NVD Vulnerabilities

Severity Distribution

Publication Trend

Vulnerability Database

CVE ID	Description	Published	Base Score	Attack Vector	Severity	Actions
CVE-2026-30804	Unrestricted Upload of File with Dangerous Type vulnerability allows Remote Code Execution via file upload. This issue affects Pandora FMS: from 777 t...	2026-04-13	8.6	NETWORK	HIGH	NVD
CVE-2025-69627	Nitro PDF Pro for Windows 14.41.1.4 contains a heap use-after-free vulnerability in the implementation of the JavaScript method this.mailDoc(). During...	2026-04-13	8.4	LOCAL	HIGH	NVD
CVE-2025-69624	Nitro PDF Pro for Windows 14.41.1.4 contains a NULL pointer dereference vulnerability in the JavaScript implementation of app.alert(). When app.alert(...	2026-04-13	7.5	NETWORK	HIGH	NVD
CVE-2025-66769	A NULL pointer dereference in Nitro PDF Pro for Windows v14.41.1.4 allows attackers to cause a Denial of Service (DoS) via a crafted XFA packet.	2026-04-13	7.5	NETWORK	HIGH	NVD
CVE-2025-63743	Cross-Site Scripting vulnerability in the Snipe-IT web-based asset management system v8.3.0 to up and including v8.3.1 allows authenticated attacker w...	2026-04-13	5.4	NETWORK	MEDIUM	NVD
CVE-2025-31991	Rate Limiting for attempting a user login is not being properly enforced, making HCL DevOps Velocity susceptible to brute-force attacks past the unsuc...	2026-04-13	6.8	NETWORK	MEDIUM	NVD
CVE-2026-6183	A security flaw has been discovered in code-projects Simple Content Management System 1.0. Affected by this issue is some unknown functionality of the...	2026-04-13	7.3	NETWORK	HIGH	NVD
CVE-2026-6182	A vulnerability was identified in code-projects Simple Content Management System 1.0. Affected by this vulnerability is an unknown functionality of th...	2026-04-13	7.3	NETWORK	HIGH	NVD
CVE-2026-33858	Dag Authors, who normally should not be able to execute code in the webserver context could craft XCom payload causing the webserver to execute arbitr...	2026-04-13	8.8	NETWORK	HIGH	NVD
CVE-2026-30999	A heap buffer overflow in the av_bprint_finalize() function of FFmpeg v8.0.1 allows attackers to cause a Denial of Service (DoS) via a crafted input.	2026-04-13	7.5	NETWORK	HIGH	NVD
CVE-2026-30998	An improper resource deallocation and closure vulnerability in the tools/zmqsend.c component of FFmpeg v8.0.1 allows attackers to cause a Denial of Se...	2026-04-13	7.5	NETWORK	HIGH	NVD
CVE-2026-30997	An out-of-bounds read in the read_global_param() function (libavcodec/av1dec.c) of FFmpeg v8.0.1 allows attackers to cause a Denial of Service (DoS) v...	2026-04-13	7.5	NETWORK	HIGH	NVD
CVE-2026-29628	A stack overflow in the experimental/tinyobj_loader_opt.h file of tinyobjloader commit d56555b allows attackers to cause a Denial of Service (DoS) via...	2026-04-13	6.2	LOCAL	MEDIUM	NVD
CVE-2026-1462	A vulnerability in the `TFSMLayer` class of the `keras` package, version 3.13.0, allows attacker-controlled TensorFlow SavedModels to be loaded during...	2026-04-13	N/A	None	None	NVD
CVE-2025-66236	Before Airflow 3.2.0, it was unclear that secure Airflow deployments require the Deployment Manager to take appropriate actions and pay attention to s...	2026-04-13	7.5	NETWORK	HIGH	NVD

Loading vulnerability details...

Description

EPSS Score

N/A

Exploit Prediction Scoring System

Dates

Published:

Last Modified:

CVSS v3.1 metrics not available for this vulnerability.

CVSS v4.0 metrics not available for this vulnerability.

CVSS v2.0 metrics not available for this vulnerability.

Weakness Information (CWE)

No CWE information available for this vulnerability.

Affected Products

No affected product information available for this vulnerability.

References

No references available for this vulnerability.