Skip to main content
CVE-2021-20455 LOW Monitor

IBM Cognos Controller 11.0.0 through 11.0.1 and IBM Controller 11.1.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

IBM Information Disclosure Cognos Controller Controller
NVD
CVSS 3.1
3.7
EPSS
0.0%
CVE-2025-0245 LOW Monitor

Under certain circumstances, a user opt-in setting that Focus should require authentication before use could have been be bypassed. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Mozilla
NVD VulDB
CVSS 3.1
3.3
EPSS
0.0%
CVE-2024-12425 LOW Monitor

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in The Document Foundation LibreOffice allows Absolute Path Traversal. Rated low severity (CVSS 2.4), this vulnerability is low attack complexity. No vendor patch available.

Path Traversal Libreoffice Debian Linux
NVD
CVSS 4.0
2.4
EPSS
0.4%
CVE-2024-10562 LOW POC Monitor

The Form Maker by 10Web WordPress plugin before 1.15.31 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

WordPress XSS Form Maker
NVD WPScan
CVSS 3.1
2.7
EPSS
0.2%
CVE-2024-10102 LOW POC Monitor

The Photo Gallery, Images, Slider in Rbs Image Gallery WordPress plugin before 3.2.22 does not sanitise and escape some of its Gallery settings, which could allow high privilege users such as. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

WordPress XSS Robo Gallery
NVD WPScan
CVSS 3.1
2.7
EPSS
0.1%
CVE-2024-10527 LOW Monitor

The Spacer plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the motech_spacer_callback() function in all versions up to, and including, 3.0.7. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable. No vendor patch available.

Authentication Bypass WordPress
NVD
CVSS 3.1
3.1
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy