NVD Vulnerabilities

Severity Distribution

Publication Trend

Vulnerability Database

CVE ID	Description	Published	Base Score	Attack Vector	Severity	Actions
CVE-2025-34402	MailEnable versions prior to 10.54 contain a reflected cross-site scripting (XSS) vulnerability in the FieldCc parameter of /Mondo/lang/sys/Forms/Addr...	2025-12-09	6.1	NETWORK	MEDIUM	NVD
CVE-2025-34401	MailEnable versions prior to 10.54 contain a reflected cross-site scripting (XSS) vulnerability in the FieldBcc parameter of /Mondo/lang/sys/Forms/Add...	2025-12-09	6.1	NETWORK	MEDIUM	NVD
CVE-2025-34400	MailEnable versions prior to 10.54 contain a reflected cross-site scripting (XSS) vulnerability in the AddressesTo parameter of /Mondo/lang/sys/Forms/...	2025-12-09	6.1	NETWORK	MEDIUM	NVD
CVE-2025-34399	MailEnable versions prior to 10.54 contain a reflected cross-site scripting (XSS) vulnerability in the AddressesCc parameter of /Mondo/lang/sys/Forms/...	2025-12-09	6.1	NETWORK	MEDIUM	NVD
CVE-2025-34398	MailEnable versions prior to 10.54 contain a reflected cross-site scripting (XSS) vulnerability in the AddressesBcc parameter of /Mondo/lang/sys/Forms...	2025-12-09	6.1	NETWORK	MEDIUM	NVD
CVE-2025-34397	MailEnable versions prior to 10.54 contain a reflected cross-site scripting (XSS) vulnerability in the Message parameter of /Mobile/Compose.aspx. The ...	2025-12-09	6.1	NETWORK	MEDIUM	NVD
CVE-2025-34396	MailEnable versions prior to 10.54 contain an unsafe DLL loading vulnerability that can lead to local arbitrary code execution. The MailEnable adminis...	2025-12-09	7.3	LOCAL	HIGH	NVD
CVE-2025-33214	NVIDIA NVTabular for Linux contains a vulnerability in the Workflow component, where a user could cause a deserialization issue. A successful exploit ...	2025-12-09	8.8	NETWORK	HIGH	NVD
CVE-2025-33213	NVIDIA Merlin Transformers4Rec for Linux contains a vulnerability in the Trainer component, where a user could cause a deserialization issue. A succes...	2025-12-09	8.8	NETWORK	HIGH	NVD
CVE-2025-13924	The Advanced Product Fields (Product Addons) for WooCommerce plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, a...	2025-12-09	4.3	NETWORK	MEDIUM	NVD
CVE-2024-47570	An insertion of sensitive information into log file vulnerability [CWE-532] in FortiOS 7.4.0 through 7.4.3, 7.2.0 through 7.2.7, 7.0 all versions; For...	2025-12-09	6.6	NETWORK	MEDIUM	NVD
CVE-2025-65289	A stored Cross site scripting (XSS) vulnerability in the Mercury MR816v2 (081C3114 4.8.7 Build 110427 Rel 36550n) router allows a remote attacker on t...	2025-12-09	6.1	ADJACENT_NETWORK	MEDIUM	NVD
CVE-2025-65288	A buffer overflow in the Mercury MR816v2 (081C3114 4.8.7 Build 110427 Rel 36550n) occurs when the device accepts and stores excessively long hostnames...	2025-12-09	6.5	ADJACENT_NETWORK	MEDIUM	NVD
CVE-2025-63742	SQL Injection vulnerability in function setwxqyAction in file webmain/task/api/loginAction.php in Xinhu Rainrock RockOA 2.7.0 allowing attackers gain ...	2025-12-09	9.8	NETWORK	CRITICAL	NVD
CVE-2025-63740	SQL Injection vulnerability in function getselectdataAjax in file inputAction.php in Xinhu Rainrock RockOA 2.7.0 allowing attackers gain sensitive inf...	2025-12-09	4.3	ADJACENT_NETWORK	MEDIUM	NVD

Loading vulnerability details...

Description

EPSS Score

N/A

Exploit Prediction Scoring System

Dates

Published:

Last Modified:

CVSS v3.1 metrics not available for this vulnerability.

CVSS v4.0 metrics not available for this vulnerability.

CVSS v2.0 metrics not available for this vulnerability.

Weakness Information (CWE)

No CWE information available for this vulnerability.

Affected Products

No affected product information available for this vulnerability.

References

No references available for this vulnerability.