Skip to main content
CVE-2025-30351 LOW POC PATCH Monitor

Directus is a real-time API and App dashboard for managing SQL database content. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Information Disclosure Directus
NVD GitHub
CVSS 3.1
3.5
EPSS
0.2%
CVE-2024-12683 LOW POC Monitor

The Smart Maintenance Mode WordPress plugin before 1.5.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

WordPress XSS Smart Maintenance Mode
NVD WPScan
CVSS 3.1
3.5
EPSS
0.1%
CVE-2025-2528 LOW Monitor

Improper authorization in application password policy in Devolutions Remote Desktop Manager on Windows allows an authenticated user to use a configuration different from the one mandated by the. Rated low severity (CVSS 3.6). No vendor patch available.

Microsoft Authentication Bypass Remote Desktop Manager Windows
NVD
CVSS 3.1
3.6
EPSS
0.0%
CVE-2025-31160 LOW Monitor

atop through 2.11.0 allows local users to cause a denial of service (e.g., assertion failure and application exit) or possibly have unspecified other impact by running certain types of unprivileged. Rated low severity (CVSS 2.9), this vulnerability is no authentication required. No vendor patch available.

Denial Of Service
NVD GitHub
CVSS 3.1
2.9
EPSS
0.1%
CVE-2025-1911 LOW PATCH Monitor

The Product Import Export for WooCommerce - Import Export Product CSV Suite plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity.

WordPress Information Disclosure Product Import Export For Woocommerce PHP
NVD
CVSS 3.1
2.7
EPSS
0.3%
CVE-2025-20233 LOW Monitor

In the Splunk App for Lookup File Editing versions below 4.0.5, a script in the app used the `chmod` and `makedirs` Python functions in a way that resulted in overly broad read and execute. Rated low severity (CVSS 2.5). No vendor patch available.

Python Information Disclosure Splunk App For Lookup File Editing Splunk
NVD
CVSS 3.1
2.5
EPSS
0.0%
CVE-2025-2596 LOW Monitor

Session logout could be overwritten in Checkmk GmbH's Checkmk versions <2.3.0p30, <2.2.0p41, and 2.1.0p49 (EOL). Rated low severity (CVSS 2.3), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Checkmk
NVD
CVSS 4.0
2.3
EPSS
0.1%
CVE-2025-27609 LOW Monitor

Icinga Web 2 is an open source monitoring web interface, framework and command-line interface. Rated low severity (CVSS 1.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

XSS Icinga Web 2
NVD GitHub
CVSS 4.0
1.1
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy