Skip to main content
CVE-2025-3549 LOW POC PATCH Monitor

A vulnerability, which was classified as critical, was found in Open Asset Import Library Assimp 5.4.3. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow
NVD GitHub VulDB
CVSS 4.0
1.9
EPSS
0.1%
CVE-2025-3548 LOW POC PATCH Monitor

A vulnerability, which was classified as critical, has been found in Open Asset Import Library Assimp up to 5.4.3.h of the component File Handler. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. Public exploit code available.

Buffer Overflow
NVD GitHub VulDB
CVSS 4.0
1.9
EPSS
0.1%
CVE-2023-27272 LOW Monitor

IBM Aspera Console 3.4.0 through 3.4.4 allows passwords to be reused when a new user logs into the system. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable. No vendor patch available.

Brute Force IBM Information Disclosure Aspera Console
NVD
CVSS 3.1
3.1
EPSS
0.2%
CVE-2025-2424 LOW PATCH Monitor

Mattermost versions 10.5.x <= 10.5.1, 9.11.x <= 9.11.9 fail to check if a file has been deleted when creating a bookmark which allows an attacker who knows the IDs of deleted files to obtain metadata. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable. No vendor patch available.

Authentication Bypass Mattermost Server
NVD
CVSS 3.1
3.1
EPSS
0.1%
CVE-2024-49709 LOW Monitor

Internet Starter, one of SoftCOM iKSORIS system modules, allows for setting an arbitrary session cookie value. Rated low severity (CVSS 2.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Session Fixation Iksoris
NVD
CVSS 4.0
2.3
EPSS
0.1%
CVE-2025-24859 LOW Monitor

A session management vulnerability exists in Apache Roller before version 6.1.5 where active user sessions are not properly invalidated after password changes. Rated low severity (CVSS 2.1), this vulnerability is remotely exploitable. No vendor patch available.

Apache Authentication Bypass Roller
NVD
CVSS 4.0
2.1
EPSS
0.1%
CVE-2025-30516 LOW Monitor

Mattermost Mobile Apps versions <=2.25.0 fail to terminate sessions during logout under certain conditions (e.g. Rated low severity (CVSS 2.0), this vulnerability is no authentication required. No vendor patch available.

Information Disclosure Mattermost Mobile
NVD
CVSS 3.1
2.0
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy