NVD Vulnerabilities

Severity Distribution

Publication Trend

Vulnerability Database

CVE ID	Description	Published	Base Score	Attack Vector	Severity	Actions
CVE-2025-43865	React Router is a router for React. In versions on the 7.0 branch prior to version 7.5.2, it's possible to modify pre-rendered data by adding a header...	2025-04-25	8.2	NETWORK	HIGH	NVD
CVE-2025-43864	React Router is a router for React. Starting in version 7.2.0 and prior to version 7.5.2, it is possible to force an application to switch to SPA mode...	2025-04-25	7.5	NETWORK	HIGH	NVD
CVE-2025-3606	Vestel AC Charger version 3.75.0 contains a vulnerability that could enable an attacker to access files containing sensitive information, such as...	2025-04-25	7.5	NETWORK	HIGH	NVD
CVE-2025-2185	ALBEDO Telecom Net.Time - PTP/NTP clock (Serial No. NBC0081P) software release 1.4.4 is vulnerable to an insufficient session expiration vulnerability...	2025-04-25	8.0	NETWORK	HIGH	NVD
CVE-2025-46275	WGS-80HPT-V2 and WGS-4215-8T2S are missing authentication that could allow an attacker to create an administrator account without knowing any existi...	2025-04-24	9.8	NETWORK	CRITICAL	NVD
CVE-2025-46274	UNI-NMS-Lite uses hard-coded credentials that could allow an unauthenticated attacker to read, manipulate and create entries in the managed database...	2025-04-24	9.8	NETWORK	CRITICAL	NVD
CVE-2025-46273	UNI-NMS-Lite uses hard-coded credentials that could allow an unauthenticated attacker to gain administrative privileges to all UNI-NMS managed devic...	2025-04-24	9.8	NETWORK	CRITICAL	NVD
CVE-2025-46272	WGS-80HPT-V2 and WGS-4215-8T2S are vulnerable to a command injection attack that could allow an unauthenticated attacker to execute OS commands on t...	2025-04-24	9.1	NETWORK	CRITICAL	NVD
CVE-2025-46271	UNI-NMS-Lite is vulnerable to a command injection attack that could allow an unauthenticated attacker to read or manipulate device data.	2025-04-24	9.1	NETWORK	CRITICAL	NVD
CVE-2025-3749	The Breeze Display plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘cal_size’ parameter in all versions up to, and including...	2025-04-24	6.4	NETWORK	MEDIUM	NVD
CVE-2025-1294	The eForm - WordPress Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 4.18.0 due ...	2025-04-24	7.2	NETWORK	HIGH	NVD
CVE-2025-43861	ManageWiki is a MediaWiki extension allowing users to manage wikis. Prior to commit 2f177dc, ManageWiki is vulnerable to reflected or stored XSS in th...	2025-04-24	4.4	NETWORK	MEDIUM	NVD
CVE-2025-29529	ITC Systems Multiplan/Matrix OneCard platform v3.7.4.1002 was discovered to contain a SQL injection vulnerability via the component Forgotpassword.asp...	2025-04-24	6.5	NETWORK	MEDIUM	NVD
CVE-2025-25777	Insecure Direct Object Reference (IDOR) in Codeastro Bus Ticket Booking System v1.0 allows unauthorized access to user profiles. By manipulating the u...	2025-04-24	8.0	LOCAL	HIGH	NVD
CVE-2024-30127	Missing "no cache" headers in HCL Leap permits sensitive data to be cached.	2025-04-24	3.2	LOCAL	LOW	NVD

Loading vulnerability details...

Description

EPSS Score

N/A

Exploit Prediction Scoring System

Dates

Published:

Last Modified:

CVSS v3.1 metrics not available for this vulnerability.

CVSS v4.0 metrics not available for this vulnerability.

CVSS v2.0 metrics not available for this vulnerability.

Weakness Information (CWE)

No CWE information available for this vulnerability.

Affected Products

No affected product information available for this vulnerability.

References

No references available for this vulnerability.