NVD Vulnerabilities

Severity Distribution

Publication Trend

Vulnerability Database

CVE ID	Description	Published	Base Score	Attack Vector	Severity	Actions
CVE-2025-42875	The SAP Internet Communication Framework does not conduct any authentication checks for features that need user identification allowing an attacker to...	2025-12-09	6.6	NETWORK	MEDIUM	NVD
CVE-2025-42874	SAP NetWeaver remote service for Xcelsius allows an attacker with network access and high privileges to execute arbitrary code on the affected system ...	2025-12-09	7.9	NETWORK	HIGH	NVD
CVE-2025-42873	SAPUI5 (and OpenUI5) packages use outdated 3rd party libraries with known security vulnerabilities. When markdown-it encounters special malformed inpu...	2025-12-09	5.9	NETWORK	MEDIUM	NVD
CVE-2025-42872	Due to a Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver Enterprise Portal, an unauthenticated attacker could inject malicious scripts that ...	2025-12-09	6.1	NETWORK	MEDIUM	NVD
CVE-2025-41752	An XSS vulnerability in pxc_portSfp.php can be used by an unauthenticated remote attacker to trick an authenticated user to click on the link provided...	2025-12-09	7.1	NETWORK	HIGH	NVD
CVE-2025-41751	An XSS vulnerability in pxc_portCntr.php can be used by an unauthenticated remote attacker to trick an authenticated user to click on the link provide...	2025-12-09	7.1	NETWORK	HIGH	NVD
CVE-2025-41750	An XSS vulnerability in pxc_PortCfg.php can be used by an unauthenticated remote attacker to trick an authenticated user to click on the link provided...	2025-12-09	7.1	NETWORK	HIGH	NVD
CVE-2025-41749	An XSS vulnerability in port_util.php can be used by an unauthenticated remote attacker to trick an authenticated user to click on the link provided b...	2025-12-09	7.1	NETWORK	HIGH	NVD
CVE-2025-41748	An XSS vulnerability in pxc_Dot1xCfg.php can be used by an unauthenticated remote attacker to trick an authenticated user to click on the link provide...	2025-12-09	7.1	NETWORK	HIGH	NVD
CVE-2025-41747	An XSS vulnerability in pxc_vlanIntfCfg.php can be used by an unauthenticated remote attacker to trick an authenticated user to send a manipulated POS...	2025-12-09	7.1	NETWORK	HIGH	NVD
CVE-2025-41746	An XSS vulnerability in pxc_portSecCfg.php can be used by an unauthenticated remote attacker to trick an authenticated user to send a manipulated POST...	2025-12-09	7.1	NETWORK	HIGH	NVD
CVE-2025-41745	An XSS vulnerability in pxc_portCntr2.php can be used by an unauthenticated remote attacker to trick an authenticated user to send a manipulated POST ...	2025-12-09	7.1	NETWORK	HIGH	NVD
CVE-2025-41697	An attacker can use an undocumented UART port on the PCB as a side-channel to get root access e.g. with the credentials obtained from CVE-2025-4169...	2025-12-09	6.8	PHYSICAL	MEDIUM	NVD
CVE-2025-41696	An attacker can use an undocumented UART port on the PCB as a side-channel with the user hardcoded credentials obtained from CVE-2025-41692 to gain re...	2025-12-09	4.6	PHYSICAL	MEDIUM	NVD
CVE-2025-41695	An XSS vulnerability in dyn_conn.php can be used by an unauthenticated remote attacker to trick an authenticated user to send a manipulated POST reque...	2025-12-09	7.1	NETWORK	HIGH	NVD

Loading vulnerability details...

Description

EPSS Score

N/A

Exploit Prediction Scoring System

Dates

Published:

Last Modified:

CVSS v3.1 metrics not available for this vulnerability.

CVSS v4.0 metrics not available for this vulnerability.

CVSS v2.0 metrics not available for this vulnerability.

Weakness Information (CWE)

No CWE information available for this vulnerability.

Affected Products

No affected product information available for this vulnerability.

References

No references available for this vulnerability.