NVD Vulnerabilities

Severity Distribution

Publication Trend

Vulnerability Database

CVE ID	Description	Published	Base Score	Attack Vector	Severity	Actions
CVE-2025-65294	Aqara Hub devices including Camera Hub G3 4.1.9_0027, Hub M2 4.3.6_0027, and Hub M3 4.3.6_0025 contain an undocumented remote access mechanism enablin...	2025-12-10	9.8	NETWORK	CRITICAL	NVD
CVE-2025-65293	Command injection vulnerabilities in Aqara Camera Hub G3 4.1.9_0027 allow attackers to execute arbitrary commands with root privileges through malicio...	2025-12-10	6.6	PHYSICAL	MEDIUM	NVD
CVE-2025-65292	Command injection vulnerability in Aqara Hub devices including Camera Hub G3 4.1.9_0027, Hub M2 4.3.6_0027, and Hub M3 4.3.6_0025 allows attackers to ...	2025-12-10	7.3	LOCAL	HIGH	NVD
CVE-2025-65291	Aqara Hub devices including Hub M2 4.3.6_0027, Hub M3 4.3.6_0025, Camera Hub G3 4.1.9_0027 fail to validate server certificates in TLS connections for...	2025-12-10	N/A	None	None	NVD
CVE-2025-65290	Aqara Hub devices including Camera Hub G3 4.1.9_0027, Hub M2 4.3.6_0027, and Hub M3 4.3.6_0025 fail to validate server certificates during HTTPS firmw...	2025-12-10	7.4	NETWORK	HIGH	NVD
CVE-2024-58285	Chyrp 2.5.2 contains a stored cross-site scripting vulnerability that allows authenticated users to inject malicious scripts into post titles. Attacke...	2025-12-10	5.3	NETWORK	MEDIUM	NVD
CVE-2024-58284	PopojiCMS 2.0.1 contains an authenticated remote command execution vulnerability that allows administrative users to inject malicious PHP code through...	2025-12-10	8.6	NETWORK	HIGH	NVD
CVE-2024-58283	WBCE CMS version 1.6.2 contains a remote code execution vulnerability that allows authenticated attackers to upload malicious PHP files through the El...	2025-12-10	8.7	NETWORK	HIGH	NVD
CVE-2024-58282	Serendipity 2.5.0 contains a remote code execution vulnerability that allows authenticated administrators to upload malicious PHP files through the me...	2025-12-10	8.6	NETWORK	HIGH	NVD
CVE-2024-58281	Dotclear 2.29 contains a remote code execution vulnerability that allows authenticated attackers to upload malicious PHP files through the media uploa...	2025-12-10	8.7	NETWORK	HIGH	NVD
CVE-2024-58280	CMSimple 5.15 contains a remote command execution vulnerability that allows authenticated attackers to modify file extensions and upload malicious PHP...	2025-12-10	8.6	NETWORK	HIGH	NVD
CVE-2024-58279	appRain CMF 4.0.5 contains an authenticated remote code execution vulnerability that allows administrative users to upload malicious PHP files through...	2025-12-10	8.6	NETWORK	HIGH	NVD
CVE-2023-53776	Screen SFT DAB 1.9.3 contains an authentication bypass vulnerability that allows attackers to exploit weak session management by reusing IP-bound sess...	2025-12-10	8.7	ADJACENT	HIGH	NVD
CVE-2023-53775	Screen SFT DAB 1.9.3 contains an authentication bypass vulnerability that allows attackers to change user passwords by exploiting weak session managem...	2025-12-10	7.1	ADJACENT	HIGH	NVD
CVE-2025-67461	External control of file name or path in Zoom Rooms for macOS before version 6.6.0 may allow an authenticated user to conduct a disclosure of informat...	2025-12-10	5.0	LOCAL	MEDIUM	NVD

Loading vulnerability details...

Description

EPSS Score

N/A

Exploit Prediction Scoring System

Dates

Published:

Last Modified:

CVSS v3.1 metrics not available for this vulnerability.

CVSS v4.0 metrics not available for this vulnerability.

CVSS v2.0 metrics not available for this vulnerability.

Weakness Information (CWE)

No CWE information available for this vulnerability.

Affected Products

No affected product information available for this vulnerability.

References

No references available for this vulnerability.