Skip to main content
CVE-2024-33504 MEDIUM This Month

A use of hard-coded cryptographic key to encrypt sensitive data vulnerability [CWE-321] in FortiManager 7.6.0 through 7.6.1, 7.4.0 through 7.4.5, 7.2.0 through 7.2.9, 7.0 all versions, 6.4 all. Rated medium severity (CVSS 4.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Fortimanager Fortimanager Cloud
NVD GitHub
CVSS 3.1
4.1
EPSS
0.0%
CVE-2024-54772 MEDIUM POC This Month

An issue was discovered in the Winbox service of MikroTik RouterOS long-term release v6.43.13 through v6.49.13 and stable v6.43 through v7.17.2. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Mikrotik Information Disclosure Routeros
NVD GitHub
CVSS 3.1
5.4
EPSS
4.9%
CVE-2024-57777 MEDIUM POC This Month

Directory Traversal vulnerability in Ianproxy v.0.1 and before allows a remote attacker to obtain sensitive information. Rated medium severity (CVSS 5.1), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Lanproxy
NVD GitHub
CVSS 3.1
5.1
EPSS
0.2%
CVE-2025-25526 MEDIUM This Month

Buffer overflow vulnerability in Mercury MIPC552W Camera v1.0 due to the lack of length verification, which is related to the configuration of the PPTP server. Rated medium severity (CVSS 5.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow
NVD GitHub
CVSS 3.1
5.1
EPSS
0.1%
CVE-2024-33659 MEDIUM This Month

AMI APTIOV contains a vulnerability in BIOS where an attacker may cause an Improper Input Validation by a local attacker. Rated medium severity (CVSS 5.7). No vendor patch available.

RCE Aptio V
NVD
CVSS 4.0
5.7
EPSS
0.1%
CVE-2025-0589 MEDIUM This Month

In affected versions of Octopus Deploy where customers are using Active Directory for authentication it was possible for an unauthenticated user to make an API request against two endpoints which. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Octopus Server
NVD
CVSS 4.0
6.9
EPSS
0.3%
CVE-2024-13544 MEDIUM POC Monitor

The Zarinpal Paid Download WordPress plugin through 2.3 does not properly validate uploaded files, allowing high privilege users such as admin to upload arbitrary files on the server even when they. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

WordPress File Upload Zarinpal Paid Download
NVD WPScan
CVSS 3.1
4.8
EPSS
0.0%
CVE-2025-1173 MEDIUM POC This Month

A vulnerability, which was classified as critical, was found in 1000 Projects Bookstore Management System 1.0. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Bookstore Management System
NVD GitHub VulDB
CVSS 4.0
5.1
EPSS
0.0%
CVE-2025-1172 MEDIUM POC This Month

A vulnerability, which was classified as critical, has been found in 1000 Projects Bookstore Management System 1.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Bookstore Management System
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.1%
CVE-2025-1171 MEDIUM POC This Month

A vulnerability classified as problematic was found in code-projects Real Estate Property Management System 1.0. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Real Estate Property Management System
NVD GitHub VulDB
CVSS 4.0
5.1
EPSS
0.3%
CVE-2025-1170 MEDIUM POC This Month

A vulnerability classified as problematic has been found in code-projects Real Estate Property Management System 1.0. Rated medium severity (CVSS 5.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Real Estate Property Management System
NVD GitHub VulDB
CVSS 4.0
5.1
EPSS
0.3%
CVE-2025-1166 MEDIUM POC This Month

A vulnerability has been found in SourceCodester Food Menu Manager 1.0 and classified as critical. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP Authentication Bypass File Upload Food Menu Manager
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.2%
CVE-2025-24870 MEDIUM This Month

SAP GUI for Windows & RFC service credentials are incorrectly stored in the memory of the program allowing an unauthenticated attacker to access information within systems, resulting in privilege. Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity. No vendor patch available.

Microsoft SAP Privilege Escalation Windows
NVD
CVSS 3.1
6.0
EPSS
0.0%
CVE-2025-23187 MEDIUM This Month

Due to missing authorization check in an RFC enabled function module in transaction SDCCN, an unauthenticated attacker could generate technical meta-data. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
5.3
EPSS
0.2%
CVE-2025-1164 MEDIUM POC Monitor

A vulnerability, which was classified as problematic, has been found in code-projects Police FIR Record Management System 1.0. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Police Fir Record Management System
NVD GitHub VulDB
CVSS 4.0
4.8
EPSS
0.1%
CVE-2025-1163 MEDIUM POC Monitor

A vulnerability classified as critical was found in code-projects Vehicle Parking Management System 1.0. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Vehicle Parking Management System
NVD GitHub VulDB
CVSS 4.0
4.8
EPSS
0.1%
Prev Page 3 of 3

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy