NVD Vulnerabilities

Severity Distribution

Publication Trend

Vulnerability Database

CVE ID	Description	Published	Base Score	Attack Vector	Severity	Actions
CVE-2025-34392	Barracuda Service Center, as implemented in the RMM solution, in versions prior to 2025.1.1, does not verify the URL defined in an attacker-controlled...	2025-12-10	10.0	NETWORK	CRITICAL	NVD
CVE-2025-13155	An improper permissions vulnerability was reported in Lenovo Baiying Client that could allow a local authenticated user to execute code with elevated ...	2025-12-10	7.8	LOCAL	HIGH	NVD
CVE-2025-13152	A potential DLL hijacking vulnerability was reported in Lenovo One Client during an internal security assessment that could allow a local authenticate...	2025-12-10	7.8	LOCAL	HIGH	NVD
CVE-2025-13125	Authorization Bypass Through User-Controlled Key vulnerability in Im Park Information Technology, Electronics, Press, Publishing and Advertising, Educ...	2025-12-10	4.3	NETWORK	MEDIUM	NVD
CVE-2025-12046	A DLL hijacking vulnerability was reported in the Lenovo App Store and Lenovo Browser applications that could allow a local authenticated user to exec...	2025-12-10	7.8	LOCAL	HIGH	NVD
CVE-2025-8110	Improper Symbolic link handling in the PutContents API in Gogs allows Local Execution of Code.	2025-12-10	8.7	NETWORK	HIGH	NVD
CVE-2025-13127	Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in TAC Information Services Internal and Ext...	2025-12-10	3.5	NETWORK	LOW	NVD
CVE-2025-13184	Unauthenticated Telnet enablement via cstecgi.cgi (auth bypass) leading to unauthenticated root login with a blank password on factory/reset X5000R V9...	2025-12-10	9.8	NETWORK	CRITICAL	NVD
CVE-2024-2105	An unauthorised attacker within bluetooth range may use an improper validation during the BLE connection request to deadlock the affected devices.	2025-12-10	6.5	ADJACENT_NETWORK	MEDIUM	NVD
CVE-2024-2104	Due to improper BLE security configurations on the device's GATT server, an adjacent unauthenticated attacker can read and write device control comman...	2025-12-10	8.8	ADJACENT_NETWORK	HIGH	NVD
CVE-2025-41358	Direct Object Reference Vulnerability (IDOR) in i2A's CronosWeb, in versions prior to 25.00.00.12, inclusive. This vulnerability could allow an authen...	2025-12-10	8.3	NETWORK	HIGH	NVD
CVE-2025-13953	Bypass vulnerability in the authentication method in the GTT Tax Information System application, related to the Active Directory (LDAP) login method. ...	2025-12-10	9.3	NETWORK	CRITICAL	NVD
CVE-2025-41732	An unauthenticated remote attacker can abuse unsafe sscanf calls within the check_cookie() function to write arbitrary data into fixed-size stack buff...	2025-12-10	9.8	NETWORK	CRITICAL	NVD
CVE-2025-41730	An unauthenticated remote attacker can abuse unsafe sscanf calls within the check_account() function to write arbitrary data into fixed-size stack buf...	2025-12-10	9.8	NETWORK	CRITICAL	NVD
CVE-2025-7073	A local privilege escalation vulnerability in Bitdefender Total Security 27.0.46.231 allows low-privileged attackers to elevate privileges. The issue ...	2025-12-10	8.8	LOCAL	HIGH	NVD

Loading vulnerability details...

Description

EPSS Score

N/A

Exploit Prediction Scoring System

Dates

Published:

Last Modified:

CVSS v3.1 metrics not available for this vulnerability.

CVSS v4.0 metrics not available for this vulnerability.

CVSS v2.0 metrics not available for this vulnerability.

Weakness Information (CWE)

No CWE information available for this vulnerability.

Affected Products

No affected product information available for this vulnerability.

References

No references available for this vulnerability.