NVD Vulnerabilities

Severity Distribution

Publication Trend

Vulnerability Database

CVE ID	Description	Published	Base Score	Attack Vector	Severity	Actions
CVE-2025-59030	An attacker can trigger the removal of cached records by sending a NOTIFY query over TCP.	2025-12-09	7.5	NETWORK	HIGH	NVD
CVE-2025-59029	An attacker can trigger an assertion failure by requesting crafted DNS records, waiting for them to be inserted into the records cache, then send a qu...	2025-12-09	5.3	NETWORK	MEDIUM	NVD
CVE-2025-49351	Cross-Site Request Forgery (CSRF) vulnerability in Valentin Agachi Create Posts & Terms create-posts-terms allows Stored XSS.This issue affects Cr...	2025-12-09	7.1	NETWORK	HIGH	NVD
CVE-2025-49350	Missing Authorization vulnerability in marcoingraiti Actionwear products sync actionwear-products-sync allows Exploiting Incorrectly Configured Access...	2025-12-09	4.3	NETWORK	MEDIUM	NVD
CVE-2025-49348	Missing Authorization vulnerability in Hype Hype pico allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Hype:...	2025-12-09	5.3	NETWORK	MEDIUM	NVD
CVE-2025-49347	Cross-Site Request Forgery (CSRF) vulnerability in Jupitercow WP sIFR wp-sifr allows Stored XSS.This issue affects WP sIFR: from n/a through <= 0.6.8....	2025-12-09	7.1	NETWORK	HIGH	NVD
CVE-2025-49341	Cross-Site Request Forgery (CSRF) vulnerability in Alex Furr PDF Creator Lite pdf-creator-lite allows Stored XSS.This issue affects PDF Creator Lite: ...	2025-12-09	7.1	NETWORK	HIGH	NVD
CVE-2025-42928	Under certain conditions, a high privileged user could exploit a deserialization vulnerability in SAP jConnect to launch remote code execution. The sy...	2025-12-09	9.1	NETWORK	CRITICAL	NVD
CVE-2025-42904	Due to an Information Disclosure vulnerability in Application Server ABAP, an authenticated attacker could read unmasked values displayed in ABAP List...	2025-12-09	6.5	NETWORK	MEDIUM	NVD
CVE-2025-42896	SAP BusinessObjects Business Intelligence Platform lets an unauthenticated remote attacker send crafted requests through the URL parameter that contro...	2025-12-09	5.4	NETWORK	MEDIUM	NVD
CVE-2025-42891	Due to a missing authorization check in SAP Enterprise Search for ABAP, an attacker with high privileges may read and export the contents of database ...	2025-12-09	5.5	NETWORK	MEDIUM	NVD
CVE-2025-42880	Due to missing input sanitation, SAP Solution Manager allows an authenticated attacker to insert malicious code when calling a remote-enabled function...	2025-12-09	9.9	NETWORK	CRITICAL	NVD
CVE-2025-42878	SAP Web Dispatcher and ICM may expose internal testing interfaces that are not intended for production. If enabled, unauthenticated attackers could ex...	2025-12-09	8.2	NETWORK	HIGH	NVD
CVE-2025-42877	SAP Web Dispatcher, Internet Communication Manager (ICM), and SAP Content Server allow an unauthenticated user to exploit logical errors that lead to ...	2025-12-09	7.5	NETWORK	HIGH	NVD
CVE-2025-42876	Due to a Missing Authorization Check vulnerability in SAP S/4 HANA Private Cloud (Financials General Ledger), an authenticated attacker with authoriza...	2025-12-09	7.1	NETWORK	HIGH	NVD

Loading vulnerability details...

Description

EPSS Score

N/A

Exploit Prediction Scoring System

Dates

Published:

Last Modified:

CVSS v3.1 metrics not available for this vulnerability.

CVSS v4.0 metrics not available for this vulnerability.

CVSS v2.0 metrics not available for this vulnerability.

Weakness Information (CWE)

No CWE information available for this vulnerability.

Affected Products

No affected product information available for this vulnerability.

References

No references available for this vulnerability.