NVD Vulnerabilities

Severity Distribution

Publication Trend

Vulnerability Database

CVE ID	Description	Published	Base Score	Attack Vector	Severity	Actions
CVE-2025-13677	The Simple Download Counter plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 2.2.2. This is due to insuffici...	2025-12-10	4.9	NETWORK	MEDIUM	NVD
CVE-2025-13613	The Elated Membership plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 1.2. This is due to the plugin...	2025-12-10	9.8	NETWORK	CRITICAL	NVD
CVE-2025-67507	Filament is a collection of full-stack components for accelerated Laravel development. Versions 4.0.0 through 4.3.0 contain a flaw in the handling of ...	2025-12-10	8.1	NETWORK	HIGH	NVD
CVE-2025-67506	PipesHub is a fully extensible workplace AI platform for enterprise search and workflow automation. Versions prior to 0.1.0-beta expose POST /api/v1/r...	2025-12-10	9.8	NETWORK	CRITICAL	NVD
CVE-2025-67485	mad-proxy is a Python-based HTTP/HTTPS proxy server for detection and blocking of malicious web activity using custom security policies. Versions 0.3 ...	2025-12-10	5.3	NETWORK	MEDIUM	NVD
CVE-2025-67502	Taguette is an open source qualitative research tool. In versions 1.5.1 and below, attackers can craft malicious URLs that redirect users to arbitrar...	2025-12-10	5.4	NETWORK	MEDIUM	NVD
CVE-2025-67501	WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. Versions 3.5.4 and below contain an SQL Injection vuln...	2025-12-10	9.4	NETWORK	CRITICAL	NVD
CVE-2025-67500	Mastodon is a free, open-source social network server based on ActivityPub. Versions 4.2.27 and prior, 4.3.0-beta.1 through 4.3.14, 4.4.0-beta.1 throu...	2025-12-10	3.7	NETWORK	LOW	NVD
CVE-2025-67499	The CNI portmap plugin allows containers to emulate opening a host port, forwarding that traffic to the container. Versions 1.6.0 through 1.8.0 inadv...	2025-12-10	6.6	LOCAL	MEDIUM	NVD
CVE-2025-64898	ColdFusion versions 2025.4, 2023.16, 2021.22 and earlier are affected by an Insufficiently Protected Credentials vulnerability that could result in li...	2025-12-10	4.3	NETWORK	MEDIUM	NVD
CVE-2025-64897	ColdFusion versions 2025.4, 2023.16, 2021.22 and earlier are affected by an Improper Access Control vulnerability. A low privileged attacker could lev...	2025-12-10	5.6	LOCAL	MEDIUM	NVD
CVE-2025-61823	ColdFusion versions 2025.4, 2023.16, 2021.22 and earlier are affected by an Improper Restriction of XML External Entity Reference ('XXE') vulnerabilit...	2025-12-10	6.2	NETWORK	MEDIUM	NVD
CVE-2025-61822	ColdFusion versions 2025.4, 2023.16, 2021.22 and earlier are affected by an Improper Input Validation vulnerability that could lead to arbitrary file ...	2025-12-10	6.2	ADJACENT_NETWORK	MEDIUM	NVD
CVE-2025-61821	ColdFusion versions 2025.4, 2023.16, 2021.22 and earlier are affected by an Improper Restriction of XML External Entity Reference ('XXE') vulnerabilit...	2025-12-10	6.8	NETWORK	MEDIUM	NVD
CVE-2025-61813	ColdFusion versions 2025.4, 2023.16, 2021.22 and earlier are affected by an Improper Restriction of XML External Entity Reference ('XXE') vulnerabilit...	2025-12-10	8.2	NETWORK	HIGH	NVD

Loading vulnerability details...

Description

EPSS Score

N/A

Exploit Prediction Scoring System

Dates

Published:

Last Modified:

CVSS v3.1 metrics not available for this vulnerability.

CVSS v4.0 metrics not available for this vulnerability.

CVSS v2.0 metrics not available for this vulnerability.

Weakness Information (CWE)

No CWE information available for this vulnerability.

Affected Products

No affected product information available for this vulnerability.

References

No references available for this vulnerability.