CVEDB API

Vulnerabilities

Vulnerable Software

Security Vulnerabilities

CVE-2025-64997

Insufficient permission validation in Checkmk versions prior to 2.4.0p17 and 2.3.0p42 allow low-privileged users to view agent information via the REST API, which could lead to information disclosure.

CVSS Score

6.5

EPSS Score

0.0

Published

2025-12-18

CVE-2025-14874

A flaw was found in Nodemailer. This vulnerability allows a denial of service (DoS) via a crafted email address header that triggers infinite recursion in the address parser.

CVSS Score

7.5

EPSS Score

0.001

Published

2025-12-18

CVE-2025-60089

Deserialization of Untrusted Data vulnerability in CRM Perks WP Gravity Forms FreshDesk Plugin gf-freshdesk allows Object Injection.This issue affects WP Gravity Forms FreshDesk Plugin: from n/a through <= 1.3.5.

CVSS Score

9.8

EPSS Score

0.001

Published

2025-12-18

CVE-2025-60090

Deserialization of Untrusted Data vulnerability in CRM Perks WP Gravity Forms Insightly gf-insightly allows Object Injection.This issue affects WP Gravity Forms Insightly: from n/a through <= 1.1.6.

CVSS Score

9.8

EPSS Score

0.001

Published

2025-12-18

CVE-2025-60091

Deserialization of Untrusted Data vulnerability in CRM Perks WP Gravity Forms Zoho CRM and Bigin gf-zoho allows Object Injection.This issue affects WP Gravity Forms Zoho CRM and Bigin: from n/a through <= 1.2.9.

CVSS Score

9.8

EPSS Score

0.001

Published

2025-12-18

CVE-2025-60174

Deserialization of Untrusted Data vulnerability in CRM Perks WP Gravity Forms Constant Contact Plugin gf-constant-contact allows Object Injection.This issue affects WP Gravity Forms Constant Contact Plugin: from n/a through <= 1.1.2.

CVSS Score

9.8

EPSS Score

0.001

Published

2025-12-18

CVE-2025-60178

Deserialization of Untrusted Data vulnerability in CRM Perks WP Gravity Forms HubSpot gf-hubspot allows Object Injection.This issue affects WP Gravity Forms HubSpot: from n/a through <= 1.2.6.

CVSS Score

9.8

EPSS Score

0.002

Published

2025-12-18

CVE-2025-60180

Deserialization of Untrusted Data vulnerability in CRM Perks WP Gravity Forms Salesforce gf-salesforce-crmperks allows Object Injection.This issue affects WP Gravity Forms Salesforce: from n/a through <= 1.5.1.

CVSS Score

9.8

EPSS Score

0.001

Published

2025-12-18

CVE-2025-60061

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Kicker kicker allows PHP Local File Inclusion.This issue affects Kicker: from n/a through <= 2.2.0.

CVSS Score

8.1

EPSS Score

0.002

Published

2025-12-18

CVE-2025-60063

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes Rosalinda rosalinda allows PHP Local File Inclusion.This issue affects Rosalinda: from n/a through <= 1.2.3.

CVSS Score

8.2

EPSS Score

0.001

Published

2025-12-18

Prev Next

Page 129

Vulnerabilities

Vulnerable Software

Security Vulnerabilities

Products

Pricing

Contact Us