NVD Vulnerabilities

Severity Distribution

Publication Trend

Vulnerability Database

CVE ID	Description	Published	Base Score	Attack Vector	Severity	Actions
CVE-2024-13793	The Wolmart \| Multi-Vendor Marketplace WooCommerce Theme theme for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and...	2025-05-08	7.3	NETWORK	HIGH	NVD
CVE-2025-32873	An issue was discovered in Django 4.2 before 4.2.21, 5.1 before 5.1.9, and 5.2 before 5.2.1. The django.utils.html.strip_tags() function is vulnerable...	2025-05-08	5.3	NETWORK	MEDIUM	NVD
CVE-2024-55651	i-Educar is free, fully online school management software. Version 2.9 of the application fails to properly validate and sanitize user supplied input,...	2025-05-08	2.0	NETWORK	LOW	NVD
CVE-2025-46727	Rack is a modular Ruby web server interface. Prior to versions 2.2.14, 3.0.16, and 3.1.14, `Rack::QueryParser` parses query strings and `application/x...	2025-05-07	7.5	NETWORK	HIGH	NVD
CVE-2025-35939	Craft CMS stores arbitrary content provided by unauthenticated users in session files. This content could be accessed and executed, possibly using an ...	2025-05-07	5.3	NETWORK	MEDIUM	NVD
CVE-2025-32441	Rack is a modular Ruby web server interface. Prior to version 2.2.14, when using the `Rack::Session::Pool` middleware, simultaneous rack requests can ...	2025-05-07	4.2	NETWORK	MEDIUM	NVD
CVE-2025-0936	On affected platforms running Arista EOS with a gNMI transport enabled, running the gNOI File TransferToRemote RPC with credentials for a remote serve...	2025-05-07	6.5	NETWORK	MEDIUM	NVD
CVE-2025-46826	insa-auth is an authentication server for INSA Rouen. A minor issue allowed third-party websites to access the server's secondary authentication bridg...	2025-05-07	1.3	NETWORK	LOW	NVD
CVE-2025-46821	Envoy is a cloud-native edge/middle/service proxy. Prior to versions 1.34.1, 1.33.3, 1.32.6, and 1.31.8, Envoy's URI template matcher incorrectly excl...	2025-05-07	5.3	NETWORK	MEDIUM	NVD
CVE-2025-46265	On F5OS, an improper authorization vulnerability exists where remotely authenticated users (LDAP, RADIUS, TACACS+) may be authorized with higher privi...	2025-05-07	8.8	NETWORK	HIGH	NVD
CVE-2025-43878	When running in Appliance mode, an authenticated attacker assigned the Administrator or Resource Administrator role may be able to bypass Appliance mo...	2025-05-07	6.0	LOCAL	MEDIUM	NVD
CVE-2025-41433	When a Session Initiation Protocol (SIP) message routing framework (MRF) application layer gateway (ALG) profile is configured on a Message Routing vi...	2025-05-07	7.5	NETWORK	HIGH	NVD
CVE-2025-41431	When connection mirroring is configured on a virtual server, undisclosed requests can cause the Traffic Management Microkernel (TMM) to terminate in t...	2025-05-07	7.5	NETWORK	HIGH	NVD
CVE-2025-41414	When HTTP/2 client and server profile is configured on a virtual server, undisclosed requests can cause TMM to terminate. Note: Software version...	2025-05-07	7.5	NETWORK	HIGH	NVD
CVE-2025-41399	When a Stream Control Transmission Protocol (SCTP) profile is configured on a virtual server, undisclosed requests can cause an increase in memory res...	2025-05-07	7.5	NETWORK	HIGH	NVD

Loading vulnerability details...

Description

EPSS Score

N/A

Exploit Prediction Scoring System

Dates

Published:

Last Modified:

CVSS v3.1 metrics not available for this vulnerability.

CVSS v4.0 metrics not available for this vulnerability.

CVSS v2.0 metrics not available for this vulnerability.

Weakness Information (CWE)

No CWE information available for this vulnerability.

Affected Products

No affected product information available for this vulnerability.

References

No references available for this vulnerability.