Skip to main content
CVE-2024-54461 LOW Monitor

The file names constructed within file_selector are missing sanitization checks leaving them vulnerable to malicious document providers. Rated low severity (CVSS 2.1). No vendor patch available.

Information Disclosure File Selector Android Android
NVD GitHub
CVSS 4.0
2.1
EPSS
0.0%
CVE-2024-41140 HIGH This Month

Zohocorp ManageEngine Applications Manager versions 174000 and prior are vulnerable to the incorrect authorization in the update user function. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Manageengine Applications Manager
NVD
CVSS 3.1
8.1
EPSS
0.1%
CVE-2024-13561 MEDIUM This Month

The Target Video Easy Publish plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's brid_override_yt shortcode in all versions up to, and including, 3.8.3 due to. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

WordPress XSS
NVD
CVSS 3.1
6.4
EPSS
0.2%
CVE-2025-0762 HIGH PATCH This Month

Use after free in DevTools in Google Chrome prior to 132.0.6834.159 allowed a remote attacker to potentially exploit heap corruption via a crafted Chrome Extension. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Memory Corruption Use After Free Denial Of Service Chrome +1
NVD
CVSS 3.1
8.8
EPSS
0.4%
CVE-2025-0617 MEDIUM This Month

An attacker with access to an HX 10.0.0 and previous versions, may send specially-crafted data to the HX console. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Denial Of Service
NVD
CVSS 3.1
5.9
EPSS
0.7%
CVE-2024-57965 NONE PATCH

In axios before 1.7.8, lib/helpers/isURLSameOrigin.js does not use a URL object when determining an origin, and has a potentially unwanted setAttribute('href',href) call. Rated remotely exploitable, no authentication required.

Information Disclosure Axios
NVD GitHub
EPSS
0.1%
CVE-2024-7695 HIGH This Month

Multiple switches are affected by an out-of-bounds write vulnerability. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow
NVD
CVSS 4.0
8.7
EPSS
0.2%
CVE-2024-13696 HIGH This Month

The Flexible Wishlist for WooCommerce - Ecommerce Wishlist & Save for later plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘wishlist_name’ parameter in all versions up to,. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress XSS
NVD
CVSS 3.1
7.2
EPSS
1.1%
CVE-2025-0804 MEDIUM PATCH This Month

The ClickWhale - Link Manager, Link Shortener and Click Tracker for Affiliate Links & Link Pages plugin for WordPress is vulnerable to Stored Cross-Site Scripting via link titles in all versions up. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

WordPress XSS Clickwhale PHP
NVD
CVSS 3.1
6.4
EPSS
0.1%
CVE-2025-0806 MEDIUM POC This Week

A vulnerability was found in code-projects Job Recruitment 1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Job Recruitment
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.1%
CVE-2025-23362 MEDIUM This Month

The old versions of EXIF Viewer Classic contain a cross-site scripting vulnerability caused by improper handling of EXIF meta data. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS
NVD
CVSS 3.0
6.1
EPSS
0.0%
CVE-2025-0803 MEDIUM POC This Week

A vulnerability, which was classified as critical, has been found in Codezips Gym Management System 1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Gym Management System
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.1%
CVE-2025-0802 MEDIUM POC This Week

A vulnerability classified as critical was found in SourceCodester Best Employee Management System 1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure PHP Best Employee Management System
NVD GitHub VulDB
CVSS 4.0
6.9
EPSS
0.1%
CVE-2025-0800 MEDIUM POC This Month

A vulnerability classified as problematic has been found in SourceCodester Online Courseware 1.0. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Online Courseware
NVD VulDB
CVSS 4.0
5.1
EPSS
0.0%
CVE-2025-0798 CRITICAL POC Act Now

A vulnerability was found in MicroWorld eScan Antivirus 7.0.32 on Linux. Rated critical severity (CVSS 9.2), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Command Injection Escan Anti Virus
NVD GitHub VulDB
CVSS 4.0
9.2
EPSS
1.4%
CVE-2025-0797 MEDIUM POC Monitor

A vulnerability was found in MicroWorld eScan Antivirus 7.0.32 on Linux. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Escan Anti Virus
NVD GitHub VulDB
CVSS 4.0
4.8
EPSS
0.0%
CVE-2025-0795 MEDIUM POC This Month

A vulnerability was found in ESAFENET CDG V5. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Cdg
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.0%
CVE-2025-0794 MEDIUM POC This Month

A vulnerability was found in ESAFENET CDG V5 and classified as problematic. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Cdg
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.0%
CVE-2025-0793 MEDIUM POC This Month

A vulnerability has been found in ESAFENET CDG V5 and classified as critical. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Cdg
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.0%
CVE-2025-0792 MEDIUM POC This Month

A vulnerability, which was classified as critical, was found in ESAFENET CDG V5. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Cdg
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.1%
CVE-2025-0791 MEDIUM POC This Month

A vulnerability, which was classified as critical, has been found in ESAFENET CDG V5.jsp. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Cdg
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.0%
CVE-2025-0790 MEDIUM POC This Month

A vulnerability classified as problematic was found in ESAFENET CDG V5. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Cdg
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.1%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy