Skip to main content
CVE-2024-54488 MEDIUM This Month

A logic issue was addressed with improved file handling. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Apple
NVD VulDB
CVSS 3.1
5.3
EPSS
0.2%
CVE-2025-24628 MEDIUM This Month

Authentication Bypass by Spoofing vulnerability in BestWebSoft Google Captcha allows Identity Spoofing.78. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Authentication Bypass
NVD
CVSS 3.1
5.3
EPSS
0.1%
CVE-2024-54518 MEDIUM This Month

The issue was addressed with improved bounds checks. Rated medium severity (CVSS 5.3), this vulnerability is low attack complexity. No vendor patch available.

Apple Buffer Overflow Information Disclosure
NVD VulDB
CVSS 3.1
5.3
EPSS
0.1%
CVE-2025-24741 MEDIUM This Month

URL Redirection to Untrusted Site ('Open Redirect') vulnerability in KB Support KB Support.6.7. Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Open Redirect
NVD
CVSS 3.1
4.7
EPSS
0.2%
CVE-2025-24740 MEDIUM This Month

URL Redirection to Untrusted Site ('Open Redirect') vulnerability in ThimPress LearnPress.2.7.1. Rated medium severity (CVSS 4.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Open Redirect
NVD
CVSS 3.1
4.7
EPSS
0.2%
CVE-2025-24094 MEDIUM This Month

A race condition was addressed with additional validation. Rated medium severity (CVSS 4.7). No vendor patch available.

Information Disclosure Race Condition Apple
NVD VulDB
CVSS 3.1
4.7
EPSS
0.0%
CVE-2025-24136 MEDIUM This Month

This issue was addressed with improved validation of symlinks. Rated medium severity (CVSS 4.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple
NVD
CVSS 3.1
4.4
EPSS
0.0%
CVE-2025-24116 MEDIUM This Month

An access issue was addressed with additional sandbox restrictions. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Apple
NVD VulDB
CVSS 3.1
4.4
EPSS
0.0%
CVE-2025-24742 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in WP Go Maps (formerly WP Google Maps) WP Go Maps.0.40. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google CSRF
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2025-24744 MEDIUM This Month

Missing Authorization vulnerability in NotFound Bridge Core.3. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2025-24603 MEDIUM This Month

Missing Authorization vulnerability in UkrSolution Print Barcode Labels for your WooCommerce products/orders.4.10. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass WordPress
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2025-24754 MEDIUM This Month

Missing Authorization vulnerability in Houzez.co Houzez.4.0. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2025-24584 MEDIUM This Month

Missing Authorization vulnerability in BdThemes Ultimate Store Kit Elementor Addons allows Exploiting Incorrectly Configured Access Control Security Levels.3.0. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2025-24540 MEDIUM This Month

Cross-Site Request Forgery (CSRF) vulnerability in SeedProd Coming Soon Page, Under Construction & Maintenance Mode by SeedProd allows Cross Site Request Forgery.18.9. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2025-24160 MEDIUM This Month

The issue was addressed with improved checks. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2025-24743 MEDIUM This Month

Missing Authorization vulnerability in Rometheme RomethemeKit For Elementor.5.2. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2025-24653 MEDIUM This Month

Missing Authorization vulnerability in NotFound Admin and Site Enhancements (ASE) Pro allows Exploiting Incorrectly Configured Access Control Security Levels.6.1.1. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2025-24113 MEDIUM This Month

The issue was addressed with improved UI. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple
NVD VulDB
CVSS 3.1
4.3
EPSS
0.1%
CVE-2025-24128 MEDIUM This Month

The issue was addressed by adding additional logic. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2023-47159 MEDIUM This Month

IBM Sterling File Gateway 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.1 could allow an authenticated user to enumerate usernames due to an observable discrepancy in request responses. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM Information Disclosure Sterling File Gateway
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2024-54550 MEDIUM This Month

This issue was addressed with improved redaction of sensitive information. Rated medium severity (CVSS 4.0), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure
NVD VulDB
CVSS 3.1
4.0
EPSS
0.1%
CVE-2024-56178 MEDIUM This Month

An issue was discovered in Couchbase Server 7.6.x through 7.6.3. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Couchbase Server
NVD
CVSS 3.1
6.5
EPSS
0.2%
CVE-2024-54728 MEDIUM This Month

Incorrect access control in BYD QIN PLUS DM-i Dilink OS 3.0_13.1.7.2204050.1 allows unauthorized attackers to access system logcat logs. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Open Redirect
NVD GitHub
CVSS 3.1
6.5
EPSS
0.2%
CVE-2024-48662 MEDIUM This Month

Cross Site Scripting vulnerability in AdGuard Application v.7.18.1 (4778) and before allows an attacker to execute arbitrary code via a crafted payload to the fontMatrix component. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE XSS
NVD GitHub
CVSS 3.1
6.1
EPSS
0.3%
CVE-2025-24153 MEDIUM This Month

A buffer overflow issue was addressed with improved memory handling. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

RCE Buffer Overflow Apple macOS
NVD
CVSS 3.1
6.7
EPSS
0.1%
CVE-2025-24152 MEDIUM This Month

The issue was addressed with improved memory handling. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Apple macOS
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2025-24140 MEDIUM This Month

This issue was addressed through improved state management. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Apple macOS
NVD
CVSS 3.1
5.3
EPSS
0.1%
CVE-2025-24134 MEDIUM This Month

An information disclosure issue was addressed with improved privacy controls. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure macOS
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2025-24112 MEDIUM This Month

The issue was addressed with improved checks. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Denial Of Service macOS
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2025-24108 MEDIUM This Month

An access issue was addressed with additional sandbox restrictions. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Apple macOS
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2025-24101 MEDIUM This Month

This issue was addressed with improved redaction of sensitive information. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple macOS
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2025-24096 MEDIUM This Month

This issue was addressed through improved state management. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Apple macOS
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2025-24092 MEDIUM This Month

This issue was addressed with improved data protection. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Buffer Overflow Information Disclosure macOS
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2025-24087 MEDIUM This Month

The issue was addressed with additional permissions checks. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Apple macOS
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2024-54549 MEDIUM This Month

This issue was addressed with improved redaction of sensitive information. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Apple macOS
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2024-54536 MEDIUM This Month

The issue was addressed with improved validation of environment variables. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Apple macOS
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2024-37526 MEDIUM This Month

IBM Watson Query on Cloud Pak for Data (IBM Data Virtualization 1.8, 2.0, 2.1, 2.2, and 3.0.0) could allow an authenticated user to obtain sensitive information from objects published using Watson. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM Information Disclosure Data Virtualization On Cloud Pak For Data Watson Query With Cloud Pak For Data
NVD
CVSS 3.1
6.5
EPSS
0.1%
CVE-2025-0753 MEDIUM POC This Week

A vulnerability classified as critical was found in Axiomatic Bento4 up to 1.6.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Bento4
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.6%
CVE-2025-0751 MEDIUM POC This Week

A vulnerability classified as critical has been found in Axiomatic Bento4 up to 1.6.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Bento4
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.5%
CVE-2025-0734 MEDIUM This Month

A vulnerability has been found in y_project RuoYi up to 4.8.0 and classified as critical. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Deserialization Ruoyi
NVD GitHub VulDB
CVSS 4.0
5.1
EPSS
0.2%
CVE-2024-56972 MEDIUM This Month

An issue in Midea Group Co., Ltd Midea Home iOS 9.3.12 allows attackers to access sensitive user information via supplying a crafted link. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Open Redirect Apple iOS
NVD GitHub
CVSS 3.1
6.5
EPSS
0.3%
CVE-2024-56971 MEDIUM This Month

An issue in Zhiyuan Yuedu (Guangzhou) Literature Information Technology Co., Ltd Shuqi Novel iOS 5.3.8 allows attackers to access sensitive user information via supplying a crafted link. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Open Redirect Apple iOS
NVD GitHub
CVSS 3.1
6.5
EPSS
0.3%
CVE-2024-56969 MEDIUM This Month

An issue in Pixocial Technology (Singapore) Pte. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Open Redirect Apple iOS
NVD GitHub
CVSS 3.1
6.5
EPSS
0.3%
CVE-2024-56968 MEDIUM This Month

An issue in Shenzhen Intellirocks Tech Co. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Open Redirect Apple iOS
NVD GitHub
CVSS 3.1
6.5
EPSS
0.3%
CVE-2024-56967 MEDIUM This Month

An issue in Cloud Whale Interactive Technology LLC. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Open Redirect Apple iOS
NVD GitHub
CVSS 3.1
6.5
EPSS
0.3%
CVE-2024-56966 MEDIUM This Month

An issue in Shanghai Xuan Ting Entertainment Information & Technology Co., Ltd Qidian Reader iOS 5.9.384 allows attackers to access sensitive user information via supplying a crafted link. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Open Redirect Apple iOS
NVD GitHub
CVSS 3.1
6.5
EPSS
0.3%
CVE-2024-56965 MEDIUM This Month

An issue in Shanghai Shizhi Information Technology Co., Ltd Shihuo iOS 8.16.0 allows attackers to access sensitive user information via supplying a crafted link. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Open Redirect Apple iOS
NVD GitHub
CVSS 3.1
6.5
EPSS
0.3%
CVE-2024-56964 MEDIUM This Month

An issue in Che Hao Duo Used Automobile Agency (Beijing) Co., Ltd Guazi Used Car iOS 10.15.1 allows attackers to access sensitive user information via supplying a crafted link. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Open Redirect Apple iOS
NVD GitHub
CVSS 3.1
6.5
EPSS
0.3%
CVE-2024-56963 MEDIUM This Month

An issue in Beijing Sogou Technology Development Co., Ltd Sogou Input iOS 12.2.0 allows attackers to access sensitive user information via supplying a crafted link. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Open Redirect Apple iOS
NVD GitHub
CVSS 3.1
6.5
EPSS
0.3%
CVE-2024-56962 MEDIUM This Month

An issue in Tencent Technology (Shanghai) Co., Ltd WeSing iOS v9.3.39 allows attackers to access sensitive user information via supplying a crafted link. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Open Redirect Apple iOS
NVD GitHub
CVSS 3.1
6.5
EPSS
0.3%
Prev Page 2 of 3 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy