NVD Vulnerabilities

Severity Distribution

Publication Trend

Vulnerability Database

CVE ID	Description	Published	Base Score	Attack Vector	Severity	Actions
CVE-2025-4166	Vault Community and Vault Enterprise Key/Value (kv) Version 2 plugin may unintentionally expose sensitive information in server and audit logs when us...	2025-05-02	4.5	NETWORK	MEDIUM	NVD
CVE-2025-44877	Tenda AC9 V15.03.06.42_multi was found to contain a command injection vulnerability in the formSetSambaConf function via the usbname parameter. This v...	2025-05-02	N/A	None	None	NVD
CVE-2025-44872	Tenda AC9 V15.03.06.42_multi was found to contain a command injection vulnerability in the formsetUsbUnload function via the deviceName parameter. Thi...	2025-05-02	N/A	None	None	NVD
CVE-2025-44868	Wavlink WL-WN530H4 20220801 was found to contain a command injection vulnerability in the ping_test function of the adm.cgi via the pingIp parameter. ...	2025-05-02	N/A	None	None	NVD
CVE-2025-3927	Digigram's PYKO-OUT audio-over-IP (AoIP) web-server does not require a password by default, allowing any attacker with the target IP address to connec...	2025-05-02	N/A	None	None	NVD
CVE-2025-37798	In the Linux kernel, the following vulnerability has been resolved: codel: remove sch->q.qlen check before qdisc_tree_reduce_backlog() After making ...	2025-05-02	N/A	None	None	NVD
CVE-2025-37797	In the Linux kernel, the following vulnerability has been resolved: net_sched: hfsc: Fix a UAF vulnerability in class handling This patch fixes a Us...	2025-05-02	N/A	None	None	NVD
CVE-2025-1884	Use-After-Free vulnerability exists in the SLDPRT file reading procedure in SOLIDWORKS eDrawings on Release SOLIDWORKS Desktop 2025. This vulnerabilit...	2025-05-02	7.8	LOCAL	HIGH	NVD
CVE-2025-1883	Out-Of-Bounds Write vulnerability exists in the OBJ file reading procedure in SOLIDWORKS eDrawings on Release SOLIDWORKS Desktop 2025. This vulnerabil...	2025-05-02	7.8	LOCAL	HIGH	NVD
CVE-2025-4204	The Ultimate Auction Pro plugin for WordPress is vulnerable to SQL Injection via the ‘auction_id’ parameter in all versions up to, and including, 1.5....	2025-05-02	7.5	NETWORK	HIGH	NVD
CVE-2025-2605	Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Honeywell MB-Secure allows Privilege Abuse...	2025-05-02	9.9	NETWORK	CRITICAL	NVD
CVE-2025-2488	Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Profelis Informatics SambaBox allows Cros...	2025-05-02	4.0	LOCAL	MEDIUM	NVD
CVE-2025-2421	Improper Control of Generation of Code ('Code Injection') vulnerability in Profelis Informatics SambaBox allows Code Injection.This issue affects Samb...	2025-05-02	8.2	LOCAL	HIGH	NVD
CVE-2025-1301	Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Yordam Informatics Library Automation Sys...	2025-05-02	7.4	NETWORK	HIGH	NVD
CVE-2025-0427	Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driv...	2025-05-02	N/A	None	None	NVD

Loading vulnerability details...

Description

EPSS Score

N/A

Exploit Prediction Scoring System

Dates

Published:

Last Modified:

CVSS v3.1 metrics not available for this vulnerability.

CVSS v4.0 metrics not available for this vulnerability.

CVSS v2.0 metrics not available for this vulnerability.

Weakness Information (CWE)

No CWE information available for this vulnerability.

Affected Products

No affected product information available for this vulnerability.

References

No references available for this vulnerability.