NVD Vulnerabilities

Severity Distribution

Publication Trend

Vulnerability Database

CVE ID	Description	Published	Base Score	Attack Vector	Severity	Actions
CVE-2025-1333	IBM MQ Container when used with the IBM MQ Operator LTS 2.0.0 through 2.0.29, MQ Operator CD 3.0.0, 3.0.1, 3.1.0 through 3.1.3, 3.3.0, 3.4.0, 3.4.1, 3...	2025-05-01	6.0	LOCAL	MEDIUM	NVD
CVE-2025-4175	A vulnerability, which was classified as critical, was found in AlanBinu007 Spring-Boot-Advanced-Projects up to 3.1.3. This affects the function uploa...	2025-05-01	6.3	NETWORK	MEDIUM	NVD
CVE-2024-48907	Sematell ReplyOne 7.4.3.0 allows SSRF via the application server API.	2025-05-01	7.5	NETWORK	HIGH	NVD
CVE-2024-48906	Sematell ReplyOne 7.4.3.0 allows XSS via a ReplyDesk e-mail attachment name.	2025-05-01	N/A	None	None	NVD
CVE-2024-48905	Sematell ReplyOne 7.4.3.0 has Insecure Permissions for the /rest/sessions endpoint.	2025-05-01	N/A	None	None	NVD
CVE-2025-46635	An issue was discovered on Tenda RX2 Pro 16.03.30.14 devices. Improper network isolation between the guest Wi-Fi network and other network interfaces ...	2025-05-01	7.1	NETWORK	HIGH	NVD
CVE-2025-46634	Cleartext transmission of sensitive information in the web management portal of the Tenda RX2 Pro 16.03.30.14 may allow an unauthenticated attacker to...	2025-05-01	8.2	NETWORK	HIGH	NVD
CVE-2025-46633	Cleartext transmission of sensitive information in the web management portal of the Tenda RX2 Pro 16.03.30.14 allows an attacker to decrypt traffic be...	2025-05-01	8.2	NETWORK	HIGH	NVD
CVE-2025-46632	Initialization vector (IV) reuse in the web management portal of the Tenda RX2 Pro 16.03.30.14 may allow an attacker to discern information about or m...	2025-05-01	6.5	NETWORK	MEDIUM	NVD
CVE-2025-46631	Improper access controls in the web management portal of the Tenda RX2 Pro 16.03.30.14 allows an unauthenticated remote attacker to enable telnet acce...	2025-05-01	6.5	NETWORK	MEDIUM	NVD
CVE-2025-46630	Improper access controls in the web management portal of the Tenda RX2 Pro 16.03.30.14 allows an unauthenticated remote attacker to enable 'ate' (a re...	2025-05-01	6.5	NETWORK	MEDIUM	NVD
CVE-2025-46629	Lack of access controls in the 'ate' management binary of the Tenda RX2 Pro 16.03.30.14 allows an unauthenticated remote attacker to perform unauthori...	2025-05-01	6.5	NETWORK	MEDIUM	NVD
CVE-2025-46628	Lack of input validation/sanitization in the 'ate' management service in the Tenda RX2 Pro 16.03.30.14 allows an unauthorized remote attacker to gain ...	2025-05-01	7.3	NETWORK	HIGH	NVD
CVE-2025-46627	Use of weak credentials in the Tenda RX2 Pro 16.03.30.14 allows an unauthenticated attacker to authenticate to the telnet service by calculating the r...	2025-05-01	8.2	NETWORK	HIGH	NVD
CVE-2025-46626	Reuse of a static AES key and initialization vector for encrypted traffic to the 'ate' management service of the Tenda RX2 Pro 16.03.30.14 allows an a...	2025-05-01	7.3	NETWORK	HIGH	NVD

Loading vulnerability details...

Description

EPSS Score

N/A

Exploit Prediction Scoring System

Dates

Published:

Last Modified:

CVSS v3.1 metrics not available for this vulnerability.

CVSS v4.0 metrics not available for this vulnerability.

CVSS v2.0 metrics not available for this vulnerability.

Weakness Information (CWE)

No CWE information available for this vulnerability.

Affected Products

No affected product information available for this vulnerability.

References

No references available for this vulnerability.