NVD Vulnerabilities

Severity Distribution

Publication Trend

Vulnerability Database

CVE ID Description Published Base Score Attack Vector Severity Actions
CVE-2025-63739 An issue was discovered in function phpinisaveAction in file webmain/system/cogini/coginiAction.php in Xinhu Rainrock RockOA 2.7.0 allowing attackers ... 2025-12-09 4.3 NETWORK MEDIUM NVD
CVE-2025-63738 An issue was discovered in file index.php in Xinhu Rainrock RockOA 2.7.0 allowing attackers to gain sensitive information via phpinfo via the a parame... 2025-12-09 4.3 NETWORK MEDIUM NVD
CVE-2025-63737 Cross-site scripting (XSS) vulnerability in function urltestAction in file cliAction.php in Xinhu Rainrock RockOA 2.7.0 allows remote attackers to inj... 2025-12-09 6.1 NETWORK MEDIUM NVD
CVE-2025-56704 LeptonCMS version 7.3.0 contains an arbitrary file upload vulnerability, which is caused by the lack of proper validation for uploaded files. An authe... 2025-12-09 8.8 NETWORK HIGH NVD
CVE-2025-12946 A vulnerability in the speedtest feature of affected NETGEAR Nighthawk routers, caused by improper input validation, can allow attackers on the router... 2025-12-09 4.4 ADJACENT MEDIUM NVD
CVE-2025-12945 A vulnerability in NETGEAR Nighthawk R7000P routers lets an authenticated admin execute OS command injections due to improper input validation. Th... 2025-12-09 1.1 ADJACENT LOW NVD
CVE-2025-12941 Denial of Service Vulnerability in NETGEAR C6220 and C6230 (DOCSIS® 3.0 Two-in-one Cable Modem + WiFi Router) allows authenticated local WiFi users re... 2025-12-09 5.0 ADJACENT MEDIUM NVD
CVE-2023-23729 Missing Authorization vulnerability in Brainstorm Force Spectra allows Exploiting Incorrectly Configured Access Control Security Levels.This issue aff... 2025-12-09 5.4 NETWORK MEDIUM NVD
CVE-2023-22675 Cross-Site Request Forgery (CSRF) vulnerability in Taylor Hawkes WP Fast Cache allows Cross Site Request Forgery.This issue affects WP Fast Cache: fro... 2025-12-09 4.3 NETWORK MEDIUM NVD
CVE-2022-47425 Missing Authorization vulnerability in Repute Infosystems ARMember allows Exploiting Incorrectly Configured Access Control Security Levels.This issue ... 2025-12-09 4.3 NETWORK MEDIUM NVD
CVE-2022-46845 Missing Authorization vulnerability in Essential Plugin Slider a SlidersPack allows Exploiting Incorrectly Configured Access Control Security Levels.T... 2025-12-09 5.3 NETWORK MEDIUM NVD
CVE-2025-9638 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Portabilis i-Educar allows Stored Cross-Site Scr... 2025-12-09 4.8 NETWORK MEDIUM NVD
CVE-2025-9368 A security issue exists within 432ES-IG3 Series A, which affects GuardLink® EtherNet/IP Interface, resulting in denial-of-service. A manual power cycl... 2025-12-09 8.7 NETWORK HIGH NVD
CVE-2025-6924 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in TalentSoft Software e-BAP Automation allo... 2025-12-09 5.4 NETWORK MEDIUM NVD
CVE-2025-6923 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in TalentSoft Software UNIS allows Reflected... 2025-12-09 5.4 NETWORK MEDIUM NVD