Skip to main content
CVE-2025-24808 MEDIUM PATCH This Month

Discourse is an open-source discussion platform. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Race Condition Discourse
NVD GitHub
CVSS 3.1
4.3
EPSS
0.1%
CVE-2025-2276 MEDIUM This Month

The Ultimate Dashboard - Custom WordPress Dashboard plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the handle_module_actions function in. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

WordPress Authentication Bypass PHP
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2025-20230 MEDIUM This Month

In Splunk Enterprise versions below 9.4.1, 9.3.3, 9.2.5, and 9.1.8, and versions below 3.8.38 and 3.7.23 of the Splunk Secure Gateway app on Splunk Cloud Platform, a low-privileged user that does not. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Splunk Splunk Secure Gateway
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2025-30164 MEDIUM PATCH This Month

Icinga Web 2 is an open source monitoring web interface, framework and command-line interface. Rated medium severity (CVSS 4.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Open Redirect Icinga Web 2 Suse
NVD GitHub
CVSS 3.1
4.1
EPSS
0.1%
CVE-2025-27552 MEDIUM This Month

DBIx::Class::EncodedColumn use the rand() function, which is not cryptographically secure to salt password hashes. Rated medium severity (CVSS 4.0), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure
NVD
CVSS 3.1
4.0
EPSS
0.0%
CVE-2025-27551 MEDIUM This Month

DBIx::Class::EncodedColumn use the rand() function, which is not cryptographically secure to salt password hashes. Rated medium severity (CVSS 4.0), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure
NVD
CVSS 3.1
4.0
EPSS
0.0%
CVE-2025-20226 MEDIUM This Month

In Splunk Enterprise versions below 9.4.1, 9.3.3, 9.2.5, and 9.1.8 and Splunk Cloud Platform versions below 9.3.2408.107, 9.2.2406.111, and 9.1.2308.214, a low-privileged user that does not hold the. Rated medium severity (CVSS 5.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Splunk Splunk Cloud Platform
NVD
CVSS 3.1
5.7
EPSS
0.1%
CVE-2024-55963 MEDIUM POC THREAT This Week

An issue was discovered in Appsmith before 1.51. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 25.2%.

Authentication Bypass Denial Of Service Appsmith
NVD GitHub Exploit-DB
CVSS 3.1
6.5
EPSS
25.2%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy