Skip to main content
CVE-2023-52923 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: adapt set backend to use GC transaction API Use the GC transaction API to replace the old and buggy gc API. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Information Disclosure Linux Linux Kernel Red Hat Suse
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2025-21655 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: io_uring/eventfd: ensure io_eventfd_signal() defers another RCU period io_eventfd_do_signal() is invoked from an RCU callback, but. Rated medium severity (CVSS 4.7). This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Information Disclosure Memory Corruption Use After Free Linux
NVD
CVSS 3.1
4.7
EPSS
0.0%
CVE-2025-24014 MEDIUM PATCH Monitor

Vim is an open source, command line text editor. Rated medium severity (CVSS 4.2). This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption Buffer Overflow Vim Hci Compute Node Firmware Red Hat +1
NVD GitHub
CVSS 3.1
4.2
EPSS
0.1%
CVE-2024-13454 MEDIUM This Month

Weak encryption algorithm in Easy-RSA version 3.0.5 through 3.1.7 allows a local attacker to more easily bruteforce the private CA key when created using OpenSSL 3. Rated medium severity (CVSS 5.3), this vulnerability is low attack complexity. No vendor patch available.

OpenSSL Information Disclosure Easy Rsa Suse
NVD
CVSS 3.1
5.3
EPSS
0.0%
CVE-2025-23214 MEDIUM This Month

Cosmos provides users the ability self-host a home server by acting as a secure gateway to your application, as well as a server manager. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure
NVD GitHub
CVSS 4.0
6.9
EPSS
0.1%
CVE-2024-22349 MEDIUM Monitor

IBM DevOps Velocity 5.0.0 and IBM UrbanCode Velocity 4.0.0 through 4.0. Rated medium severity (CVSS 4.0), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

IBM Information Disclosure Devops Velocity Urbancode Velocity
NVD
CVSS 3.1
4.0
EPSS
0.0%
CVE-2024-22348 MEDIUM This Month

IBM DevOps Velocity 5.0.0 and IBM UrbanCode Velocity 4.0.0 through 4.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Cors Misconfiguration IBM Devops Velocity Urbancode Velocity
NVD
CVSS 3.1
5.3
EPSS
0.0%
CVE-2024-22347 MEDIUM This Month

IBM DevOps Velocity 5.0.0 and IBM UrbanCode Velocity 4.0.0 through 4.0. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

IBM Information Disclosure Devops Velocity Urbancode Velocity
NVD
CVSS 3.1
5.9
EPSS
0.0%
CVE-2025-23221 MEDIUM PATCH This Month

Fedify is a TypeScript library for building federated server apps powered by ActivityPub and other standards. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

SSRF Denial Of Service
NVD GitHub
CVSS 3.1
5.4
EPSS
0.1%
CVE-2025-24013 MEDIUM PATCH This Month

CodeIgniter is a PHP full-stack web framework. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure PHP Codeigniter
NVD GitHub
CVSS 3.1
5.3
EPSS
0.2%
CVE-2025-24010 MEDIUM POC PATCH This Week

Vite is a frontend tooling framework for javascript. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Vite Red Hat
NVD GitHub
CVSS 3.1
6.5
EPSS
0.1%
CVE-2025-23044 MEDIUM POC PATCH This Week

PwnDoc is a penetration test report generator. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, no authentication required. Public exploit code available.

CSRF Pwndoc
NVD GitHub
CVSS 3.1
6.8
EPSS
0.3%
CVE-2025-22620 MEDIUM PATCH This Month

gitoxide is an implementation of git written in Rust. Rated medium severity (CVSS 5.0), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Suse
NVD GitHub
CVSS 3.1
5.0
EPSS
0.9%
CVE-2025-22131 MEDIUM POC PATCH This Month

PhpSpreadsheet is a PHP library for reading and writing spreadsheet files. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

PHP XSS Phpspreadsheet
NVD GitHub
CVSS 4.0
5.1
EPSS
0.5%
CVE-2024-45647 MEDIUM This Month

IBM Security Verify Access 10.0.0 through 10.0.8 and IBM Security Verify Access Docker 10.0.0 through 10.0.8 could allow could an unverified user to change the password of an expired user without. Rated medium severity (CVSS 5.6), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Docker IBM Information Disclosure Security Verify Access Security Verify Access Docker
NVD
CVSS 3.1
5.6
EPSS
0.1%
CVE-2024-13176 MEDIUM PATCH Monitor

Issue summary: A timing side-channel which could potentially allow recovering the private key exists in the ECDSA signature computation. Rated medium severity (CVSS 4.1), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Red Hat Suse
NVD GitHub
CVSS 3.1
4.1
EPSS
0.1%
CVE-2025-0584 MEDIUM This Month

The a+HRD from aEnrich Technology has a Server-side Request Forgery, allowing unauthenticated remote attackers to exploit this vulnerability to probe internal network. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SSRF A Hrd
NVD
CVSS 3.1
5.3
EPSS
0.0%
CVE-2025-0582 MEDIUM POC This Month

A vulnerability classified as critical was found in itsourcecode Farm Management System up to 1.0. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

File Upload Authentication Bypass PHP Tailoring Management System
NVD GitHub VulDB
CVSS 4.0
5.1
EPSS
0.1%
CVE-2025-0581 MEDIUM POC This Month

A vulnerability classified as problematic has been found in CampCodes School Management Software 1.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS School Management Software
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.1%
CVE-2025-0580 MEDIUM This Month

A vulnerability was found in Shiprocket Module 3 on OpenCart. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Authentication Bypass PHP
NVD GitHub VulDB
CVSS 4.0
6.3
EPSS
0.1%
CVE-2025-0579 MEDIUM This Month

A vulnerability was found in Shiprocket Module 3/4 on OpenCart. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi PHP
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.1%
CVE-2025-0583 MEDIUM This Month

The a+HRD from aEnrich Technology has a Reflected Cross-site Scripting vulnerability, allowing unauthenticated remote attackers to execute arbitrary JavaScript codes in user's browser through. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS A Hrd
NVD
CVSS 3.1
6.1
EPSS
0.0%
CVE-2025-0578 MEDIUM This Month

A vulnerability was found in Facile Sistemas Cloud Apps up to 20250107. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS
NVD VulDB
CVSS 4.0
5.3
EPSS
0.1%
CVE-2025-0576 MEDIUM This Month

A vulnerability was found in Mobotix M15 4.3.4.83 and classified as problematic. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS
NVD VulDB
CVSS 4.0
6.9
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy