NVD Vulnerabilities

Severity Distribution

Publication Trend

Vulnerability Database

CVE ID	Description	Published	Base Score	Attack Vector	Severity	Actions
CVE-2024-56156	Halo is an open source website building tool. Prior to version 2.20.13, a vulnerability in Halo allows attackers to bypass file type validation contro...	2025-04-25	5.5	NETWORK	MEDIUM	NVD
CVE-2025-46618	In JetBrains TeamCity before 2025.03.1 stored XSS was possible on Data Directory tab	2025-04-25	3.5	NETWORK	LOW	NVD
CVE-2025-46433	In JetBrains TeamCity before 2025.03.1 improper path validation in loggingPreset parameter was possible	2025-04-25	4.9	NETWORK	MEDIUM	NVD
CVE-2025-46432	In JetBrains TeamCity before 2025.03.1 base64-encoded credentials could be exposed in build logs	2025-04-25	4.3	NETWORK	MEDIUM	NVD
CVE-2025-43862	Dify is an open-source LLM app development platform. Prior to version 0.6.12, a normal user is able to access and modify APP orchestration, even thoug...	2025-04-25	7.6	NETWORK	HIGH	NVD
CVE-2025-43016	In JetBrains Rider before 2025.1.2 custom archive unpacker allowed arbitrary file overwrite during remote debug session	2025-04-25	5.4	NETWORK	MEDIUM	NVD
CVE-2025-3647	A flaw was discovered in Moodle. Additional checks were required to ensure that users can only access cohort data they are authorized to retrieve.	2025-04-25	4.3	NETWORK	MEDIUM	NVD
CVE-2025-3645	A flaw was found in Moodle. Insufficient capability checks in a messaging web service allowed users to view other users' names and online statuses.	2025-04-25	4.3	NETWORK	MEDIUM	NVD
CVE-2025-3644	A flaw was found in Moodle. Additional checks were required to prevent users from deleting course sections they did not have permission to modify.	2025-04-25	4.3	NETWORK	MEDIUM	NVD
CVE-2025-3643	A flaw was found in Moodle. The return URL in the policy tool required additional sanitizing to prevent a reflected Cross-site scripting (XSS) risk.	2025-04-25	5.4	NETWORK	MEDIUM	NVD
CVE-2025-3642	A flaw was found in Moodle. A remote code execution risk was identified in the Moodle LMS EQUELLA repository. By default, this was only available to t...	2025-04-25	8.8	NETWORK	HIGH	NVD
CVE-2025-3641	A flaw was found in Moodle. A remote code execution risk was identified in the Moodle LMS Dropbox repository. By default, this was only available to t...	2025-04-25	8.8	NETWORK	HIGH	NVD
CVE-2025-3640	A flaw was found in Moodle. Insufficient capability checks made it possible for a user enrolled in a course to access some details, such as the full n...	2025-04-25	4.3	NETWORK	MEDIUM	NVD
CVE-2025-3638	A flaw was found in Moodle. The analysis request action in the Brickfield tool did not include the necessary token to prevent a Cross-site request for...	2025-04-25	8.8	NETWORK	HIGH	NVD
CVE-2025-3637	A security vulnerability was found in Moodle where confidential information that prevents cross-site request forgery (CSRF) attacks was shared publicl...	2025-04-25	3.1	NETWORK	LOW	NVD

Loading vulnerability details...

Description

EPSS Score

N/A

Exploit Prediction Scoring System

Dates

Published:

Last Modified:

CVSS v3.1 metrics not available for this vulnerability.

CVSS v4.0 metrics not available for this vulnerability.

CVSS v2.0 metrics not available for this vulnerability.

Weakness Information (CWE)

No CWE information available for this vulnerability.

Affected Products

No affected product information available for this vulnerability.

References

No references available for this vulnerability.