General-Purpose System Vulnerabilities
Vulnerabilities related to traditional IT systems, servers, and desktop applications.
| CVE ID | Description | Severity | Published | Type |
|---|---|---|---|---|
| CVE-2025-67906 | In MISP before 2.5.28, app/View/Elements/Workflows/executionPath.ctp allows XSS in the workflow execution path. | Medium (5.4) | 2025-12-15 | General-Purpose |
| CVE-2025-13740 | The Lightweight Accordion plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's `lightweig… | Medium (6.4) | 2025-12-15 | General-Purpose |
| CVE-2025-14695 | A vulnerability was determined in SamuNatsu HaloBot up to 026b01d4a896d93eaaf9d5163a287dc9f267515b. Affected is the fun… | Medium (6.3) | 2025-12-15 | General-Purpose |
| CVE-2025-67901 | openrsync through 0.5.0, as used in OpenBSD through 7.8 and on other platforms, allows a client to cause a server SIGSE… | Medium (5.3) | 2025-12-15 | General-Purpose |
| CVE-2025-14692 | A flaw has been found in Mayan EDMS up to 4.10.1. The impacted element is an unknown function of the file /authenticati… | Medium (4.3) | 2025-12-15 | General-Purpose |