | The Hive Support plugin for WordPress is vulnerable to unauthorized access and modification of data due to a missing capabili... | ||
| CVE-2025-4797 | The Golo - City Travel Guide WordPress Theme theme for WordPress is vulnerable to privilege escalation via account takeover i... | ||
| CVE-2025-3809 | The Debug Log Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the auto-refresh debug log in all... | ||