Skip to main content
CVE-2025-1180 LOW POC Monitor

A vulnerability classified as problematic has been found in GNU Binutils 2.43. Rated low severity (CVSS 2.3), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Buffer Overflow Binutils
NVD VulDB
CVSS 4.0
2.3
EPSS
0.1%
CVE-2025-1182 LOW POC Monitor

A vulnerability, which was classified as critical, was found in GNU Binutils 2.43. Rated low severity (CVSS 2.3), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Buffer Overflow Binutils
NVD VulDB
CVSS 4.0
2.3
EPSS
0.1%
CVE-2025-1179 LOW POC Monitor

A vulnerability was found in GNU Binutils 2.43. Rated low severity (CVSS 2.3), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Buffer Overflow Binutils
NVD VulDB
CVSS 4.0
2.3
EPSS
0.1%
CVE-2024-51324 LOW Monitor

An issue in the BdApiUtil driver of Baidu Antivirus v5.2.3.116083 allows attackers to terminate arbitrary process via executing a BYOVD (Bring Your Own Vulnerable Driver) attack. Rated low severity (CVSS 3.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation
NVD GitHub
CVSS 3.1
3.8
EPSS
0.0%
CVE-2025-24430 LOW PATCH Monitor

Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability that could result in a. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Adobe Authentication Bypass Commerce Commerce B2b Magento
NVD
CVSS 3.1
3.7
EPSS
0.1%
CVE-2024-52606 LOW Monitor

SolarWinds Platform is affected by server-side request forgery vulnerability. Rated low severity (CVSS 3.5), this vulnerability is low attack complexity. No vendor patch available.

SSRF Solarwinds Platform
NVD
CVSS 3.1
3.5
EPSS
0.4%
CVE-2025-24429 LOW PATCH Monitor

Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Adobe Authentication Bypass Commerce Commerce B2b Magento
NVD
CVSS 3.1
3.5
EPSS
0.2%
CVE-2024-52611 LOW Monitor

The SolarWinds Platform is vulnerable to an information disclosure vulnerability through an error message. Rated low severity (CVSS 3.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Solarwinds Platform
NVD
CVSS 3.1
3.5
EPSS
0.1%
CVE-2024-12548 LOW Monitor

Tungsten Automation Power PDF JP2 File Parsing Use-After-Free Information Disclosure Vulnerability. Rated low severity (CVSS 3.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free Memory Corruption Information Disclosure RCE Power Pdf
NVD
CVSS 3.1
3.3
EPSS
0.1%
CVE-2025-21337 LOW PATCH Monitor

Windows NTFS Elevation of Privilege Vulnerability. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity.

Microsoft Authentication Bypass Windows 10 1507 Windows 10 1607 Windows 10 1809 +13
NVD
CVSS 3.1
3.3
EPSS
0.1%
CVE-2023-31331 LOW Monitor

Improper access control in the DRTM firmware could allow a privileged attacker to perform multiple driver initializations, resulting in stack memory corruption that could potentially lead to loss of. Rated low severity (CVSS 3.0). No vendor patch available.

Buffer Overflow
NVD
CVSS 3.1
3.0
EPSS
0.1%
CVE-2025-1211 LOW Monitor

Versions of the package hackney before 1.21.0 are vulnerable to Server-side Request Forgery (SSRF) due to improper parsing of URLs by URI built-in module and hackey. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SSRF
NVD GitHub
CVSS 4.0
2.9
EPSS
0.0%
CVE-2023-20581 LOW Monitor

Improper access control in the IOMMU may allow a privileged attacker to bypass RMP checks, potentially leading to a loss of guest memory integrity. Rated low severity (CVSS 2.5). No vendor patch available.

Authentication Bypass
NVD
CVSS 3.1
2.5
EPSS
0.0%
CVE-2025-0525 LOW Monitor

In affected versions of Octopus Server the preview import feature could be leveraged to identify the existence of a target file. Rated low severity (CVSS 2.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Octopus Server
NVD
CVSS 4.0
2.3
EPSS
0.2%
CVE-2025-0526 LOW Monitor

In affected versions of Octopus Deploy it was possible to upload files to unexpected locations on the host using an API endpoint. Rated low severity (CVSS 2.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Octopus Server
NVD
CVSS 4.0
2.3
EPSS
0.1%
CVE-2023-20507 LOW Monitor

An integer overflow in the ASP could allow a privileged attacker to perform an out-of-bounds write, potentially resulting in loss of data integrity. Rated low severity (CVSS 2.3), this vulnerability is low attack complexity. No vendor patch available.

Integer Overflow Buffer Overflow
NVD
CVSS 3.1
2.3
EPSS
0.1%
CVE-2024-52966 LOW Monitor

An exposure of sensitive information to an unauthorized actor in Fortinet FortiAnalyzer 6.4.0 through 7.6.0 allows attacker to cause information disclosure via filter manipulation. Rated low severity (CVSS 2.3), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Fortinet Fortianalyzer
NVD
CVSS 3.1
2.3
EPSS
0.0%
CVE-2024-27780 LOW Monitor

Multiple Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerabilities [CWE-79] in FortiSIEM 7.1 all versions, 7.0 all versions, 6.7 all versions incident page. Rated low severity (CVSS 2.2). No vendor patch available.

XSS Fortisiem
NVD
CVSS 3.1
2.2
EPSS
0.2%
CVE-2025-0513 LOW Monitor

In affected versions of Octopus Server error messages were handled unsafely on the error page. Rated low severity (CVSS 1.8), this vulnerability is remotely exploitable. No vendor patch available.

XSS Octopus Server
NVD
CVSS 4.0
1.8
EPSS
0.1%
CVE-2025-24432 LOW PATCH Monitor

Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability that could result in a. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Adobe Authentication Bypass Commerce Commerce B2b Magento
NVD
CVSS 3.1
3.7
EPSS
0.1%
CVE-2025-1181 LOW POC Monitor

A vulnerability classified as critical was found in GNU Binutils 2.43. Rated low severity (CVSS 2.3), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.

Buffer Overflow Binutils Active Iq Unified Manager Ontap Select Deploy Administration Utility
NVD VulDB
CVSS 4.0
2.3
EPSS
0.1%
CVE-2025-1176 LOW POC PATCH Monitor

A vulnerability was found in GNU Binutils 2.43 and classified as critical.c of the component ld. Rated low severity (CVSS 2.3), this vulnerability is remotely exploitable, no authentication required. Public exploit code available.

Buffer Overflow Binutils
NVD VulDB
CVSS 4.0
2.3
EPSS
0.2%
CVE-2025-23191 LOW Monitor

Cached values belonging to the SAP OData endpoint in SAP Fiori for SAP ERP could be poisoned by modifying the Host header value in an HTTP GET request. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable. No vendor patch available.

SAP Information Disclosure
NVD
CVSS 3.1
3.1
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy