NVD Vulnerabilities

Severity Distribution

Publication Trend

Vulnerability Database

CVE ID	Description	Published	Base Score	Attack Vector	Severity	Actions
CVE-2025-5467	It was discovered that process_crash() in data/apport in Canonical's Apport crash reporting tool may create crash files with incorrect group ownership...	2025-12-10	1.9	LOCAL	LOW	NVD
CVE-2025-13607	A malicious actor can access camera configuration information, including account credentials, without authenticating when accessing a vulnerable URL.	2025-12-10	9.4	NETWORK	CRITICAL	NVD
CVE-2025-67643	Jenkins Redpen - Pipeline Reporter for Jira Plugin 1.054.v7b_9517b_6b_202 and earlier does not correctly perform path validation of the workspace dire...	2025-12-10	4.3	NETWORK	MEDIUM	NVD
CVE-2025-67642	Jenkins HashiCorp Vault Plugin 371.v884a_4dd60fb_6 and earlier does not set the appropriate context for Vault credentials lookup, allowing attackers w...	2025-12-10	4.3	NETWORK	MEDIUM	NVD
CVE-2025-67641	Jenkins Coverage Plugin 2.3054.ve1ff7b_a_a_123b_ and earlier does not validate the configured coverage results ID when creating coverage results, only...	2025-12-10	8.0	NETWORK	HIGH	NVD
CVE-2025-67640	Jenkins Git client Plugin 6.4.0 and earlier does not not correctly escape the path to the workspace directory as part of an argument in a temporary sh...	2025-12-10	5.0	NETWORK	MEDIUM	NVD
CVE-2025-67639	A cross-site request forgery (CSRF) vulnerability in Jenkins 2.540 and earlier, LTS 2.528.2 and earlier allows attackers to trick users into logging i...	2025-12-10	3.5	NETWORK	LOW	NVD
CVE-2025-67638	Jenkins 2.540 and earlier, LTS 2.528.2 and earlier does not mask build authorization tokens displayed on the job configuration form, increasing the po...	2025-12-10	4.3	NETWORK	MEDIUM	NVD
CVE-2025-67637	Jenkins 2.540 and earlier, LTS 2.528.2 and earlier stores build authorization tokens unencrypted in job config.xml files on the Jenkins controller whe...	2025-12-10	4.3	NETWORK	MEDIUM	NVD
CVE-2025-67636	A missing permission check in Jenkins 2.540 and earlier, LTS 2.528.2 and earlier allows attackers with View/Read permission to view encrypted password...	2025-12-10	4.3	NETWORK	MEDIUM	NVD
CVE-2025-67635	Jenkins 2.540 and earlier, LTS 2.528.2 and earlier does not properly close HTTP-based CLI connections when the connection stream becomes corrupted, al...	2025-12-10	7.5	NETWORK	HIGH	NVD
CVE-2025-65815	A lack of security checks in the file import process of AB TECHNOLOGY Document Reader: PDF, DOC, PPT v65.0 allows attackers to execute a directory tra...	2025-12-10	6.5	NETWORK	MEDIUM	NVD
CVE-2025-65814	A lack of security checks in the file import process of RHOPHI Analytics LLP Office App-Edit Word v6.4.1 allows attackers to execute a directory trave...	2025-12-10	6.5	NETWORK	MEDIUM	NVD
CVE-2025-65792	DataGear v5.5.0 is vulnerable to Arbitrary File Deletion.	2025-12-10	9.1	NETWORK	CRITICAL	NVD
CVE-2025-52493	PagerDuty Runbook through 2025-06-12 exposes stored secrets directly in the webpage DOM at the configuration page. Although these secrets appear maske...	2025-12-10	6.5	NETWORK	MEDIUM	NVD

Loading vulnerability details...

Description

EPSS Score

N/A

Exploit Prediction Scoring System

Dates

Published:

Last Modified:

CVSS v3.1 metrics not available for this vulnerability.

CVSS v4.0 metrics not available for this vulnerability.

CVSS v2.0 metrics not available for this vulnerability.

Weakness Information (CWE)

No CWE information available for this vulnerability.

Affected Products

No affected product information available for this vulnerability.

References

No references available for this vulnerability.