Skip to main content
CVE-2025-20185 LOW Monitor

A vulnerability in the implementation of the remote access functionality of Cisco AsyncOS Software for Cisco Secure Email and Web Manager, Cisco Secure Email Gateway, and Cisco Secure Web Appliance. Rated low severity (CVSS 3.4), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Cisco Asyncos
NVD
CVSS 3.1
3.4
EPSS
0.0%
CVE-2025-23415 LOW Monitor

An insufficient verification of data authenticity vulnerability exists in BIG-IP APM Access Policy endpoint inspection that may allow an attacker to bypass endpoint inspection checks for VPN. Rated low severity (CVSS 2.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft Authentication Bypass Apple Big Ip Access Policy Manager Windows +1
NVD
CVSS 4.0
2.3
EPSS
0.1%
CVE-2024-9097 LOW Monitor

ManageEngine Endpoint Central versions before 11.3.2440.09 are vulnerable to IDOR vulnerability which allows the attacker to change the username in the chat. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Manageengine Endpoint Central
NVD
CVSS 3.1
3.5
EPSS
0.1%
CVE-2024-5528 LOW POC Monitor

An issue was discovered in GitLab CE/EE affecting all versions prior to 16.11.6, starting from 17.0 prior to 17.0.4, and starting from 17.1 prior to 17.1.2, which allows a subdomain takeover in. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Gitlab
NVD
CVSS 3.1
3.5
EPSS
0.1%
CVE-2025-0167 LOW POC Monitor

When asked to use a `.netrc` file for credentials **and** to follow HTTP redirects, curl could leak the password used for the first host to the followed-to host under certain circumstances. Rated low severity (CVSS 3.4), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Information Disclosure Curl Element Software Ontap Ontap Select Deploy Administration Utility +13
NVD
CVSS 3.1
3.4
EPSS
0.3%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy