NVD Vulnerabilities

Severity Distribution

Publication Trend

Vulnerability Database

CVE ID	Description	Published	Base Score	Attack Vector	Severity	Actions
CVE-2025-66675	Denial of Service vulnerability in Apache Struts, file leak in multipart request processing causes disk exhaustion. This issue affects Apache Struts:...	2025-12-10	8.2	NETWORK	HIGH	NVD
CVE-2025-14390	The Video Merchant plugin for WordPress is vulnerable to Cross-Site Request Forgery in version <= 5.0.4. This is due to missing or incorrect nonce val...	2025-12-10	8.8	NETWORK	HIGH	NVD
CVE-2025-9315	An unauthenticated device registration vulnerability, caused by Improperly Controlled Modification of Dynamically-Determined Object Attributes, has be...	2025-12-10	6.3	NETWORK	MEDIUM	NVD
CVE-2025-66004	A Path Traversal vulnerability in usbmuxd allows local users to escalate to the service user.This issue affects usbmuxd: before 3ded00c9985a5108cfc759...	2025-12-10	5.7	LOCAL	MEDIUM	NVD
CVE-2025-1161	Incorrect Use of Privileged APIs vulnerability in NomySoft Information Technology Training and Consulting Inc. Nomysem allows Privilege Escalation.Thi...	2025-12-10	7.1	NETWORK	HIGH	NVD
CVE-2025-14087	A flaw was found in GLib (Gnome Lib). This vulnerability allows a remote attacker to cause heap corruption, leading to a denial of service or potentia...	2025-12-10	5.6	NETWORK	MEDIUM	NVD
CVE-2025-14082	A flaw was found in Keycloak Admin REST (Representational State Transfer) API. This vulnerability allows information disclosure of sensitive role meta...	2025-12-10	2.7	NETWORK	LOW	NVD
CVE-2025-13955	Predictable default Wi-Fi Password in Access Point functionality in EZCast Pro II version 1.17478.146 allows attackers in Wi-Fi range to gain access t...	2025-12-10	9.3	ADJACENT	CRITICAL	NVD
CVE-2025-13954	Hard-coded cryptographic keys in Admin UI of EZCast Pro II version 1.17478.146 allows attackers to bypass authorization checks and gain full access to...	2025-12-10	9.3	ADJACENT	CRITICAL	NVD
CVE-2025-12952	A privilege escalation vulnerability exists in Google Cloud's Dialogflow CX. Dialogflow agent developers with Webhook editor permission are able to c...	2025-12-10	8.7	NETWORK	HIGH	NVD
CVE-2025-9571	A remote code execution (RCE) vulnerability exists in Google Cloud Data Fusion. A user with permissions to upload artifacts to a Data Fusion instance ...	2025-12-10	8.7	NETWORK	HIGH	NVD
CVE-2025-13073	The HandL UTM Grabber / Tracker WordPress plugin before 2.8.1 does not sanitize and escape a parameter before outputting it back in the page, leading ...	2025-12-10	7.1	NETWORK	HIGH	NVD
CVE-2025-13072	The HandL UTM Grabber / Tracker WordPress plugin before 2.8.1 does not sanitize and escape a parameter before outputting it back in the page, leading ...	2025-12-10	7.1	NETWORK	HIGH	NVD
CVE-2025-13339	The Hippoo Mobile App for WooCommerce plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.7.1 via the templat...	2025-12-10	7.5	NETWORK	HIGH	NVD
CVE-2025-9056	Unprotected service in the AudioLink component allows a local attacker to overwrite system files via unauthorized service invocation.	2025-12-10	5.3	NETWORK	MEDIUM	NVD

Loading vulnerability details...

Description

EPSS Score

N/A

Exploit Prediction Scoring System

Dates

Published:

Last Modified:

CVSS v3.1 metrics not available for this vulnerability.

CVSS v4.0 metrics not available for this vulnerability.

CVSS v2.0 metrics not available for this vulnerability.

Weakness Information (CWE)

No CWE information available for this vulnerability.

Affected Products

No affected product information available for this vulnerability.

References

No references available for this vulnerability.