NVD Vulnerabilities

Severity Distribution

Publication Trend

Vulnerability Database

CVE ID	Description	Published	Base Score	Attack Vector	Severity	Actions
CVE-2025-46579	There is a DDE injection vulnerability in the GoldenDB database product. Attackers can inject DDE expressions through the interface, and when users do...	2025-04-27	8.4	NETWORK	HIGH	NVD
CVE-2025-46578	There are SQL injection vulnerabilities in multiple interfaces of the GoldenDB database product. Attackers can exploit these interfaces to inject comm...	2025-04-27	6.5	NETWORK	MEDIUM	NVD
CVE-2025-46577	There is a SQL injection vulnerability in the GoldenDB database product. Attackers can inject commands to extract database information.	2025-04-27	6.5	NETWORK	MEDIUM	NVD
CVE-2025-46576	There is a Permission Management and Access Control vulnerability in the GoldenDB database product. Attackers can manipulate requests to bypass privil...	2025-04-27	5.4	NETWORK	MEDIUM	NVD
CVE-2025-46575	There is an information disclosure vulnerability in the GoldenDB database product. Attackers can exploit error messages to obtain the system's sensiti...	2025-04-27	4.9	NETWORK	MEDIUM	NVD
CVE-2025-46574	There is an information disclosure vulnerability in the GoldenDB database product. Attackers can exploit error messages to obtain the system's sensiti...	2025-04-27	4.1	NETWORK	MEDIUM	NVD
CVE-2025-46675	In NASA CryptoLib before 1.3.2, the key state is not checked before use, potentially leading to spacecraft hijacking.	2025-04-27	3.5	NETWORK	LOW	NVD
CVE-2025-46674	NASA CryptoLib before 1.3.2 uses Extended Procedures that are a Work in Progress (not intended for use during flight), potentially leading to a keystr...	2025-04-27	3.5	NETWORK	LOW	NVD
CVE-2025-46673	NASA CryptoLib before 1.3.2 does not check whether the SA is in an operational state before use, possibly leading to a bypass of the Space Data Link S...	2025-04-27	4.9	NETWORK	MEDIUM	NVD
CVE-2025-46672	NASA CryptoLib before 1.3.2 does not check the OTAR crypto function returned status, potentially leading to spacecraft hijacking.	2025-04-27	3.5	NETWORK	LOW	NVD
CVE-2025-3955	A vulnerability, which was classified as critical, was found in codeprojects Patient Record Management System 1.0. This affects an unknown part of the...	2025-04-27	6.3	NETWORK	MEDIUM	NVD
CVE-2025-46656	python-markdownify (aka markdownify) before 0.14.1 allows large headline prefixes such as <h9999999> in addition to <h1> through <h6>. This causes mem...	2025-04-26	2.9	LOCAL	LOW	NVD
CVE-2025-3954	A vulnerability, which was classified as problematic, has been found in ChurchCRM 5.16.0. Affected by this issue is some unknown functionality of the ...	2025-04-26	3.7	NETWORK	LOW	NVD
CVE-2025-46655	CodiMD through 2.5.4 has a CSP-based protection mechanism against XSS through uploaded SVG documents containing JavaScript, but it can be bypassed in ...	2025-04-26	4.9	NETWORK	MEDIUM	NVD
CVE-2025-46654	CodiMD through 2.2.0 has a CSP-based protection mechanism against XSS through uploaded JavaScript content, but it can be bypassed by uploading a .html...	2025-04-26	4.9	NETWORK	MEDIUM	NVD

Loading vulnerability details...

Description

EPSS Score

N/A

Exploit Prediction Scoring System

Dates

Published:

Last Modified:

CVSS v3.1 metrics not available for this vulnerability.

CVSS v4.0 metrics not available for this vulnerability.

CVSS v2.0 metrics not available for this vulnerability.

Weakness Information (CWE)

No CWE information available for this vulnerability.

Affected Products

No affected product information available for this vulnerability.

References

No references available for this vulnerability.