Skip to main content
CVE-2025-24134 MEDIUM This Month

An information disclosure issue was addressed with improved privacy controls. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure macOS
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2025-24118 HIGH This Month

The issue was addressed with improved memory handling. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity. Epss exploitation probability 27.0% and no vendor patch available.

Memory Corruption Buffer Overflow Apple Ipados macOS +1
NVD
CVSS 3.1
7.1
EPSS
27.0%
CVE-2025-24112 MEDIUM This Month

The issue was addressed with improved checks. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Denial Of Service macOS
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2025-24108 MEDIUM This Month

An access issue was addressed with additional sandbox restrictions. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Apple macOS
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2025-24102 CRITICAL This Week

The issue was addressed with improved checks. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Ipados macOS iOS
NVD
CVSS 3.1
9.8
EPSS
0.1%
CVE-2025-24101 MEDIUM This Month

This issue was addressed with improved redaction of sensitive information. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple macOS
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2025-24096 MEDIUM This Month

This issue was addressed through improved state management. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Apple macOS
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2025-24092 MEDIUM This Month

This issue was addressed with improved data protection. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Buffer Overflow Information Disclosure macOS
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2025-24087 MEDIUM This Month

The issue was addressed with additional permissions checks. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Apple macOS
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2024-54549 MEDIUM This Month

This issue was addressed with improved redaction of sensitive information. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Apple macOS
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2024-54536 MEDIUM This Month

The issue was addressed with improved validation of environment variables. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Apple macOS
NVD
CVSS 3.1
5.5
EPSS
0.1%
CVE-2024-37526 MEDIUM This Month

IBM Watson Query on Cloud Pak for Data (IBM Data Virtualization 1.8, 2.0, 2.1, 2.2, and 3.0.0) could allow an authenticated user to obtain sensitive information from objects published using Watson. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

IBM Information Disclosure Data Virtualization On Cloud Pak For Data Watson Query With Cloud Pak For Data
NVD
CVSS 3.1
6.5
EPSS
0.1%
CVE-2025-0753 MEDIUM POC This Week

A vulnerability classified as critical was found in Axiomatic Bento4 up to 1.6.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Bento4
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.6%
CVE-2025-0751 MEDIUM POC This Week

A vulnerability classified as critical has been found in Axiomatic Bento4 up to 1.6.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Bento4
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.5%
CVE-2024-48841 CRITICAL POC Act Now

Network access can be used to execute arbitrary code with elevated privileges. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Command Injection
NVD Exploit-DB
CVSS 4.0
10.0
EPSS
4.2%
CVE-2025-0734 MEDIUM This Month

A vulnerability has been found in y_project RuoYi up to 4.8.0 and classified as critical. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Deserialization Ruoyi
NVD GitHub VulDB
CVSS 4.0
5.1
EPSS
0.2%
CVE-2024-56972 MEDIUM This Month

An issue in Midea Group Co., Ltd Midea Home iOS 9.3.12 allows attackers to access sensitive user information via supplying a crafted link. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Open Redirect Apple iOS
NVD GitHub
CVSS 3.1
6.5
EPSS
0.3%
CVE-2024-56971 MEDIUM This Month

An issue in Zhiyuan Yuedu (Guangzhou) Literature Information Technology Co., Ltd Shuqi Novel iOS 5.3.8 allows attackers to access sensitive user information via supplying a crafted link. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Open Redirect Apple iOS
NVD GitHub
CVSS 3.1
6.5
EPSS
0.3%
CVE-2024-56969 MEDIUM This Month

An issue in Pixocial Technology (Singapore) Pte. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Open Redirect Apple iOS
NVD GitHub
CVSS 3.1
6.5
EPSS
0.3%
CVE-2024-56968 MEDIUM This Month

An issue in Shenzhen Intellirocks Tech Co. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Open Redirect Apple iOS
NVD GitHub
CVSS 3.1
6.5
EPSS
0.3%
CVE-2024-56967 MEDIUM This Month

An issue in Cloud Whale Interactive Technology LLC. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Open Redirect Apple iOS
NVD GitHub
CVSS 3.1
6.5
EPSS
0.3%
CVE-2024-56966 MEDIUM This Month

An issue in Shanghai Xuan Ting Entertainment Information & Technology Co., Ltd Qidian Reader iOS 5.9.384 allows attackers to access sensitive user information via supplying a crafted link. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Open Redirect Apple iOS
NVD GitHub
CVSS 3.1
6.5
EPSS
0.3%
CVE-2024-56965 MEDIUM This Month

