U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Vulnerability Database

National Vulnerability Database

NVD

National Vulnerability Database

NVD Dashboard

CVEs Received and Processed

CVEs Received and Processed

Please Wait

CVE Status Count

Please Wait

CVSS Score Spread

Please Wait

CVSS V3 Score Distribution

Severity Number of Vulns

CVSS V2 Score Distribution

Severity Number of Vulns


For information on how to the cite the NVD, including the database's Digital Object Identifier (DOI), please consult NIST's Public Data Repository.

Last 20 Scored Vulnerability IDs & Summaries CVSS Severity

  • CVE-2025-15171 - A vulnerability was identified in SohuTV CacheCloud up to 3.2.0. This affects the function index of the file src/main/java/com/sohu/cache/web/controller/ServerController.java. The manipulation leads to cross site scripting. Remote exploitation of ... read CVE-2025-15171
    Published: December 29, 2025; 12:15:57 AM -0500

    V3.1: 5.4 MEDIUM

  • CVE-2025-15172 - A security flaw has been discovered in SohuTV CacheCloud up to 3.2.0. This impacts the function preview of the file src/main/java/com/sohu/cache/web/controller/RedisConfigTemplateController.java. The manipulation results in cross site scripting. T... read CVE-2025-15172
    Published: December 29, 2025; 12:15:59 AM -0500

    V3.1: 5.4 MEDIUM

  • CVE-2025-15173 - A weakness has been identified in SohuTV CacheCloud up to 3.2.0. Affected is the function advancedAnalysis of the file src/main/java/com/sohu/cache/web/controller/InstanceController.java. This manipulation causes cross site scripting. The attack i... read CVE-2025-15173
    Published: December 29, 2025; 12:16:01 AM -0500

    V3.1: 5.4 MEDIUM

  • CVE-2025-15174 - A security vulnerability has been detected in SohuTV CacheCloud up to 3.2.0. Affected by this vulnerability is the function doAppAuditList of the file src/main/java/com/sohu/cache/web/controller/AppManageController.java. Such manipulation leads to... read CVE-2025-15174
    Published: December 29, 2025; 1:15:52 AM -0500

    V3.1: 5.4 MEDIUM

  • CVE-2025-15175 - A vulnerability was detected in SohuTV CacheCloud up to 3.2.0. Affected by this issue is the function doAppList/appCommandAnalysis of the file src/main/java/com/sohu/cache/web/controller/AppController.java. Performing manipulation results in cross... read CVE-2025-15175
    Published: December 29, 2025; 1:15:52 AM -0500

    V3.1: 5.4 MEDIUM

  • CVE-2025-15200 - A vulnerability was detected in SohuTV CacheCloud up to 3.2.0. The affected element is the function getExceptionStatisticsByClient/getCommandStatisticsByClient/doIndex of the file src/main/java/com/sohu/cache/web/controller/AppClientDataShowContro... read CVE-2025-15200
    Published: December 29, 2025; 2:15:56 PM -0500

    V3.1: 4.8 MEDIUM

  • CVE-2025-15201 - A flaw has been found in SohuTV CacheCloud up to 3.2.0. The impacted element is the function redirectNoPower of the file src/main/java/com/sohu/cache/web/controller/WebResourceController.java. This manipulation causes cross site scripting. The att... read CVE-2025-15201
    Published: December 29, 2025; 2:15:56 PM -0500

    V3.1: 5.4 MEDIUM

  • CVE-2025-15202 - A vulnerability has been found in SohuTV CacheCloud up to 3.2.0. This affects the function taskQueueList of the file src/main/java/com/sohu/cache/web/controller/TaskController.java. Such manipulation leads to cross site scripting. The attack may b... read CVE-2025-15202
    Published: December 29, 2025; 3:15:41 PM -0500

