NVD Vulnerabilities

Severity Distribution

Publication Trend

Vulnerability Database

CVE ID	Description	Published	Base Score	Attack Vector	Severity	Actions
CVE-2025-1453	The Category Posts Widget WordPress plugin before 4.9.20 does not sanitise and escape some of its settings, which could allow high privilege users suc...	2025-04-24	4.8	NETWORK	MEDIUM	NVD
CVE-2025-3435	The Mang Board WP plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the board_header and board_footer parameters in all versions u...	2025-04-24	4.4	NETWORK	MEDIUM	NVD
CVE-2025-1976	Brocade Fabric OS versions starting with 9.1.0 have root access removed, however, a local user with admin privilege can potentially execute arbitrary ...	2025-04-24	6.7	LOCAL	MEDIUM	NVD
CVE-2025-46419	Westermo WeOS 5 through 5.23.0 allows a reboot via a malformed ESP packet.	2025-04-24	5.9	NETWORK	MEDIUM	NVD
CVE-2025-46417	The unsafe globals in Picklescan before 0.0.25 do not include ssl. Consequently, ssl.get_server_certificate can exfiltrate data via DNS after deserial...	2025-04-24	6.8	LOCAL	MEDIUM	NVD
CVE-2025-27581	NIH BRICS (aka Biomedical Research Informatics Computing System) through 14.0.0-67 allows users who lack the InET role to access the InET module via d...	2025-04-24	4.3	NETWORK	MEDIUM	NVD
CVE-2025-27580	NIH BRICS (aka Biomedical Research Informatics Computing System) through 14.0.0-67 generates predictable tokens (that depend on username, time, and th...	2025-04-24	7.5	NETWORK	HIGH	NVD
CVE-2025-25046	IBM InfoSphere Information Server 11.7 DataStage Flow Designer transmits sensitive information via URL or query parameters that could be exposed to ...	2025-04-23	3.7	NETWORK	LOW	NVD
CVE-2025-25045	IBM InfoSphere Information 11.7 Server authenticated user to obtain sensitive information when a detailed technical error message is returned in a req...	2025-04-23	4.3	NETWORK	MEDIUM	NVD
CVE-2024-22351	IBM InfoSphere Information 11.7 Server does not invalidate session after logout which could allow an authenticated user to impersonate another user on...	2025-04-23	6.3	NETWORK	MEDIUM	NVD
CVE-2025-46400	Segmentation fault in fig2dev in version 3.2.9a allows an attacker to availability via local input manipulation via read_arcobject function.	2025-04-23	7.1	LOCAL	HIGH	NVD
CVE-2025-46399	Segmentation fault in fig2dev in version 3.2.9a allows an attacker to availability via local input manipulation via genge_itp_spline function.	2025-04-23	7.1	LOCAL	HIGH	NVD
CVE-2025-46398	Stack-overflow in fig2dev in version 3.2.9a allows an attacker possible code execution via local input manipulation via read_objects function.	2025-04-23	7.1	LOCAL	HIGH	NVD
CVE-2025-46397	Stack-overflow in fig2dev in version 3.2.9a allows an attacker possible code execution via local input manipulation via bezier_spline function.	2025-04-23	7.1	LOCAL	HIGH	NVD
CVE-2025-32818	A Null Pointer Dereference vulnerability in the SonicOS SSLVPN Virtual office interface allows a remote, unauthenticated attacker to crash the firewal...	2025-04-23	7.5	NETWORK	HIGH	NVD

Loading vulnerability details...

Description

EPSS Score

N/A

Exploit Prediction Scoring System

Dates

Published:

Last Modified:

CVSS v3.1 metrics not available for this vulnerability.

CVSS v4.0 metrics not available for this vulnerability.

CVSS v2.0 metrics not available for this vulnerability.

Weakness Information (CWE)

No CWE information available for this vulnerability.

Affected Products

No affected product information available for this vulnerability.

References

No references available for this vulnerability.