NVD Vulnerabilities

Severity Distribution

Publication Trend

Vulnerability Database

CVE ID	Description	Published	Base Score	Attack Vector	Severity	Actions
CVE-2025-65548	NUT-14 allows cashu tokens to be created with a preimage hash. However, nutshell (cashubtc/nuts) before 0.18.0 do not validate the size of preimage wh...	2025-12-08	9.1	NETWORK	CRITICAL	NVD
CVE-2025-65271	Client-side template injection (CSTI) in Azuriom CMS admin dashboard allows a low-privilege user to execute arbitrary template code in the context of ...	2025-12-08	8.8	NETWORK	HIGH	NVD
CVE-2025-65231	Barix Instreamer v04.06 and earlier is vulnerable to Cross Site Scripting (XSS) in the Web UI I/O & Serial configuration page, specifically the CTS cl...	2025-12-08	6.1	NETWORK	MEDIUM	NVD
CVE-2025-14261	The Litmus platform uses JWT for authentication and authorization, but the secret being used for signing the JWT is only 6 bytes long at its core, whi...	2025-12-08	7.1	NETWORK	HIGH	NVD
CVE-2025-65804	Tenda AX3 v16.03.12.11 contains a stack overflow in formSetIptv via the iptvType parameter, which can cause memory corruption and enable remote code e...	2025-12-08	6.5	ADJACENT_NETWORK	MEDIUM	NVD
CVE-2025-64081	SQL injection vulnerability in /php/api_patient_schedule.php in SourceCodester Patients Waiting Area Queue Management System v1 allows attackers to ex...	2025-12-08	9.8	NETWORK	CRITICAL	NVD
CVE-2025-48625	In multiple locations of UsbDataAdvancedProtectionHook.java, there is a possible way to access USB data when the screen is off due to a race condition...	2025-12-08	7.0	LOCAL	HIGH	NVD
CVE-2025-48608	In isValidMediaUri of SettingsProvider.java, there is a possible cross user media read due to a missing permission check. This could lead to local inf...	2025-12-08	5.5	LOCAL	MEDIUM	NVD
CVE-2025-48606	In preparePackage of InstallPackageHelper.java, there is a possible way for an app to appear hidden upon installation without a mechanism to uninstall...	2025-12-08	7.8	LOCAL	HIGH	NVD
CVE-2025-48569	In multiple locations, there is a possible permanent denial of service due to resource exhaustion. This could lead to local denial of service with no ...	2025-12-08	5.5	LOCAL	MEDIUM	NVD
CVE-2025-14259	A vulnerability was found in Jihai Jshop MiniProgram Mall System 2.9.0. Affected by this issue is some unknown functionality of the file /index.php/ap...	2025-12-08	6.3	NETWORK	MEDIUM	NVD
CVE-2025-14258	A vulnerability has been found in itsourcecode Student Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /...	2025-12-08	7.3	NETWORK	HIGH	NVD
CVE-2025-65799	A lack of file name validation or verification in the Attachment service of usememos memos v0.25.2 allows attackers to execute a path traversal.	2025-12-08	4.3	NETWORK	MEDIUM	NVD
CVE-2025-65797	Incorrect access control in the Identity Provider service of usememos memos v0.25.2 allows attackers with low-level privileges to arbitrarily modify o...	2025-12-08	6.5	NETWORK	MEDIUM	NVD
CVE-2025-65795	Incorrect access control in the /api/v1/user endpoint of usememos memos v0.25.2 allows unauthorized attackers to create arbitrary accounts via a craft...	2025-12-08	7.5	NETWORK	HIGH	NVD

Loading vulnerability details...

Description

EPSS Score

N/A

Exploit Prediction Scoring System

Dates

Published:

Last Modified:

CVSS v3.1 metrics not available for this vulnerability.

CVSS v4.0 metrics not available for this vulnerability.

CVSS v2.0 metrics not available for this vulnerability.

Weakness Information (CWE)

No CWE information available for this vulnerability.

Affected Products

No affected product information available for this vulnerability.

References

No references available for this vulnerability.