    V3.1: 4.8 MEDIUM

  • CVE-2025-15203 - A vulnerability was found in SohuTV CacheCloud up to 3.2.0. This impacts the function index of the file src/main/java/com/sohu/cache/web/controller/ResourceController.java. Performing manipulation results in cross site scripting. It is possible to... read CVE-2025-15203
    Published: December 29, 2025; 3:15:41 PM -0500

    V3.1: 4.8 MEDIUM

  • CVE-2025-15204 - A vulnerability was determined in SohuTV CacheCloud up to 3.2.0. Affected is the function doQuartzList of the file src/main/java/com/sohu/cache/web/controller/QuartzManageController.java. Executing manipulation can lead to cross site scripting. It... read CVE-2025-15204
    Published: December 29, 2025; 4:15:43 PM -0500

    V3.1: 4.8 MEDIUM

  • CVE-2025-15219 - A security vulnerability has been detected in SohuTV CacheCloud up to 3.2.0. Affected by this issue is the function doMachineList/doPodList of the file src/main/java/com/sohu/cache/web/controller/MachineManageController.java. The manipulation lead... read CVE-2025-15219
    Published: December 29, 2025; 11:15:49 PM -0500

    V3.1: 5.4 MEDIUM

  • CVE-2025-15220 - A vulnerability was detected in SohuTV CacheCloud up to 3.2.0. This affects the function init of the file src/main/java/com/sohu/cache/web/controller/LoginController.java. The manipulation results in cross site scripting. The attack may be launche... read CVE-2025-15220
    Published: December 30, 2025; 12:16:00 AM -0500

    V3.1: 6.1 MEDIUM

  • CVE-2025-15221 - A flaw has been found in SohuTV CacheCloud up to 3.2.0. This vulnerability affects the function index of the file src/main/java/com/sohu/cache/web/controller/AppDataMigrateController.java. This manipulation causes cross site scripting. Remote expl... read CVE-2025-15221
    Published: December 30, 2025; 12:16:05 AM -0500

    V3.1: 5.4 MEDIUM

  • CVE-2025-15102 - DVP-12SE11T - Password Protection Bypass
    Published: December 30, 2025; 4:15:52 AM -0500

    V3.1: 9.8 CRITICAL

  • CVE-2025-15103 - DVP-12SE11T - Authentication Bypass via Partial Password Disclosure
    Published: December 30, 2025; 4:15:52 AM -0500

    V3.1: 9.8 CRITICAL

  • CVE-2025-15358 - DVP-12SE11T - Denial of Service Vulnerability
    Published: December 30, 2025; 4:15:52 AM -0500

  • CVE-2025-15148 - A flaw has been found in CmsEasy up to 7.7.7. Affected is the function savetemp_action in the library /lib/admin/template_admin.php of the component Backend Template Management Page. Executing manipulation of the argument content/tempdata can lead... read CVE-2025-15148
    Published: December 28, 2025; 1:15:47 PM -0500

    V3.1: 7.2 HIGH

  • CVE-2025-15155 - A vulnerability was detected in floooh sokol up to 16cbcc864012898793cd2bc57f802499a264ea40. The impacted element is the function _sg_pipeline_desc_defaults in the library sokol_gfx.h. The manipulation results in stack-based buffer overflow. The a... read CVE-2025-15155
    Published: December 28, 2025; 5:15:43 PM -0500

    V3.1: 7.8 HIGH

  • CVE-2023-49269 - Hotel Management v1.0 is vulnerable to multiple authenticated Reflected Cross-Site Scripting vulnerabilities. The 'adults' parameter of the reservation.php resource is copied into the HTML document as plain text between tags. Any input is echoed u... read CVE-2023-49269
    Published: December 20, 2023; 1:15:13 PM -0500

  • CVE-2025-14874 - A flaw was found in Nodemailer. This vulnerability allows a denial of service (DoS) via a crafted email address header that triggers infinite recursion in the address parser.
    Published: December 18, 2025; 4:15:44 AM -0500

    V3.1: 7.5 HIGH