NVD Vulnerabilities

Severity Distribution

Publication Trend

Vulnerability Database

CVE ID	Description	Published	Base Score	Attack Vector	Severity	Actions
CVE-2025-4144	PKCE was implemented in the OAuth implementation in workers-oauth-provider that is part of MCP framework https://github.com/cloudflare/workers-mcp . ...	2025-05-01	5.3	NETWORK	MEDIUM	NVD
CVE-2025-4143	The OAuth implementation in workers-oauth-provider that is part of MCP framework https://github.com/cloudflare/workers-mcp , did not correctly valida...	2025-05-01	6.0	NETWORK	MEDIUM	NVD
CVE-2025-4142	A vulnerability has been found in Netgear EX6200 1.0.3.94 and classified as critical. This vulnerability affects the function sub_3C8EC. The manipulat...	2025-04-30	8.8	NETWORK	HIGH	NVD
CVE-2025-4141	A vulnerability, which was classified as critical, was found in Netgear EX6200 1.0.3.94. This affects the function sub_3C03C. The manipulation of the ...	2025-04-30	8.8	NETWORK	HIGH	NVD
CVE-2025-4140	A vulnerability, which was classified as critical, has been found in Netgear EX6120 1.0.3.94. Affected by this issue is the function sub_30394. The ma...	2025-04-30	8.8	NETWORK	HIGH	NVD
CVE-2024-30146	Improper access control of endpoint in HCL Domino Leap allows certain admin users to import applications from the server's filesystem.	2025-04-30	4.1	NETWORK	MEDIUM	NVD
CVE-2024-30145	Multiple vectors in HCL Domino Volt and Domino Leap allow client-side script injection in the authoring environment and deployed applications.	2025-04-30	6.5	NETWORK	MEDIUM	NVD
CVE-2024-30115	Insufficient sanitization policy in HCL Leap allows client-side script injection in the deployed application through the HTML widget.	2025-04-30	6.3	NETWORK	MEDIUM	NVD
CVE-2023-45721	Insufficient default configuration in HCL Leap allows anonymous access to directory information.	2025-04-30	5.3	NETWORK	MEDIUM	NVD
CVE-2023-37535	Insufficient URI protocol whitelist in HCL Domino Volt and Domino Leap allow script injection through query parameters.	2025-04-30	7.1	NETWORK	HIGH	NVD
CVE-2023-37517	Missing "no cache" headers in HCL Leap permits sensitive data to be cached.	2025-04-30	3.2	LOCAL	LOW	NVD
CVE-2022-42450	Improper sanitization of SVG files in HCL Domino Volt allows client-side script injection in deployed applications.	2025-04-30	4.6	NETWORK	MEDIUM	NVD
CVE-2025-4139	A vulnerability classified as critical was found in Netgear EX6120 1.0.0.68. Affected by this vulnerability is the function fwAcosCgiInbound. The mani...	2025-04-30	8.8	NETWORK	HIGH	NVD
CVE-2025-30422	A buffer overflow was addressed with improved input validation. This issue is fixed in AirPlay audio SDK 2.7.1, AirPlay video SDK 3.6.0.126, CarPlay C...	2025-04-30	6.5	ADJACENT_NETWORK	MEDIUM	NVD
CVE-2025-24132	The issue was addressed with improved memory handling. This issue is fixed in AirPlay audio SDK 2.7.1, AirPlay video SDK 3.6.0.126, CarPlay Communicat...	2025-04-30	6.5	ADJACENT_NETWORK	MEDIUM	NVD

Loading vulnerability details...

Description

EPSS Score

N/A

Exploit Prediction Scoring System

Dates

Published:

Last Modified:

CVSS v3.1 metrics not available for this vulnerability.

CVSS v4.0 metrics not available for this vulnerability.

CVSS v2.0 metrics not available for this vulnerability.

Weakness Information (CWE)

No CWE information available for this vulnerability.

Affected Products

No affected product information available for this vulnerability.

References

No references available for this vulnerability.