NVD Vulnerabilities

Severity Distribution

Publication Trend

Vulnerability Database

CVE ID	Description	Published	Base Score	Attack Vector	Severity	Actions
CVE-2025-32985	NETSCOUT nGeniusONE before 6.4.0 b2350 has Hardcoded Credentials that can be obtained from JAR files.	2025-04-25	9.8	NETWORK	CRITICAL	NVD
CVE-2025-32984	NETSCOUT nGeniusONE before 6.4.0 b2350 allows Stored Cross-Site Scripting (XSS) via a certain POST parameter.	2025-04-25	6.1	NETWORK	MEDIUM	NVD
CVE-2025-32983	NETSCOUT nGeniusONE before 6.4.0 b2350 allows Technical Information Disclosure via a Stack Trace.	2025-04-25	7.5	NETWORK	HIGH	NVD
CVE-2025-32982	NETSCOUT nGeniusONE before 6.4.0 b2350 has a Broken Authorization Schema for the report module.	2025-04-25	7.5	NETWORK	HIGH	NVD
CVE-2025-32981	NETSCOUT nGeniusONE before 6.4.0 b2350 allows local users to leverage Insecure Permissions for the nGeniusCLI File.	2025-04-25	7.1	LOCAL	HIGH	NVD
CVE-2025-32980	NETSCOUT nGeniusONE before 6.4.0 b2350 has a Weak Sudo Configuration.	2025-04-25	9.8	NETWORK	CRITICAL	NVD
CVE-2025-32979	NETSCOUT nGeniusONE before 6.4.0 b2350 allows Arbitrary File Creation by authenticated users.	2025-04-25	6.5	NETWORK	MEDIUM	NVD
CVE-2025-28128	An issue in Mytel Telecom Online Account System v1.0 allows attackers to bypass the OTP verification process via a crafted request.	2025-04-25	7.0	NETWORK	HIGH	NVD
CVE-2025-3935	ScreenConnect versions 25.2.3 and earlier versions may be susceptible to a ViewState code injection attack. ASP.NET Web Forms use ViewState to preserv...	2025-04-25	8.1	NETWORK	HIGH	NVD
CVE-2024-30152	HCL SX v21 is affected by usage of a weak cryptographic algorithm. An attacker could exploit this weakness to gain access to sensitive information, m...	2025-04-25	6.5	NETWORK	MEDIUM	NVD
CVE-2025-25775	Codeastro Bus Ticket Booking System v1.0 is vulnerable to SQL injection via the kodetiket parameter in /BusTicket-CI/tiket/cekorder.	2025-04-25	9.8	NETWORK	CRITICAL	NVD
CVE-2025-3928	Commvault Web Server has an unspecified vulnerability that can be exploited by a remote, authenticated attacker. According to the Commvault advisory: ...	2025-04-25	8.8	NETWORK	HIGH	NVD
CVE-2025-2070	An improper XML parsing vulnerability was reported in the FileZ client that could allow arbitrary file reads on the system if a crafted url is visited...	2025-04-25	5.0	LOCAL	MEDIUM	NVD
CVE-2025-2069	A cross-site scripting vulnerability was reported in the FileZ client that could allow execution of code if a crafted url is visited by a local user.	2025-04-25	5.0	LOCAL	MEDIUM	NVD
CVE-2025-2068	An open redirect vulnerability was reported in the FileZ client that could allow information disclosure if a crafted url is visited by a local user.	2025-04-25	5.0	LOCAL	MEDIUM	NVD

Loading vulnerability details...

Description

EPSS Score

N/A

Exploit Prediction Scoring System

Dates

Published:

Last Modified:

CVSS v3.1 metrics not available for this vulnerability.

CVSS v4.0 metrics not available for this vulnerability.

CVSS v2.0 metrics not available for this vulnerability.

Weakness Information (CWE)

No CWE information available for this vulnerability.

Affected Products

No affected product information available for this vulnerability.

References

No references available for this vulnerability.