NVD Vulnerabilities

Severity Distribution

Publication Trend

Vulnerability Database

CVE ID	Description	Published	Base Score	Attack Vector	Severity	Actions
CVE-2023-42404	OneVision Workspace before WS23.1 SR1 (build w31.040) allows arbitrary Java EL execution.	2025-04-28	4.9	NETWORK	MEDIUM	NVD
CVE-2025-4027	A vulnerability, which was classified as critical, was found in PHPGurukul Old Age Home Management System 1.0. Affected is an unknown function of the ...	2025-04-28	7.3	NETWORK	HIGH	NVD
CVE-2025-4026	A vulnerability, which was classified as critical, has been found in PHPGurukul Nipah Virus Testing Management System 1.0. This issue affects some unk...	2025-04-28	7.3	NETWORK	HIGH	NVD
CVE-2025-46614	In Snowflake ODBC Driver before 3.7.0, in certain code paths, the Driver logged the whole SQL query at the INFO level, aka Insertion of Sensitive Info...	2025-04-28	3.3	LOCAL	LOW	NVD
CVE-2025-43857	Net::IMAP implements Internet Message Access Protocol (IMAP) client functionality in Ruby. Prior to versions 0.5.7, 0.4.20, 0.3.9, and 0.2.5, there is...	2025-04-28	6.0	NETWORK	MEDIUM	NVD
CVE-2025-43854	DIFY is an open-source LLM app development platform. Prior to version 1.3.0, a clickjacking vulnerability was found in the default setup of the DIFY a...	2025-04-28	2.3	NETWORK	LOW	NVD
CVE-2023-35817	DevExpress before 23.1.3 allows AsyncDownloader SSRF.	2025-04-28	5.0	NETWORK	MEDIUM	NVD
CVE-2023-35816	DevExpress before 23.1.3 allows arbitrary TypeConverter conversion.	2025-04-28	3.5	NETWORK	LOW	NVD
CVE-2023-35815	DevExpress before 23.1.3 has a data-source protection mechanism bypass during deserialization on XML data.	2025-04-28	3.5	NETWORK	LOW	NVD
CVE-2023-35814	DevExpress before 23.1.3 does not properly protect XtraReport serialized data in ASP.NET web forms.	2025-04-28	3.5	NETWORK	LOW	NVD
CVE-2022-41871	SEPPmail through 12.1.17 allows command injection within the Admin Portal. An authenticated attacker is able to execute arbitrary code in the context ...	2025-04-28	6.0	NETWORK	MEDIUM	NVD
CVE-2015-4582	The TheCartPress boot-store (aka Boot Store) theme 1.6.4 for WordPress allows header.php tcp_register_error XSS. NOTE: CVE-2015-4582 is not assigned t...	2025-04-28	7.2	NETWORK	HIGH	NVD
CVE-2025-4025	A vulnerability classified as critical was found in itsourcecode Placement Management System 1.0. Affected by this vulnerability is an unknown functio...	2025-04-28	7.3	NETWORK	HIGH	NVD
CVE-2025-4024	A vulnerability classified as critical has been found in itsourcecode Placement Management System 1.0. Affected is an unknown function of the file /ad...	2025-04-28	7.3	NETWORK	HIGH	NVD
CVE-2025-25776	Cross-Site Scripting (XSS) vulnerability exists in the User Registration and User Profile features of Codeastro Bus Ticket Booking System v1.0 allows ...	2025-04-28	5.0	LOCAL	MEDIUM	NVD

Loading vulnerability details...

Description

EPSS Score

N/A

Exploit Prediction Scoring System

Dates

Published:

Last Modified:

CVSS v3.1 metrics not available for this vulnerability.

CVSS v4.0 metrics not available for this vulnerability.

CVSS v2.0 metrics not available for this vulnerability.

Weakness Information (CWE)

No CWE information available for this vulnerability.

Affected Products

No affected product information available for this vulnerability.

References

No references available for this vulnerability.