NVD Vulnerabilities

Severity Distribution

Publication Trend

Vulnerability Database

CVE ID	Description	Published	Base Score	Attack Vector	Severity	Actions
CVE-2024-12706	Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in OpenText™ Digital Asset Management. T he vulner...	2025-04-28	2.1	LOCAL	LOW	NVD
CVE-2025-4029	A vulnerability was found in code-projects Personal Diary Management System 1.0 and classified as critical. Affected by this issue is the function add...	2025-04-28	5.3	LOCAL	MEDIUM	NVD
CVE-2025-4028	A vulnerability has been found in PHPGurukul COVID19 Testing Management System 1.0 and classified as critical. Affected by this vulnerability is an un...	2025-04-28	7.3	NETWORK	HIGH	NVD
CVE-2024-32499	Newforma Project Center Server through 2023.3.0.32259 allows remote code execution because .NET Remoting is exposed.	2025-04-28	4.9	NETWORK	MEDIUM	NVD
CVE-2023-42404	OneVision Workspace before WS23.1 SR1 (build w31.040) allows arbitrary Java EL execution.	2025-04-28	4.9	NETWORK	MEDIUM	NVD
CVE-2025-4027	A vulnerability, which was classified as critical, was found in PHPGurukul Old Age Home Management System 1.0. Affected is an unknown function of the ...	2025-04-28	7.3	NETWORK	HIGH	NVD
CVE-2025-4026	A vulnerability, which was classified as critical, has been found in PHPGurukul Nipah Virus Testing Management System 1.0. This issue affects some unk...	2025-04-28	7.3	NETWORK	HIGH	NVD
CVE-2025-46614	In Snowflake ODBC Driver before 3.7.0, in certain code paths, the Driver logged the whole SQL query at the INFO level, aka Insertion of Sensitive Info...	2025-04-28	3.3	LOCAL	LOW	NVD
CVE-2025-43857	Net::IMAP implements Internet Message Access Protocol (IMAP) client functionality in Ruby. Prior to versions 0.5.7, 0.4.20, 0.3.9, and 0.2.5, there is...	2025-04-28	6.0	NETWORK	MEDIUM	NVD
CVE-2025-43854	DIFY is an open-source LLM app development platform. Prior to version 1.3.0, a clickjacking vulnerability was found in the default setup of the DIFY a...	2025-04-28	2.3	NETWORK	LOW	NVD
CVE-2023-35817	DevExpress before 23.1.3 allows AsyncDownloader SSRF.	2025-04-28	5.0	NETWORK	MEDIUM	NVD
CVE-2023-35816	DevExpress before 23.1.3 allows arbitrary TypeConverter conversion.	2025-04-28	3.5	NETWORK	LOW	NVD
CVE-2023-35815	DevExpress before 23.1.3 has a data-source protection mechanism bypass during deserialization on XML data.	2025-04-28	3.5	NETWORK	LOW	NVD
CVE-2023-35814	DevExpress before 23.1.3 does not properly protect XtraReport serialized data in ASP.NET web forms.	2025-04-28	3.5	NETWORK	LOW	NVD
CVE-2022-41871	SEPPmail through 12.1.17 allows command injection within the Admin Portal. An authenticated attacker is able to execute arbitrary code in the context ...	2025-04-28	6.0	NETWORK	MEDIUM	NVD

Loading vulnerability details...

Description

EPSS Score

N/A

Exploit Prediction Scoring System

Dates

Published:

Last Modified:

CVSS v3.1 metrics not available for this vulnerability.

CVSS v4.0 metrics not available for this vulnerability.

CVSS v2.0 metrics not available for this vulnerability.

Weakness Information (CWE)

No CWE information available for this vulnerability.

Affected Products

No affected product information available for this vulnerability.

References

No references available for this vulnerability.