An issue in Shanghai Shizhi Information Technology Co., Ltd Shihuo iOS 8.16.0 allows attackers to access sensitive user information via supplying a crafted link. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Open Redirect Apple iOS
NVD GitHub
CVSS 3.1
6.5
EPSS
0.3%
CVE-2024-56964 MEDIUM This Month

An issue in Che Hao Duo Used Automobile Agency (Beijing) Co., Ltd Guazi Used Car iOS 10.15.1 allows attackers to access sensitive user information via supplying a crafted link. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Open Redirect Apple iOS
NVD GitHub
CVSS 3.1
6.5
EPSS
0.3%
CVE-2024-56963 MEDIUM This Month

An issue in Beijing Sogou Technology Development Co., Ltd Sogou Input iOS 12.2.0 allows attackers to access sensitive user information via supplying a crafted link. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Open Redirect Apple iOS
NVD GitHub
CVSS 3.1
6.5
EPSS
0.3%
CVE-2024-56962 MEDIUM This Month

An issue in Tencent Technology (Shanghai) Co., Ltd WeSing iOS v9.3.39 allows attackers to access sensitive user information via supplying a crafted link. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Open Redirect Apple iOS
NVD GitHub
CVSS 3.1
6.5
EPSS
0.3%
CVE-2024-56960 MEDIUM This Month

An issue in Tianjin Xiaowu Information technology Co., Ltd BeiKe Holdings iOS 1.3.50 allows attackers to access sensitive user information via supplying a crafted link. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Open Redirect Apple iOS
NVD GitHub
CVSS 3.1
6.5
EPSS
0.3%
CVE-2024-56959 MEDIUM This Month

An issue in Mashang Consumer Finance Co., Ltd Anyihua iOS 3.6.2 allows attackers to access sensitive user information via supplying a crafted link. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Open Redirect Apple iOS
NVD GitHub
CVSS 3.1
6.5
EPSS
0.3%
CVE-2024-56957 MEDIUM This Month

An issue in Kingsoft Office Software Corporation Limited WPS Office iOS 12.20.0 allows attackers to access sensitive user information via supplying a crafted link. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Open Redirect Microsoft Apple iOS
NVD GitHub
CVSS 3.1
6.5
EPSS
0.3%
CVE-2024-56955 MEDIUM This Month

An issue in Tencent Technology (Shenzhen) Company Limited QQMail iOS 6.6.4 allows attackers to access sensitive user information via supplying a crafted link. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Open Redirect Apple iOS
NVD GitHub
CVSS 3.1
6.5
EPSS
0.3%
CVE-2024-56954 MEDIUM This Month

An issue in Beijing Baidu Netcom Science & Technology Co Ltd Haokan Video iOS 7.70.0 allows attackers to access sensitive user information via supplying a crafted link. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Open Redirect Apple iOS
NVD GitHub
CVSS 3.1
6.5
EPSS
0.3%
CVE-2024-56953 MEDIUM This Month

An issue in Baidu (China) Co Ltd Baidu Input Method (iOS version) v12.6.13 allows attackers to access user information via supplying a crafted link. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Open Redirect Apple iOS
NVD GitHub
CVSS 3.1
6.5
EPSS
0.3%
CVE-2024-56952 MEDIUM This Month

An issue in Beijing Baidu Netcom Science & Technology Co Ltd Baidu Lite app (iOS version) 6.40.0 allows attackers to access user information via supplying a crafted link. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Open Redirect Apple iOS
NVD GitHub
CVSS 3.1
6.5
EPSS
0.3%
CVE-2024-56951 MEDIUM This Month

An issue in Hangzhou Bobo Technology Co Ltd UU Game Booster iOS 10.6.13 allows attackers to access sensitive user information via supplying a crafted link. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Open Redirect Apple iOS
NVD GitHub
CVSS 3.1
6.5
EPSS
0.3%
CVE-2024-56950 MEDIUM This Month

An issue in KuGou Technology Co., Ltd KuGou Concept iOS 4.0.61 allows attackers to access sensitive user information via supplying a crafted link. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Open Redirect Apple iOS
NVD GitHub
CVSS 3.1
6.5
EPSS
0.3%
CVE-2024-56949 MEDIUM This Month

An issue in Guangzhou Polar Future Culture Technology Co., Ltd University Search iOS 2.27.0 allows attackers to access sensitive user information via supplying a crafted link. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Open Redirect Apple iOS
NVD GitHub
CVSS 3.1
6.5
EPSS
0.3%
CVE-2024-56948 MEDIUM This Month

An issue in KuGou Technology CO. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Open Redirect Apple iOS
NVD GitHub
CVSS 3.1
6.5
EPSS
0.3%
CVE-2024-56947 MEDIUM This Month

An issue in Xiamen Meitu Technology Co., Ltd. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Open Redirect Apple iOS
NVD GitHub
CVSS 3.1
6.5
EPSS
0.3%
CVE-2025-24368 MEDIUM POC PATCH This Week

Cacti is an open source performance and fault management framework. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

PHP SQLi Cacti Suse
NVD GitHub
CVSS 4.0
6.9
EPSS
0.1%
CVE-2025-24365 HIGH POC This Week

vaultwarden is an unofficial Bitwarden compatible server written in Rust, formerly known as bitwarden_rs. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Vaultwarden
NVD GitHub
CVSS 3.1
8.1
EPSS
0.5%
CVE-2025-24364 HIGH POC This Month

vaultwarden is an unofficial Bitwarden compatible server written in Rust, formerly known as bitwarden_rs. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

RCE Vaultwarden
NVD GitHub
CVSS 3.1
7.2
EPSS
0.9%
CVE-2025-24357 HIGH PATCH This Month

vLLM is a library for LLM inference and serving. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. This Deserialization of Untrusted Data vulnerability could allow attackers to execute arbitrary code through malicious serialized objects.

RCE Deserialization Vllm Red Hat
NVD GitHub
CVSS 3.1
7.5
EPSS
1.0%
CVE-2025-24356 MEDIUM PATCH This Month

fastd is a VPN daemon which tunnels IP packets and Ethernet frames over UDP. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Fastd
NVD GitHub
CVSS 4.0
6.9
EPSS
0.4%
CVE-2025-23197 MEDIUM This Month

matrix-hookshot is a Matrix bot for connecting to external services like GitHub, GitLab, JIRA, and more. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Gitlab Atlassian
NVD GitHub
CVSS 3.1
6.5
EPSS
0.6%
CVE-2025-0733 LOW Monitor

A vulnerability, which was classified as problematic, was found in Postman up to 11.20 on Windows. Rated low severity (CVSS 2.0). No vendor patch available.

Microsoft Information Disclosure Windows
NVD VulDB
CVSS 4.0
2.0
EPSS
0.2%
CVE-2025-0732 LOW Monitor

A vulnerability, which was classified as problematic, has been found in Discord up to 1.0.9177 on Windows. Rated low severity (CVSS 2.0). No vendor patch available.

Microsoft Information Disclosure Windows
NVD VulDB
CVSS 4.0
2.0
EPSS
0.2%
CVE-2024-26317 MEDIUM This Month

In illumos illumos-gate 2024-02-15, an error occurs in the elliptic curve point addition algorithm that uses mixed Jacobian-affine coordinates, causing the algorithm to yield a result of. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure
NVD GitHub
CVSS 3.1
6.1
EPSS
0.1%
CVE-2024-12740 HIGH This Month

Vision related software from NI used a third-party library for image processing that exposes several vulnerabilities. Rated high severity (CVSS 7.0), this vulnerability is low attack complexity. No vendor patch available.

RCE
NVD
CVSS 4.0
7.0
EPSS
0.0%
CVE-2025-22604 CRITICAL POC PATCH THREAT Act Now

Cacti versions prior to 1.2.29 contain an authenticated command injection through the SNMP result parser. By injecting malformed OIDs into SNMP responses, authenticated users can execute arbitrary system commands when the results are processed by the ss_net_snmp_disk_io() or ss_net_snmp_disk_bytes() functions.

Command Injection Cacti Suse
NVD GitHub
CVSS 3.1
9.1
EPSS
72.2%
CVE-2025-0730 MEDIUM POC This Month

A vulnerability classified as problematic has been found in TP-Link TL-SG108E 1.0.0 Build 20201208 Rel. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Information Disclosure TP-Link Tl Sg108E Firmware
NVD VulDB GitHub
CVSS 4.0
6.3
EPSS
0.5%
Prev Page 4 of 5 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy