NVD Vulnerabilities

Severity Distribution

Publication Trend

Vulnerability Database

CVE ID	Description	Published	Base Score	Attack Vector	Severity	Actions
CVE-2025-66430	Plesk 18.0 has Incorrect Access Control.	2025-12-12	9.1	NETWORK	CRITICAL	NVD
CVE-2025-65854	Insecure permissions in the scheduled tasks feature of MineAdmin v3.x allows attackers to execute arbitrary commands and execute a full account takeov...	2025-12-12	9.8	NETWORK	CRITICAL	NVD
CVE-2025-65530	An eval injection in the malware de-obfuscation routines of CloudLinux ai-bolit before v32.7.4 allows attackers to overwrite arbitrary files as root v...	2025-12-12	8.8	NETWORK	HIGH	NVD
CVE-2025-53960	When encrypting sensitive data, weak encryption keys that are fixed or directly generated based on user passwords are used. Attackers can obtain these...	2025-12-12	5.9	NETWORK	MEDIUM	NVD
CVE-2025-14567	A weakness has been identified in haxxorsid Stock-Management-System up to fbbbf213e9c93b87183a3891f77e3cc7095f22b0. This affects an unknown function o...	2025-12-12	5.3	NETWORK	MEDIUM	NVD
CVE-2025-14566	A security flaw has been discovered in kidaze CourseSelectionSystem up to 42cd892b40a18d50bd4ed1905fa89f939173a464. The impacted element is an unknown...	2025-12-12	7.3	NETWORK	HIGH	NVD
CVE-2025-14565	A vulnerability was identified in kidaze CourseSelectionSystem up to 42cd892b40a18d50bd4ed1905fa89f939173a464. The affected element is an unknown func...	2025-12-12	7.3	NETWORK	HIGH	NVD
CVE-2025-13733	BuhoNTFS contains an insecure XPC service that allows local, unprivileged users to escalate their privileges to root via insecure functions.This issue...	2025-12-12	8.4	LOCAL	HIGH	NVD
CVE-2025-12843	Code Injection using Electron Fuses in waveterm on MacOS allows TCC Bypass. This issue affects waveterm: 0.12.2.	2025-12-12	6.9	LOCAL	MEDIUM	NVD
CVE-2025-58770	APTIOV contains a vulnerability in BIOS where a user may cause “Improper Handling of Insufficient Permissions or Privileges” by local access. Successf...	2025-12-12	7.2	LOCAL	HIGH	NVD
CVE-2025-54981	Weak Encryption Algorithm in StreamPark, The use of an AES cipher in ECB mode and a weak random number generator for encrypting sensitive data, includ...	2025-12-12	7.5	NETWORK	HIGH	NVD
CVE-2025-54947	In Apache StreamPark versions 2.0.0 through 2.1.7, a security vulnerability involving a hard-coded encryption key exists. This vulnerability occurs be...	2025-12-12	5.3	NETWORK	MEDIUM	NVD
CVE-2025-36755	The CleverDisplay BlueOne hardware player is designed with its USB interfaces physically enclosed and inaccessible under normal operating conditions. ...	2025-12-12	2.4	PHYSICAL	LOW	NVD
CVE-2025-36746	SolarEdge monitoring platform contains a Cross‑Site Scripting (XSS) flaw that allows an authenticated user to inject payloads into report names, which...	2025-12-12	4.8	NETWORK	MEDIUM	NVD
CVE-2025-36745	SolarEdge SE3680H ships with an outdated Linux kernel containing unpatched vulnerabilities in core subsystems. An attacker with network or local acce...	2025-12-12	8.6	PHYSICAL	HIGH	NVD

Loading vulnerability details...

Description

EPSS Score

N/A

Exploit Prediction Scoring System

Dates

Published:

Last Modified:

CVSS v3.1 metrics not available for this vulnerability.

CVSS v4.0 metrics not available for this vulnerability.

CVSS v2.0 metrics not available for this vulnerability.

Weakness Information (CWE)

No CWE information available for this vulnerability.

Affected Products

No affected product information available for this vulnerability.

References

No references available for this vulnerability.